Iris-scanning crypto project Worldcoin ordered to delete all collected data
German authorities claim company failed to implement necessary security measures for handling biometric data
Worldcoin, the company that offers cryptocurrency in exchange for iris scans, has been ordered to delete all data collected in Spain.
The order comes from the Bavarian Data Protection Authority (BayLDA), as the company's European headquarters are based in Germany.
The authority found that Worldcoin had failed to implement the necessary security measures for handling biometric data.
The decision requires that iris data be collected in the future only with the "explicit consent" of individuals, a practice that the authority believes was not properly followed initially.
Worldcoin made headlines in February this year when large crowds, particularly in Barcelona, lined up to have their eyes scanned in exchange for cryptocurrency.
According to some reports, more than 300,000 people in Spain, many of them young, had their irises scanned, prompting swift action by Spanish authorities.
In March, the Spanish Data Protection Agency (AEPD) ordered the company to cease operations in Spain due to privacy concerns.
Worldcoin, which recently rebranded as World, maintains that its product is "anonymous by design" and plans to appeal the BayLDA's decision.
The company argues that it has made improvements over the past year that BayLDA did not take into account.
World also criticizes that there is no "clear and consistent definition of anonymization in the EU that will help protect personal data in the age of AI."
“The breakthrough multi-party computation setup implemented by World Foundation makes it effectively impossible to link anonymized data back to an individual. We believe strongly that this kind of effective anonymization should be the standard," said Damien Kieran, Chief Legal and Privacy Officer at TFH.