Sections
Highlight
A small display in Malaga's Vialia shopping centre at the beginning of 2024 attracted a lot of attention because of the novelty of the idea. A sign said, "A photo of the iris of your eye in exchange for virtual money or cryptocurrencies".
Behind it was the company Worldcoin, owned by Sam Altman, the CEO of OpenAI, the company that created ChatGPT. The aim was to collect data on people by taking images of the iris of their eye in exchange for 'tokens' or Worldcoin currency that the user could then spend on digital purchases or exchange for cash if they were part of the project.
Hundreds of Malaga residents, mostly young people, passed in front of Worldcoin's cameras in Malaga during the last Christmas holidays. The aim of the company, now called World, is to create a universal digital passport, a World ID, which would unequivocally identify every human being, hence the importance of collecting biometric data from people using their irises. But this innovative practice was a breach of European data protection policies and now, months later, all the data collected in Malaga and in many other European cities (around 400,000 people in Spain) will have to be permanently deleted.
In March this year, the Spanish data protection agency (AEPD) ordered the "precautionary" cessation of Worldcoin in Spain and demanded the immediate cessation of the company's collection of biometric data. Now, Europe is going one step further. The data protection authority of Germany's Bavaria, the equivalent of the Spanish data protection agency, has confirmed that the company did not implement adequate measures to prevent the processing of minors' data and has demanded that Worldcoin delete all iris data stored in its European campaign as a precautionary measure. It has also ordered the company to ensure that, in the future, the collection of biometric data includes the user's right to have their data deleted.
As the AEPD explained, the resolution of the Bavarian data protection authority - the company in Europe has its main offices in Germany - has ordered the deletion of all iris codes stored since the beginning of the project, stored without the necessary security measures for the processing of biometric data. "The completion of this procedure means the ratification of the precautionary measure imposed by the agency in March this year to prevent it from continuing to process personal data in Spain," the AEPD said.
The former Worldcoin, now called World, maintains that the iris codes collected in that campaign have already been deleted. "In its statement, the Bavarian data protection authority (BayLDA) pointed out how World has improved its data protection concepts several times," the company has said.
The company claims, in a response sent to SUR, that a new data system has been implemented whereby all personal data used to create a World ID is stored only on the person's device and is not retained by World or any third party. "The iris codes used to verify a person's World ID are no longer stored, and previously collected iris codes were voluntarily deleted to ensure that no personal data is retained to operate World ID".
The company believes that the Bavarian data protection authority's investigation largely relates to outdated operations that have already been remedied. "World will continue to operate and expand its services in the EU and around the world with plans to expand into more European markets by 2025 to enable all those who wish to do so the ability to verify their profile online privately and anonymously," it concluded.
Publicidad
Publicidad
Publicidad
Publicidad
Sigues a Enrique Miranda. Gestiona tus autores en Mis intereses.
Contenido guardado. Encuéntralo en tu área personal.
Reporta un error en esta noticia
Necesitas ser suscriptor para poder votar.