Trust can be achieved through regulation, having a landscape with clear rules is positive for the Blockchain ecosystem. In the community we have witnessed how users have lost large sums of money. Ignorance, misinformation and lack of clarity in the rules create the ideal context for people or organizations with hidden intentions to take advantage of the situation. Analyzing better, what if an organization accesses unique data for each person? How would they guarantee their safety? What use will they give to that information? Due to these questions, it is appropriate to discuss Worldcoin’s doubts with the data protection regulators of some countries.
What is Worldcoin?
On its official website, it says that it is a digital currency developed with the purpose of creating a globally inclusive financial and identity network, and also indicates that it consists of a digital identity network (World ID) that preserves privacy and is based on proof Of personality.
Through the so-called proof of personality, they seek to verify that the people who register are unique, eliminating the possibility of having more than one account and this is achieved by registering biometric data, especially the iris and facial scanning, through a device called Orb, which scans the iris and indicates whether the person is a new user or already registered.
It is proposed as a system in which people register by scanning their iris, so that they have a digital identity to differentiate themselves from artificial intelligence and in turn the user is rewarded with Worldcoin (WLD) upon completing their registration.
What has caused alarm among regulators?
Which worries regulators is the treatment given to the data, given that its collection always has risks, the main ones being:
Data theft.
Hackers are always looking for sensitive databases to infiltrate and steal, this would be no exception, biometric data can be used to encrypt important accesses, they are very precious targets for a hacker and if they access this data it can be catastrophic for the victims, taking into account that, biometric data cannot be changed like a password or credit card number. In fact, the same company behind the project had already accepted the possibility that there were flaws in the system and later the company Certik notified them about a security breach in which a third party could access the Orb (hardware in charge of collecting data), the problem has already been solved, but, it is unknown if anyone was able to take advantage of it.
Data traffic.
Currently, information is a very lucrative currency; some companies sell information about our behavior, spending patterns, etc. In the case of Worldcoin it would be even more dangerous because the biometric data cannot be modified nor can the iris be deleted, it is data that is intrinsically linked to individuals. Such data, if it falls into the wrong hands, could be used to track and profile people with more precision than any other data could achieve.
Although they assure, in their terms and conditions, that the data will be maintained by them and will not be sold, it is also true that said terms and conditions are subject to future changes. Another possibility is that the company is sold and that the new authorities establish new rules. When data is such a valuable asset, you have to take care of where it is loaded.
Improper use of collected data.
There are various uses that can be given to the data, one of them could be feeding an artificial intelligence database, which could lead to the development of very invasive surveillance systems, which if they manage to access bank details, addresses, etc; The outlook is even worse.
The problem with handing over this data is that once it is not in our domain, it is difficult to control how it is used.
The Worldcoin phenomenon is investigated for some jurisdictions.
The Worldcoin case has caused a lot of commotion, setting off alarm bells in countries like France, Spain, Argentina and Germany. Hong Kong also started investigations and more extreme cases like Kenya, which directly banned it. The entities that regulate the use of data in the aforementioned countries agree on the criterion of doubting the reasons that move this company to collect this data, keeping the authorities on constant alert, both due to the number of people has registered in its system (around 3 million users), as well as the use they are going to give to the information.
Definitely, it is a fear based on the safety of users, even though the company states that personal information such as names, addresses, etc. Is not collected, the information provided by facial scanning and iris scanning provides important information to its base. Of data, to the point that it is valid to question whether it is legal for an identification system like this to be administered by a private company, since identity is, in almost all jurisdictions, the responsibility of the State.
Conclusion.
The main problem with this new cryptocurrency and the World ID is the use they will give to the data. Most ecosystem projects are based on the trust that the people who promote the system manage to transmit, however, this time it plays a more important role, because it is not about private keys, a password, an alphanumeric address or anything else. That when they are compromised they can be modified, on the contrary biometric data accompanies us immutably throughout our lives.
Regarding regulation, most countries are evaluating the idea of a private company managing autonomously. Without its supervision or intervention, the identity of people, since this is the responsibility of the State, is specifically tied to the territory, a characteristic that completely dilutes the World ID project, by giving a digital identification to a person at a global level. The idea that regulatory entities review in detail the company’s technological management in terms of privacy is not unreasonable, since it represents a significant risk to the people.
Technology brings with it as many benefits as dangers, it is the task of each user to do their own research to understand the risks before making any investment or, in this case, handing over their data, and this is the invitation with these lines, doubt no matter how attractive what the offer may look like.
