The French data regulator CNIL this week conducted searches at the regional Worldcoin office, which is located in Paris.
The media reported that in July, the watchdog expressed concern about the company’s practices regarding the collection and storage of biometric data of users. The regulator stated that the methodology of the firm’s activities is questionable from the point of view of its compliance with the norms and provisions of the EU General Data Protection Regulation (GDPR).
The Worldcoin Foundation, an organization based in the Cayman Islands, told reporters that it was ready to take any opportunity to answer questions that relate to the company’s goals and the technologies it uses.
The accusation of ignoring GDPR norms is not the only complaint against the firm. The company has also faced negative criticism of one of the provisions of its corporate policy, which stipulates that users must scan their iris in exchange for obtaining a digital identity card. In some countries, this condition is mandatory for obtaining certain digital currencies.
The Worldcoin website contains information that over the past two years, more than 2.1 million people have subscribed to the service as part of the trial version.
A CNIL representative said that the investigation into the company is part of a large-scale effort aimed at ensuring that firms comply with data protection rules throughout Europe. The French regulator adheres to the position that the legality of the personal information collection program used by Worldcoin seems doubtful. The watchdog also has complaints about the conditions for storing biometric data.
The efforts of the French regulator are supported by the Bavarian Data Protection Authority, which works in tandem with CNL. The German regulator is involved in an investigation into Worldcoin. The participation of watchdogs from several countries makes the process of determining the degree of legality of corporate policies related to personal data more significant and is a signal that consideration of such aspects of firms’ activities is a matter of particular importance and will not remain out of sight of the authorities.
According to media reports, Worldcoin is confident that this investigation will not become an event with large-scale negative consequences for him. The company expects to overcome the current difficulties through stricter compliance with GDPR. The firm’s statement provided to the media indicates that Worldcoin takes its responsibility to users and to the industry as a whole seriously. The company also stressed that security is one of the main components of its mission concept.
This investigation confirms that the EU authorities define the protection of personal data as a matter of paramount importance and are ready to take measures against those who ignore the norms of activity in this area.
As we have reported earlier, Argentinian Regulator Investigates Worldcoin.