UK Privacy Regulator ‘Making Enquiries’ Into Sam Altman’s Worldcoin Amid Token Launch

A British regulator has sounded the alarm over Worldcoin, amid fears about the biometric data that the controversial crypto project is gathering.

The Information Commissioner’s Office (ICO), which champions privacy for individuals, has told Decrypt that organizations need to conduct a Data Protection Impact Assessment before beginning to process “high risk” data—a key component of Worldcoin’s operations.

Co-founded by AI wunderkind Sam Altman, the crypto project is aiming to offer digital passports to millions of people by scanning their irises—and on Monday, Ethereum co-founder Vitalik Buterin raised fears that this could expose someone’s sex, ethnicity, and even certain medical conditions.

The ICO went on to warn that Worldcoin’s activities needed to be consensual and freely given—with those undergoing a scan also able to withdraw from the project without detriment.

“We note the launch of Worldcoin in the U.K. and will be making enquiries,” an ICO spokesperson said in a statement emailed to Decrypt.

It’s worth noting that the ICO has teeth in the event of serious data breaches. The regulator can issue fines of up to £17.5m ($22.5m) or 4% of a company’s global turnover—whichever is higher. And back in April, it imposed a £12.7m ($16.3m) fine on TikTok amid allegations that the social network misused children’s data.

Despite the watchdog’s ongoing enquiries, Worldcoin is continuing with its rollout in Britain.

Orbs, the hardware devices that scan a user’s eye in exchange for a World ID, have now been installed in three London locations. Given the U.K. has a population of 67.3 million people—58 million of them outside the capital—adoption is unlikely to be rapid.

Worldcoin is yet to respond to Decrypt‘s request for comment—but on its website, the project insists it is “fully compliant with all laws and regulations governing biometric data collection and transfer, including Europe’s General Data Protection Regulation (GDPR).”

To complicate matters further, GDPR technically no longer applies to the UK following Brexit.

However, the framework has mostly been retained in domestic laws—meaning the country has the independence to keep it under review.

Stay on top of crypto news, get daily updates in your inbox.

Source: https://decrypt.co/149943/uk-privacy-regulator-making-enquiries-sam-altmans-worldcoin-token-launch