The German data protection authority, known as the Bavarian State Office for Data Protection Supervision (BayLDA), has taken corrective action against World, formerly known as Worldcoin, for its handling of biometric data.
The BayLDA announced on December 19 that it has concluded its investigation into World's compliance with the European Union's General Data Protection Regulation (GDPR).
The authority has ordered World to implement a GDPR-compliant data deletion procedure within one month of the ruling coming into force.
Subscribe to our Telegram channel to get weekly short digests about events that shape the crypto world
In response, the World Foundation has appealed the decision and sought judicial clarity on whether World Network's Privacy Enhancing Technologies (PETs) meet the EU legal definition for anonymization.
Chief Legal and Privacy Officer at Tools for Humanity, Damien Kieren, said:
“Data anonymization, not just data deletion, is essential for enabling people to verify themselves as human online while remaining completely private. Without a clear definition around anonymization, however, we lose perhaps our most powerful tool in the fight to protect privacy in the age of AI. The breakthrough multi-party computation setup implemented by World Foundation makes it effectively impossible to link anonymized data back to an individual. We believe strongly that this kind of effective anonymization should be the standard. If what’s required, however, is true technical anonymization, or absolute certainty that anonymized data cannot be linked back to a person even in purely theoretical situations, that would render anonymization impossible and instead incentivize companies to continue storing personal data in an identifiable form.”