Worldcoin, a company operating in Hong Kong, has been found to be in violation of the region’s “privacy ordinance” by the Hong Kong Office of the Privacy Commissioner for Personal Data (PCPD). Privacy Commissioner Chung Liling has issued an enforcement notice demanding that Worldcoin cease collecting data from Hong Kong residents.
The investigation conducted by the PCPD revealed that Worldcoin’s data collection methods were excessive and unnecessary. The retention period for personal data, which is used to train the company’s artificial intelligence model for identity verification, was deemed to be excessively long. The PCPD stated that personal data would be retained for up to 10 years, which they considered to be unreasonable.
Furthermore, the probe found that residents who participated in Worldcoin’s iris scanning activities were not adequately informed about their legal rights and the regulations surrounding the use and correction of personal data. The PCPD also accused Worldcoin of failing to provide its privacy statement and biometric data consent form in the local language.
The regulator also criticized the competence of Worldcoin staff at various data collection points, noting that they consistently neglected to inform participants about the risks associated with disclosing biometric information.
In late January, the PCPD obtained a court order allowing them to access Worldcoin’s data collection points. Prior to that, the Hong Kong regulator had visited these points around ten times between December and January. Since Worldcoin began operating in Hong Kong, approximately 8,302 residents have had their irises scanned, according to the company’s records.
What do you think about this situation? Share your thoughts in the comments section below.