Blania described a futuristic world awash with orbs of varying shapes and sizes, where each person would be assigned a unique, anonymized code tied to their iris that they could use to log into a multitude of web-based and web-based applications. the blockchain.
Blania didn’t rule out the possibility of Worldcoin charging a fee to provide the service, but the startup primarily plans to make money from the appreciation of its currency. “You distribute one token to as many people as you can,” Blania said. Because of this, “the utility of the token increases significantly” and the “price of the token increases”.
The key to all this technology is the Orb itself, and the contract signed by the Orb operators underscores the company’s focus on its stress testing. “Your role is to help us evaluate orbs and how people interact with them,” the contract reads. “You have to think of yourself as a product tester.”
Blania told BuzzFeed News that the company primarily uses its field tests to see how the Orbs perform in different environments — from the heat of Kenya to the freezing cold of Norway. “In Kenya, where it was like 40 degree heat, and just the reflection on the Orb is something we’ve never seen here in Germany in the office,” Blania said.
Adam Schwartz, senior attorney at the Electronic Frontier Foundation, said the ambiguity regarding Worldcoin’s goals is troublesome. “The question is, is it a digital currency company, or is it a data broker?” he said. “Anyway, the current practice of paying people for their biometrics is very problematic for privacy and fairness.”
“Worldcoin is not a data company and our business model does not involve the mining or sale of users’ personal data. Worldcoin is only interested in the uniqueness of a user — that is, they have not registered with Worldcoin before – not their identity,” Worldcoin said in a statement.
The company’s efforts to build its database could also run afoul of privacy and data processing laws in Kenya, where the company has extensive operations. Kenya recently passed a data protection law that prohibits companies from transferring biometric data overseas without approval from the new Office of the Data Protection Commissioner. Worldcoin currently processes user data in the US, UK, Germany, Japan and India in accordance with its data consent form.
Immaculate Kassé, Kenya’s data commissioner, told BuzzFeed News that his office “was not aware” that Worldcoin was collecting biometric data from Kenyans and transferring it overseas.
The company has until July 14 to register with the commission and submit a detailed data protection impact assessment under Kenya’s recently implemented data privacy laws, Kassait said per E-mail. Worldcoin told BuzzFeed News that the company will soon engage with Kenya’s Data Commission and has already conducted a “rigorous” privacy impact assessment.
Bryan Ford, who heads the Decentralized/Distributed Systems Laboratory (DEDIS) at the Swiss Federal Institute of Technology and wrote one of the pioneering papers on personality proof in 2008, said that solving the problem of authentication in a way that preserves user privacy would be a significant step forward. Ford, however, is unconvinced by Worldcoin’s solution. The company’s decision to create and store a giant, centralized database of irises and iris hashes, he said, is a massive invasion of user privacy.
“We challenge the characterization that collecting images of Worldcoin users is an invasion of privacy: if collecting images of people with their consent was an invasion of privacy, CLEAR” – the company d biometric identification – “the UN and Aadhaar would all be examples of privacy invasions too,” Worldcoin said in a statement to BuzzFeed News.
Privacy advocates and security experts in India have long characterized Aadhaar, India’s massive biometric identification system, as a privacy nightmare. Experts also question whether Worldcoin has done enough to ensure that it has obtained people’s informed consent, given that the company’s detailed terms and conditions, privacy policy and data consent forms are in English.
“Informed consent means you are able to fully understand what is going on,” said Elias Okwara, Africa policy manager for advocacy group Access Now, noting that a majority of Kenya’s population speaks Kiswahili. “So right off the bat it becomes difficult to be able to explain to an individual what data processing means.”
Worldcoin said it would soon roll out its privacy form in six languages and suggested that Orb operators live-translate and explain the company’s voluminous policies to people who don’t speak English. “In all of these local countries, we have Orb operators, and their purpose and role is to explain to people what they are consenting to in their local language,” the company said.
Any large biometric database is also susceptible to hacking, Ford said, explaining that the database could be compromised if someone hacks into the thousands of orbs the company plans to distribute. “Fundamentally, no hardware is impossible to reliably hack,” Ford said.
Blania acknowledged that “there has never been an uncracked hardware device,” but said Worldcoin is building in fraud detection mechanisms to identify compromised orbs.