Key Takeaways
Since the Worldcoin developer Tools for Humanity launched its iris-scanning “Orb” technology, the spherical biometric scanners have appeared in various locations around the world.
As of March 6, however, the Spanish Data Protection Agency (AEPD) has ordered the firm to stop collecting data in the country. The agency cited concerns that the scanners could breach the EU’s General Data Protection Regulation (GDPR).
In a statement issued on Wednesday, the AEPD said it had received complaints about the way Worldcoin was collecting personal data.
Specifically, it alleged that Tools for Humanity didn’t provide enough transparency into how data was processed. The AEPD also claimed Tools for Humanity collected data from minors. Furthermore, the agency claimed the company didn’t let people withdraw consent for their personal data to be processed.
Under the EU’s privacy framework, biometric data is “protected” and subject to enhanced regulations.
If the allegations are true, Worldcoin’s alleged shortcomings amount to three major GDPR violations. As a result, the AEPD ordered the company to cease collecting and processing data immediately.
Although data protection authorities actions aren’t usually so abrupt, the AEPD said the claims against Worldcoin warranted exceptional measures.
Arguing that it was necessary to intervene without a formal investigation, the agency Evoked Article 66 of the GDPR, which grants it temporary powers to act “if there is “an urgent need to act in order to protect the rights and freedoms of data subjects.”