You may have recently noticed people lining up at public places, staring at a metallic orb. This marks the launch of Sam Altman’s new project, Worldcoin, at the intersection of crypto assets, digital identity and artificial intelligence (AI). Worldcoin aims to “become the world’s largest human identity and financial network.” Its metallic orb is designed to scan the irises of all 8 billion odd humans and assign each a unique identifier: a World ID. Upon signing up, users are eligible to claim their free share of Worldcoin (WLD) tokens, which is the native crypto token of this protocol. At the time of writing, each token was valued at $1.47. For its founders, World ID solves the issue of “proof of personhood” in the digital economy. Critics, however, fear that this is a formula for dystopia. Crypto assets for biometric information and the creation of private biometric databases raise several legal and policy issues.
Tools for Humanity, the company behind Worldcoin, was co-founded by Altman (of ChatGPT fame) in 2019. The Worldcoin team argues that mass scale adoption of cryptocurrency can widen access to the internet economy and enable multiple use cases. To this end, Worldcoin is working towards distributing its tokens free-of-charge to billions of users, including “those without a passport or legal identification.” But are Worldcoin tokens truly being awarded ‘free’? It is not clear. To claim these tokens, users have to submit their biometric information (i.e. iris images), collected by metallic orbs installed in different locations around the world.
The company justifies this by citing the digital-age need for a mechanism to prove “unique humanness.” By converting biometric information into an iris code, the system issues every user a World ID, which confirms that its holder is an actual human and not a bot. The aim is to make this a digital passport for users to access online services without having to share their personal information. To dispel privacy related concerns, the company claims that biometric information collected by the orb is promptly deleted, unless expressly requested otherwise by the user. The only data that remains is the iris code, which is disconnected from any personal information of the user. However, iris scans can be stored if the users opt for “data custody” to “reduce the number of times you may need to go back to an Orb.”
Despite Worldcoin’s clarifications on privacy protection, this project has drawn the attention of policymakers across the world. Kenya has ordered the suspension of its data collection activities over concerns of consumer consent being taken “in exchange for monetary reward,” lack of clarity on the security and storage of data, and inadequate information on cybersecurity safeguards. Regulators in France and the UK have also raised concerns over its operations. Worldcoin tokens are not available in the US.
The plan’s rollout was also plagued by various troubling reports on its pilot exercises in developing economies. An analysis by the MIT Technology Review on its user onboarding processes during the pilot phase found that Worldcoin representatives “used deceptive marketing practices, collected more personal data than it acknowledged, and failed to obtain meaningful informed consent.” Unsurprisingly, the training data for designing the identification system was obtained from pilots in countries where data protection laws are not robust. During the pilot phase, contractors engaged to sign up people were incentivized by commission-based payment structures to register as many people as possible. The report found that in some countries, such contractors were trying to sign people up who neither had an email nor understood digital currencies, raising concerns about the legitimacy of consent.
Worldcoin operations raise important ethical and legal questions. One question is over the regulation of issuance and distribution of crypto tokens as incentives for people to submit biometric information. This, in turn, raises questions of fair marketing practices. While the Worldcoin token has been marketed as a utility crypto, the company expects it to eventually become a medium of payment. Two, consider the applicability of a country’s data protection laws to the collection of biometric information by private actors that are neither regulated nor incorporated in the jurisdiction where data collection is taking place. Even if covered by domestic data protection laws, the enforceability of such laws against private actors incorporated outside the country will be a challenge. Three, there’s a question of the credibility and validity of user consent obtained where any such agreement is likely to be induced by a monetary consideration. Four, the absence of a mechanism to ensure transparency and accountability for training data is a problem. Five, questions arise over the robustness of data security measures. Further, while Worldcoin claims that only iris codes are stored, it is not explicitly clear if these can be re-anonymized.
Given the transnational implications of the Worldcoin project, multilateral efforts are needed for appropriate policy responses to be designed. Countries should consider common minimum standards of regulation and enforcement with a special focus on crypto assets, cross-border data sharing and the application of AI systems.
These are the author’s personal views.
Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
MoreLess