Tools For Humanity, creators of the Worldcoin crypto project, are registered as Data Controllers with the Office of the Data Protection Commissioner (ODPC).
The ODPC had previously called for vigilance from Kenyans as it engaged with Worldcoin on Compliance with the Data Protection Act of 2019. Registration is just one, but an important element of compliance with the Data Protection Act of 2019.
According to the ODPC, A Data Controller is: “A natural or legal person, public authority, agency, or other body which alone, or jointly with others, determines the purpose and means of the processing of personal data.” Any organization not registered with the ODPC “can not” legally operate as Data Controller or Data Processor in the country.
Compliance with the Act aims to ensure the privacy rights of Kenyan data are upheld and safeguarded through “transparent and accountability data processing ecosystems”.
The Buzz About Worldcoin
Since its launch, the Worldcoin project founded by OpenAI’s CEO Sam Altman, has gained viral popularity.
READ: Everything You Need To Know About Worldcoin
With over a million app downloads, we have seen massive lines forming at various Worldcoin’s “Chrome Orb” locations in the country as users flock to get verified.
The verification process entails an iris biometric scan aimed at detecting “humanness”. On verification, a user gets a World ID, a unique key generated from the scanned biodata.
This entitles a user to 25 free Worldcoin tokens (WLD) worth roughly KES 7,000 upon verification and an opportunity to claim 1 WLD per week. According to Worldcoin, over two million people worldwide have so far been verified.
Proof of “Personhood”
The proof-of-personhood solution aims to ensure that only unique individuals are on the network. It is important to ensure that a user does not operate multiple identities (crypto wallets) without sacrificing the crypto’s anonymity.
Worldcoin uses this protocol to ensure: every person on the network is actually a human being and only controls one crypto wallet. To do this, the Orb relies on a system of infrared cameras, AI-powered neural networks and sensors to scan the iris.
The neural networks checks the iris scan against other scans in the database and only adds it to the database if it is new. This completes the verification process.
Data And Privacy Concerns
With the massive amounts of user biodata collected, various ethical questions and concerns arise with what Worldcoin will use the data for.
Worldcoin has claimed that they do not store the scan images but instead store the iris code (a way to numerically represent the texture of an iris).
According to report by MIT technology review, Worldcoin used deceptive marketing means and collected more personal data than it acknowledged without the proper consent during its test phase.
In addition, the company claimed it would delete the data collected once they had fully trained their algorithms.
We found that the company’s representatives used deceptive marketing practices, collected more personal data than it acknowledged, and failed to obtain meaningful informed consent. These practices may violate the European Union’s General Data Protection Regulations (GDPR)—a likelihood that the company’s own data consent policy acknowledged and asked users to accept—as well as local laws.
MIT Technology Review, April 6 2022
Two months before the launch, TechCrunch revealed that hackers had compromised and accessed multiple Orb operators’ devices allowing them to have full access to the Worldcoin Operator dashboard.
The questionable ethics and shaky foundation in its pilot program put into question what could go wrong as the project expands.
