The Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong issued an order on May 22nd, halting Worldcoin’s data collection activities within the region. This decision followed an investigation that began in January 2024. By that time, the company had scanned the faces and irises of 8,302 individuals.
Hong Kong Privacy Concerns Cited
The PCPD found that Worldcoin had contravened Hong Kong’s Data Protection Principles (DPPs). The company’s methods were deemed unfair due to:
- Lack of crucial documents in Chinese: Privacy notices and biometric consent forms were not available in Chinese.
- Unclear communication: Operators failed to explain privacy clauses or confirm participants’ understanding, raising informed consent concerns.
- Excessive data retention: Worldcoin planned to store personal information for 10 years, which Hong Kong authorities considered too long.
- Limited data access: There was no clear way for people to access or change their data.
Worldcoin Global Scrutiny
This decision adds to Worldcoin’s challenges. Privacy concerns surrounding its technology have been raised in multiple countries. Kenya, for example, suspended Worldcoin activities last year and maintains this stance despite pressure from the US.
READ: Parliament Finds Worldcoin Exploited Kenya’s Regulatory Gaps
In March, Kenya’s Interior Cabinet Secretary, Prof Kithure Kindiki, reiterated the government’s firm position saying, “We are not going to review the suspension.” The CS added, “The United States has been pushing the government on the issues of WorldCoin.”
Similarly, a Spanish court upheld a temporary ban on Worldcoin’s iris-scanning program in March. Spain’s privacy concerns stemmed from collecting data from minors and not allowing consent withdrawal.
