- Topic
957 Popularity
17k Popularity
102k Popularity
232 Popularity
17k Popularity
- Pin
- 📢 Exclusive on Gate Square — #PROVE Creative Contest# is Now Live!
CandyDrop × Succinct (PROVE) — Trade to share 200,000 PROVE 👉 https://www.gate.com/announcements/article/46469
Futures Lucky Draw Challenge: Guaranteed 1 PROVE Airdrop per User 👉 https://www.gate.com/announcements/article/46491
🎁 Endless creativity · Rewards keep coming — Post to share 300 PROVE!
📅 Event PeriodAugust 12, 2025, 04:00 – August 17, 2025, 16:00 UTC
📌 How to Participate
1.Publish original content on Gate Square related to PROVE or the above activities (minimum 100 words; any format: analysis, tutorial, creativ - 💙 Gate Square #Gate Blue Challenge# 💙
Show your limitless creativity with Gate Blue!
📅 Event Period
August 11 – 20, 2025
🎯 How to Participate
1. Post your original creation (image / video / hand-drawn art / digital work, etc.) on Gate Square, incorporating Gate’s brand blue or the Gate logo.
2. Include the hashtag #Gate Blue Challenge# in your post title or content.
3. Add a short blessing or message for Gate in your content (e.g., “Wishing Gate Exchange continued success — may the blue shine forever!”).
4. Submissions must be original and comply with community guidelines. Plagiarism or re - 🎉 The #CandyDrop Futures Challenge# is live — join now to share a 6 BTC prize pool!
📢 Post your futures trading experience on Gate Square with the event hashtag — $25 × 20 rewards are waiting!
🎁 $500 in futures trial vouchers up for grabs — 20 standout posts will win!
📅 Event Period: August 1, 2025, 15:00 – August 15, 2025, 19:00 (UTC+8)
👉 Event Link: https://www.gate.com/candy-drop/detail/BTC-98
Dare to trade. Dare to win.
4D Demystification of Worldcoin: What is the real purpose of iris scanning?
On a sunny morning in December 2021, Iyus Ruswandi, a 35-year-old furniture manufacturer in Gunungguruh Village, Indonesia, was woken up early by his mother. She said a technology company was running a "social assistance giveaway" at the local Islamic primary school for him to attend.
Ruswandi joined a long queue of residents, mostly women, some of whom had been queuing since 6am. In a pandemic-ravaged economy, any form of assistance is welcome.
At the front of the line, Worldcoin Indonesia representatives are collecting emails and phone numbers, or pointing a futuristic metal ball at villagers' faces, scanning their irises and other biometric data. Village officials were also present, handing out numbered tickets to residents lining up to help maintain order.
Ruswandi asked a Worldcoin representative what charity it was, but learned nothing new: as his mother said, they were donating.
Gunungguruh wasn't the only village Worldcoin visited. In villages in West Java, Indonesia, as well as university campuses, subway stations, malls and city centers in more than 20 countries, most of them developing countries, Worldcoin representatives show up for a day or two, collecting biometrics data. They are understood to offer everything in return, from free cash (often in local currency as well as Worldcoin tokens), to Airpods, to the promise of future wealth. In some cases, they also made payments to local government officials. But they don't provide much information about their true intentions.
This has confused many, including Ruswandi: What exactly is Worldcoin scanning irises for?
To answer this question, and gain a better understanding of the Worldcoin registration and distribution process, MIT Technology Review interviewed more than 35 people from six countries: Indonesia, Kenya, Sudan, Ghana, Chile, and Norway, who either Worldcoin jobs, either on behalf of Worldcoin, have been scanned, or have been involved but unsuccessfully recruited.
We watched scans during a registration event in Indonesia, read conversations in social media and mobile chat groups, and checked reviews of Worldcoin wallets in the Google Play and Apple stores. We interviewed Worldcoin CEO Alex Blania and submitted a detailed list of findings and questions to the company for comment.
Our research shows that Worldcoin emphasizes privacy in public information, but the actual experience of users is very different. We found that representatives of the company used deceptive marketing tactics, collected more personal data than they admitted, and did not obtain valid informed consent. These practices may violate the European Union's General Data Protection Regulation (GDPR) -- a possibility that the company's own Data Consent Form acknowledges and requires users to accept -- or may violate local laws.
In a video interview in early March in Erlangen, Germany, where the company makes the spheres, Blania acknowledged that there was some "friction." But he attributes that to the fact that the company is still in its infancy.
I'm not sure if you realize it," he said, "but you've seen the test run for a Series A company. It's a few people trying to bring certain ideals to life. It's not like Uber, where hundreds of people do it many times. .
personal I.D
Two months before Worldcoin appeared in Ruswandi's village, the San Francisco-based company Tools for Humanity emerged from stealth mode. Worldcoin is its product.
The company's website describes Worldcoin as a "new, collectively owned global currency that will be fairly distributed among as many people as possible," based on ethereum. The company proposes that everyone in the world will get a free share if they agree to an iris scan using a specialized device that resembles a decapitated robot head, which the company calls the Chrome Orb. ).
The site goes on to say that the sphere is necessary because of Worldcoin's commitment to fairness: that each person should receive his or her allotted share of the digital currency — nothing more. To ensure there is no double-dipping, the chrome ball will scan the participant's iris and several other biometric data points, then use a specialized algorithm the company is developing to cryptographically confirm that they are human, and will be available on Worldcoin are unique in the database.
Bloomberg first reported on the company last summer (Editor's note: 2021). Sam Altman, co-founder of Worldcoin and former president of Silicon Valley accelerator Y Combinator, told Bloomberg: "I am very interested in things like universal basic income and global wealth redistribution." Make it happen".
In the same article, then-27-year-old Blania (who joined Worldcoin directly after graduating with a master's in physics from Caltech) added, "There are still many people in the world who do not have access to the financial system. Cryptocurrencies have the opportunity to help us achieve this." One goal.” (Blania and others use “Worldcoin” to refer to both the company and the currency; this article does the same.)
But in addition to these good intentions, Worldcoin will also solve the key technical problems of Web3. Web3 is the much-hyped, blockchain-powered third-generation internet where data and content can be decentralized and controlled by individuals and groups rather than a handful of technology companies.
In an interview with MIT Technology Review, Blania stated that "getting everyone to own this new protocol" will be the "fastest" and "largest entry into cryptocurrencies and Web3" to date, solving one of the main challenges of Web3: users' relative scarcity.
Furthermore, according to Blania, biometrically confirming that the other party is human would solve another “very fundamental problem” with decentralized technology: the risk of so-called Sybil attacks, when a single entity in the network creates and controls multiple fake This attack occurs when the account is deleted. This is especially dangerous in decentralized networks where pseudonyms are required. Coming up with a truly Sybil-resistant identity has so far been difficult, seen as another hurdle to mass adoption of Web3.
With these two solutions in place, Blania said, Worldcoin can become “an open platform that everyone can use, whether it’s for identification or distribution.” This is the promise of Worldcoin: if successful, the protocol could become the universal authentication method for a whole new generation of Internet. If this is achieved, the currency itself may become more valuable. “Investors hope that the Worldcoin project will bring value to the world, thereby allowing these stakes or tokens to appreciate in value,” the company said in an emailed statement.
That's probably why Altman, along with some of Silicon Valley's biggest names, are investing heavily in Worldcoin; Andreessen Horowitz recently led a $100 million funding round that tripled the startup's valuation, from $1 billion to $100 million. $3 billion.
peeping sphere
As of March when we interviewed Blania, Worldcoin had scanned 450,000 eyes, faces, and bodies in 24 countries. Of these, 14 are developing countries (by World Bank criteria) and 8 are in Africa. But the company is just getting started, with a goal of gaining 1 billion registered users by 2023.
At the heart of the Worldcoin offering is the high-tech sphere itself, equipped with advanced cameras and sensors that not only scan irises, but also photograph "the user's body, face and eyes, including the user's iris," according to the company's description in a blog post. high resolution images. Additionally, its data consent terms state that the company also conducts "non-contact Doppler radar detection of your heartbeat, respiration, and other vital signs." In response to our questions, Worldcoin stated that it has never implemented vital signs detection technology and that it will remove such references from its data consent terms. (As of press time, that expression still exists.)
**Biometric information is used to generate an "IrisHash" - a code stored locally on the sphere. According to Worldcoin, the code is never shared, but is used to check if the iris hash already exists in Worldcoin's database. ** To do this, the company said, it used a novel privacy-preserving encryption method called zero-knowledge proofs. If the algorithm finds a match, it indicates that someone has already tried to register. If there is no match, the user passes the uniqueness check and can proceed to register using an email address, phone number or QR code to access the Worldcoin wallet. All of this will be done within seconds.
Worldcoin says the biometric information remains on the sphere and is deleted once uploaded, or at least one day, once the company has finished training its AI neural network to recognize irises and detect fraud. Until then, beyond vague descriptions such as "personal data...sent over a secure, encrypted channel," it was unclear what was being done with that data. “During the field testing phase, we collected and securely stored more data than we had at the time of completion,” the blog post states, “Once our algorithms are fully trained, we will delete all biometric data collected during the field testing.”
In response to our questions before this article was published, Worldcoin said that a public version of its system would soon eliminate the need for new users to share any biometric data with the company, though it did not explain how this would work.
Useless IOU
However, we know how the registration process works. To get Worldcoin onto new users' smartphones, the company contracts with local "sphere operators" who manage registration in their country.
The operator applied for the job and was interviewed and approved by the Worldcoin team, though company spokeswoman Anastasia Golovina emphasized in an email that the operator "is an independent contractor and not a Worldcoin employee." As such, they work without contracts or guarantees of payment, and instead earn commissions based on the biometric data they collect from users. However, Golovina added, they must "comply with local laws and regulations, including local labor laws."
These national operators receive commissions in the stablecoin Tether. A stablecoin is a cryptocurrency whose value is pegged to a traditional currency, usually the U.S. dollar. They decide what to pay subcontractors (usually in local currency) and working conditions (full-time, part-time or casual). Both national operators and subcontractors are incentivized by a commission-based payment structure to sign up as many users as possible as quickly as possible.
On the other hand, currently new users can earn at least $15 worth of Worldcoin for submitting biometric scans, and an additional $5 for logging into their Worldcoin wallet, with the total value of Worldcoin earned for new recruits later changed to $25.
Some users will receive the payment in one lump sum, while others will receive it in weekly installments of $2.50. The difference, Blania says, is to test which incentives work best. Regardless, Worldcoin is not a stablecoin, and since the token (at the time, editor’s note) hadn’t yet launched, the company “doesn’t yet know how many WLD tokens are worth $20,” it noted in a written statement.
To understand user motivations, some have the option to receive $20 worth of Bitcoin for easy cashout. Worldcoin said it found that “the most active users choose to keep their WLD,” although the majority of our respondents held the opposite view.
But with the redemption feature ending in the fall of 2021, for now, the pledged $20 or $25 worth of Worldcoin is equivalent to the company's IOU. For all intents and purposes, all tokens held by users in digital wallets are worthless.
TAKE THE CHANCE
Users of Worldcoin join for many reasons.
"Out of curiosity" is a common saying. It’s also said that because the orb operators “look nice,” or happen to be their brothers, cousins, or classmates. There are those who want early participation in what could be the next Bitcoin, those who have lost their jobs or income during the pandemic, and those who are desperate because of the threat of a renewed civil war.
Most people just want free money - someone just wants to buy lunch. Many suspect it's a hoax, but few are willing to give up trying, what if it isn't?
Ruswandi for several of the above reasons. He lost most of his job as a furniture maker during the pandemic and trades stocks and cryptocurrencies in his spare time, frequenting cryptocurrency-related message boards and exchanges.
“I was curious and thought it wouldn’t hurt to try it out,” he recalls, making the money attractive given his reduced income.
But he soon became suspicious. Neither company representatives nor village officials on site could answer basic questions about Worldcoin. He did more research online and came up with nothing, leading him to conclude that it was a scam. ** He believes the mystery giveaway was a massive data-gathering campaign disguised as some sort of covert offline airdrop — a ploy by cryptocurrency projects to issue free tokens to lure users. **
After all, many of his fellow folks’ internet knowledge was limited to the pre-installed Facebook app on their smartphones, so before potential users could receive the new currency, Worldcoin representatives “first had to help many residents set up email and log into the network,” Ruswandi recalls explain. He wondered, if it was to attract users to a new cryptocurrency, "why did Worldcoin target low-income communities in the first place, rather than cryptocurrency enthusiasts or the community?"
Biometric Question
In October 2021, when Worldcoin announced "Here we come!", it was immediately met with strong doubts.
As NSA whistleblower Edward Snowden tweeted, "Don't sort eyeballs. Don't use biometrics for fraud. In fact, don't use biometrics for anything." Use. The human body is not a ticket gate.”
Many are skeptical of Worldcoin's privacy protocols, especially since the company has yet to publish a white paper or open up its code for outside evaluation. "This looks like generating a global (hashed) database of people's iris scans (in the name of 'fairness')" and neutralized the impact by announcing "we removed the scans". Yes, but you saved the *hashes* generated by the scans, and the hashes that matched the *future* scans,' Snowden tweeted.
** There is also the issue of hardware security. Jeremy Clark, an associate professor at the Concordia Institute for Information Systems Engineering who focuses on applied cryptography, questions the security of the sphere: "There will be some security protections in the machine itself," he said, "but no technology is absolutely secure." So it’s usually an economic issue...if the project succeeds as they hope, it becomes more profitable to try to solve this.”**
Others questioned the company's alleged fairness, since 20 percent of the tokens had already been allocated: 10 percent to Worldcoin's full-time employees and another 10 percent to investors such as Andreessen Horowitz.
Additionally, many in the blockchain space disagree with the basic premise that Worldcoin is trying to build on: creating an identity on Web3, which is critical for a movement toward blockchain, DeFi, and DAOs ("decentralized autonomous organizations"). is a curse, the express purpose of this movement is anonymity.
Others remain unconvinced that Worldcoin can actually truly benefit everyone in the world, and instead it serves as a distraction from the ongoing work of creating a new identity paradigm. While declining to comment specifically on Worldcoin, identity expert Kaliya Young said, "In terms of online identity, companies often claim that 'if everyone in the world was in our system, then everything would be fine.'" NEW NEWS Yes: Everyone is not going to show up in your system, so let's move on to how to fix the problem. 』
Blania and his team believe this criticism is misplaced. "Most of our team has a background in cryptocurrency ... so we care a lot about this (privacy)," he told MIT Technology Review. "I completely understand the concern," he said, but he said it was more of an "emotional gut reaction" than an "objective critique." What critics miss, he added, is how good the Worldcoin protocol will be at protecting privacy once it is finalized.
That's not impossible, says Stephanie Schuckers, director of the Identity Technology Research Center at Clarkson University, given the recent advances in biometrics. One of the latest trends is Template Security, which uses encryption to transform biometric data. "When you store that data, if it's stolen, it can't be reverse-engineered back to the original biometrics," she said.
But she added that the reason the technology has not yet been commercialized is that cryptographic transitions often lead to "degraded performance." Instead of matching new biometric data with existing biometric samples, sample security matches a computer algorithm's interpretation of the data with another stored code via some sort of hash or code. That increases the room for error, making it "more difficult to match biometric data in this encrypted space," Schucker said. She added, however, that some recent advances in sample security have addressed some of these shortcomings.
**Sample security sounds like something Worldcoin might be doing — though Schucker cautions that it's hard to know for sure without seeing their code, or more information than Worldcoin's blog post. **
Since we first contacted the company in February, Worldcoin has committed to open-sourcing its code, including repeatedly emphasizing to MIT Technology Review on multiple occasions that this will happen "in the coming weeks."
In addition, the company added in a statement: "It is important to emphasize that our purpose of collecting data is not to profit from it or to spy on our users like many other technology companies. Instead, our goal is simply to use this data Used to develop algorithms to minimize fraud and enhance user privacy."
let them join
According to numerous people interviewed by MIT Technology Review, representatives of Worldcoin used a series of questionable tactics and lures to attract new users.
Mohammad Ahmed Abdalbagee, one of Sudan’s four former sphere operators, said that when operations began in Sudan in March 2021, operators found it difficult to “explain the concept of digital currency to people who don’t even have email.” So they ran an AirPod giveaway to encourage registration, which eventually attracted about 20,000 registrants.
Worldcoin applied to host a seminar on cryptocurrencies at an Islamic high school in West Java, Indonesia. The school’s student activities coordinator, Muhammad Hilham Zein, read the application and recommended approval, but only if the application is “to share knowledge about crypto…rather than encourage students to invest in digital currencies.”
But the participants (at least one of whom was over the age of 15, which violates Worldcoin's own terms of use) and our reporter's first-hand observations told a different story. During the 45-minute meeting, Worldcoin staff was busy registering a dozen students, helping them download the app and register for email, and finally scan their biometrics to provide information about the cryptocurrency, Worldcoin itself, or instruct them on how to consent or withdraw consent. (Students at least receive their allocation of Worldcoins, which are distributed on a weekly basis).
During a recent recruiting event held in about 20 villages in West Java, many new users like Iyus Ruswandi were attracted by giveaways.
"It was held during a pandemic, when the government usually gives out social assistance packages," explained Ece Mulyana, the principal of an Islamic primary school who had been told the night before that his school would be used as a Worldcoin registration site. “I couldn’t refuse the request,” Mulyana said, because the instructions came from a higher-level official, Ade Irma, head of street management, who was helping Worldcoin coordinate village registration.
Irma paid 2,000 rupiah (about 14 cents at the time of writing) for each person successfully scanned, Mulyana said. Mulyana estimated 170 people took part, for a total of 340,000 rupiah (about 23.8 US dollars).
Irma's boss, Heni Mulyani, the street leader who approved the events, said the money was used "to buy coffee and cigarettes," a euphemism for paying government officials to assist with the events they requested. She said none of the money paid was used for venue rent, but added, "We assure you that this money did not come from the village fund or the budget."
Instead, the money came from a company called PT Sandina Abadi Nusantara, which was co-founded with his mother by a man named Muhammad Reza Ichsan, who happened to be Worldcoin’s “best performing operator” (according to Blog post published by Worldcoin). The company is the legal entity under which Worldcoin Indonesia operates; his mother's job is to contact local government officials to coordinate the recruitment.
Ichsan told MIT Technology Review, "We don't pay the village, but we provide an operating fund for those who help us convene the public at the site."
Even if Mulyani hadn't misused village funds, these tips are (with very few exceptions) illegal under Indonesia's anti-corruption and anti-bribery laws, and both the giver and receiver can be subject to criminal penalties.
Responding to a question about the payment to the village official, a Worldcoin representative said they were not aware of the incident, calling it an "isolated incident" and saying they had launched an investigation to learn more. While they were unable to draw conclusions, Golovina wrote, "Most or all of these payments may be genuine operating expenses, such as those required to conduct business at a school or other facility, or to pay Fees for permits or licenses required to operate.” This contradicts the official account and those who operate it.
Worldcoin also referred to other examples we provided them of as “independent and isolated work by local globe operators,” including an AirPod giveaway in Sudan and deceiving schools in Indonesia, adding, “We are entirely focused on incentivizing operators to register Active users who are excited about using Worldcoin."
For their part, the villagers were not informed that at least some officials were being paid to promote Worldcoin; indeed, as the school principal Mulyana recalled, many believed the event was run by the government. “We have to explain to them that this is not a government project,” he said, “Worldcoin is a foreign company and they need the assistance of the village staff when they come.”
Now, some villagers doubt whether they will receive the money because they have been told Worldcoin representatives will return to the village to distribute funds in late January 2022, which has passed (WEEX Note: This article was published in April 2022). For those who are digitally savvy, the ability to trade Worldcoin in the wallet is also missing.
Operation Blind Spot
Confusion and misinformation are not necessarily intentional. The sphere operators we interviewed often mentioned that they received very little information from the Worldcoin representatives who recruited them, even though they were well aware that their compensation was tied to the number of people they signed up for. (Worldcoin says it provides its national sphere operators with a code of conduct that sub-operators must also abide by, and that they are moving away from paying commissions based on signups.)
One such operator is Bryan Mtembei, a civil engineer who recently graduated from a university in Kenya’s fourth largest city, Nakuru, and who became Worldcoin after being scanned on campus last September. of freelancers.
He wishes he could have "a short training or basic knowledge about Worldcoin". Instead, the only instruction he got was to “get more people involved and make more money for myself,” he said. “The rest is up to my social marketing skills.”
So he does his best to answer questions from new users, the most common of which are about privacy: Mtembei estimates that about 40 percent of the people he contacts express concerns about sharing their biometric data.
When he initially expressed similar concerns, a representative assured him that all of his concerns had been addressed in the Worldcoin “white paper.” But there is actually no such documentation. According to the company, this is by design — people are less likely to read "lengthy, highly technical, academic-style papers," and their shorter blog posts could be considered white papers.
Ultimately, Mtembei's need for money overcame his concerns. He registers 150 to 200 people and gets a commission of 50 KS (Kenyan shillings, or 44 cents) for each scan.
Mtembei is not alone. Willis Okach, a university student in Nairobi, who, like Mtembei, was recruited as an operations officer after taking part in the scans, was also involved for the money. "You don't have (money), and someone gives you some," he explained, arguing that Worldcoin "feels like students don't have much money, so they sign up." In two days of work, Okach registered 50 people, each bringing One set of biometric data, he can earn 100KS ($0.88).
Worldcoin spokesperson Golovina said, "All users who register during the field test will be fully informed about what data we will collect and how it will be used, and they will be asked to give their consent before registering. Anyone who consents to our collection and use of their biometric data Individuals can withdraw their consent at any time and the data will be deleted."
But none of the people we interviewed were explicitly told (or the operations staff didn't tell others) that they were "test users" whose faces and videos and 3D body maps were taken and used to train the spheres. "Anti-fraud algorithms" to "distinguish different people" treat their data differently from those of others behind them, or they can ask to have their own data deleted.
Ángel Rodriguez, a subway security guard in Santiago, Chile, recalled checking a box in the Worldcoin App to agree to the terms of service, and the instructions were in English, which he didn't understand. Additionally, according to Worldcoin, the link to its app and data consent terms won’t be available until “late 2021,” when field testing has been going on for at least a year.
Sometimes, new users are asked to provide additional personal data, but Worldcoin claims they are never asked for this. Almost everyone we interviewed was asked to provide an email address to log into their wallet (even after Worldcoin introduced QR code login). Some were also asked to provide phone numbers.
In multiple email statements, Golovina denied that an email or phone number was required for registration, but “we do offer certain features, such as the ability to send and receive Worldcoin, to users who choose to provide a phone number or email address. But such things Always optional.” Worldcoin did not explain what users could do with their tokens without being able to send or receive tokens.
Meanwhile, in Nairobi, several students said sphere operations staff took photos of their ID cards, to confirm, Okach recalls, that he was “not a robot.” Worldcoin stated that they have never asked users to provide national identification documents, only sphere operators.
When we shared these responses with our respondents, they disagreed. Mtembei emphasized that personal information was never optional, and registration on his sphere was impossible without email and phone calls. "He's lying," he said.
Mohammad Ahmed Abdalbagee, one of four sphere operations staff employed by Worldcoin in Sudan, added that it was his team's efforts that convinced Worldcoin to add a phone number as the preferred login method. "Before they operated in Sudan, they used email addresses as their main identifier, but we told them that it wouldn't work in Sudan. Many university students don't even have email addresses, they use their mobile phones to register on social media," he said.
** Implicit Colonialism **
Some academics who specialize in the tech industry's relationship with countries in the South are concerned but not surprised by Worldcoin's actions.
"It's a race to see who's in this AI-driven world," said Payal Arora, digital anthropologist and author of The Next Billion Users: Digital Life Beyond the West. The race to get the most data in the economy.” She said stricter data protection laws in Europe and the United States meant that ambitious entrepreneurs in those regions could not get the training data they needed from their own populations, so they had to set their sights on development. Chinese home.
In fact, Worldcoin is unavailable in the US and China due to regulatory restrictions, according to a blog post published by Worldcoin. Bloomberg reported that the company has also halted field tests in other countries, including Turkey and Sudan, for similar reasons. However, Worldcoin has already registered a number of U.S. users in demos held at cryptocurrency conferences, although the company does not consider its U.S. event to be a field test.
Pete Howson, a senior lecturer at Northumbria University who studies the international development of cryptocurrencies, categorizes Worldcoin’s actions as a form of crypto-colonialism, in which “blockchain and cryptocurrency experiments are forced on disadvantaged communities, essentially because …these people can’t fight back,” he told MIT Technology Review in an email.
Compared with other forms of digital colonialism, crypto-colonialism is more harmful, Howson explained, because blockchain’s core tenet of decentralization allows for “very limited liability … when things go wrong.” "You'll hear the term DYOR a lot because these people don't care much about rules and regulations."
But inequalities in information and internet access make the spirit of DYOR nearly impractical for many people in developing regions. Likewise, large economic disparities mean that a promise of less than half a dollar to get people to give up their biometric data in, say, Kenya won't do much in Norway or the US.
In short, it is cheaper and easier to carry out this kind of data collection in places where funding is scarce and legal protections are weak.
Data lapses and policy loopholes
While most of Worldcoin’s field testing has been conducted in developing countries, the company emphasized that it is also active in developed countries, including several countries in Europe. “Worldcoin has been trying to live test it in representative countries around the world,” the company told us.
This represents its own challenges. Worldcoin is bound by the EU GDPR when collecting, controlling and processing personal data of a "data subject" as defined by the EU (ie anyone within the EU, including citizens, residents and potential visitors whose data is collected).
Enacted in 2018, GDPR requires data subjects to be fully informed why their data is collected, how it will be used, who will process it, where it will be transferred, how to delete it, and how to stop data processing. Failure to adequately protect data can result in fines of up to 4% of global revenue or €20 million, depending on the severity of the breach.
Furthermore, the GDPR also applies if a company outside Europe collects or processes the personal data of European data subjects. So a Delaware-registered, San Francisco-based company like Worldcoin would not necessarily be exempt.
However, this is exactly what Worldcoin refers to in its data consent terms, and before MIT Technology Review can submit a list of issues, the company asks users to accept the following statement:
Marietje Schaake, director of international policy at Stanford University's Cyber Policy Center and a former member of the European Parliament who reviewed the document, said the policy sought to create "exceptions." But under the GDPR, there are no exceptions. Also, the fact that Worldcoin has a German subsidiary already makes it subject to the GDPR.
"As an EU citizen, you have the right to challenge it," Schaake said, referring to any potential violations. These challenges will be reviewed by European data protection authorities and ultimately debated in European courts rather than in US courts as Worldcoin said.
Worldcoin says it is fully compliant with the GDPR and is registered with the Bavarian Data Protection Authority. They employ a data protection officer and have carried out a data privacy impact assessment, although they declined to make the data protection officer or the results of the assessment public. Worldcoin added that the statement in their terms of consent “previously contained substantial caveats...they no longer appear in our most recent version of the data consent terms.” However, as of the time of publication, the statement remained online.
For Aida Ponce del Castillo, a researcher at the European Union Institute for Trade Research who studies regulations for emerging technologies and also serves as her organization's data protection officer, the lack of transparency is unreasonable. “The DPIA is not confidential business information,” she told MIT Technology Review—while publication is not mandatory, she noted that the European Commission recommends that companies “consider publishing at least some of the content, such as a summary or conclusion.”
The Bavarian Data Protection Authority has yet to respond to an interview with MIT Technology Review confirming the company's registration request.
“This is manipulation”
In addition to ethical issues, there are more practical questions such as: How well does Worldcoin actually work?
For some beta users and sphere field operations staff, the answer was, not at all.
Sometimes, this is caused by problems with the sphere. In Sudan, Abdalbargee, a local iris reader operator, said it takes up to six attempts for an iris reader to recognize a person's face. “In fact, it took my friend a full week for the device to recognize his irises,” he added.
The spheres were also prone to malfunction, slowing down the recruitment process, while repairs needed to be done in Germany. When Buzzfeed News found a similar sphere glitch in a recent investigation, Worldcoin used the phrase it repeated to us: calling one particularly severe case an “isolated anomaly.”
Meanwhile, some users lost their entire accounts or all their tokens during the upgrade from the web wallet to the app wallet. For others, the app has proven flawed, draining battery life or sending them into a vicious cycle of loading and reloading.
Rodriguez, the aforementioned Chilean subway security guard, had been struggling with his wallet shortly after being scanned. After signing up in February, the app required him to enter his email address, phone number and use a QR code, but the app caused performance issues on his phone, so he uninstalled the app entirely. When he tried to download the app again, his username no longer existed.
Local sphere operations staff told him that in order to fix the problem, he would have to find the sphere and rescan the biometrics. But if Worldcoin is what it claims to be, a rescan will only match his iris with an existing iris hash. In other words, once an account is lost, it cannot be recovered, as Worldcoin later confirmed.
There are also cases of identity spoofing that the sphere cannot detect. In mid-2021, a merchant in Indonesia was able to register and access the wallets of more than 200 users who had completed scanning and authentication, and transfer out assets held in Bitcoin at the time. Worldcoin said this happened in the early days when the wallet was accessed through the web rather than the app, and that "since the upgrade... we have not seen similar fraud."
Meanwhile, those concerned that the whole thing might be a hoax wonder what they have lost. “50 KS is not enough to attract attention,” said Okach, a university student in Nairobi, who spent a weekend recruiting others to join Worldcoin. "It's manipulation, taking advantage of students without clearly stating what they're doing or wanting."
Forget early users
When we started reporting on this story, we noticed that 3 of the 5 countries initially cited as case studies for successful field testing—Indonesia, Sudan, and Kenya—were classified by the World Bank as low- or lower-middle-income countries. Power and economic disparities seemed ethically fraught, so we started digging.
We wanted to know: What was it like to be an early user of this global crypto experiment? What do participants actually understand about cryptocurrencies, Worldcoin, and the consequences of giving up their biometric data? Or what were they told? Did they provide informed consent - what does informed consent mean in this case? In the end, many of our interviewees asked the same question - what is the real purpose of iris scanning?
Finally, it was a line that Blania dropped in passing during an interview in early March that got us started on Worldcoin.
"We're going to have privacy experts tear down the system over and over again before we actually deploy it at scale," he said in response to strong questions about privacy in the fall of 2021.
Blania just shared how his company got 450,000 people on board Worldcoin, meaning its spheres scanned 450,000 sets of eyes, faces and bodies, storing all the data to train its neural network. The company recognizes that this data collection is problematic and intends to stop doing so. They didn't offer the same privacy protections to these early adopters, however.
We are puzzled by this seemingly contradictory phenomenon: Are we lacking foresight and the big picture? After all, 450,000 may be small compared to the company's stated goal of 1 billion registered users.
But each of those 450,000 people is a separate individual, with hopes, lives, and rights of their own, none of which has anything to do with the ambitions of Silicon Valley startups.
Chatting with Blania clarifies something we've been struggling to understand: How can a company be so keen to talk about its privacy protection agreement while clearly violating so many people's privacy?
We have seen through interviews that for Worldcoin, these large test users are not their final target users to a large extent. Instead, their eyes, bodies, and life patterns are just the raw material for Worldcoin's neural network. At the same time, they only pay a small amount of money to feed their algorithms to those lower-level sphere operators who often have to grapple with their own moral doubts in private. It's ironic that this project is so inhumane to those who put in the effort to teach Worldcoin's AI to recognize who or what is human.
When we submitted our 7-page report findings and issues to Worldcoin, the company's response was that almost all of the negative issues we found were "isolated incidents" that ultimately didn't matter because the next (public) iteration will be better. "We believe the rights to privacy and anonymity are of paramount importance, which is why in the next few weeks, everyone who registers for Worldcoin will be able to do so without sharing any biometric data with us," the company wrote. Do it.” Nearly half a million people have been tested, and that doesn’t seem to matter.
And what really matters is the result: Worldcoin will have a significant user base to support its sales pitch as the identity solution of choice for Web3. And when the real, monetizable product — whether it’s a sphere, a Web3 passport, the currency itself, or all of the above — rolls out to its intended audience, it’ll all fall into place, without any messy artificial signs or behind-the-scenes human organs.