Six Worldcoin operators raided in Hong Kong amid public warning not to share biometric data

Hong Kong’s Office of the Privacy Commissioner for Personal Data raided six Worldcoin orb operators across the city on Wednesday, warning the public not to share its biometric data with the company.

It said it is concerned that Worldcoin’s operations in Hong Kong “involves serious risks to personal data privacy” that may violate the city’s Personal Data (Privacy) Ordinance. Authorities obtained a court warrant to search the premises of each location.

“Members of the public should carefully protect their sensitive personal data and avoid participating in any activities that collect sensitive personal data, such as iris scanning, arbitrarily,” said the Privacy Commissioner for Personal Data, Ada Chung, in a statement.

Tools of Humanity, the firm building Worldcoin, did not immediately respond to DL News’ request for comment.

“Any person or organisation as a data user in Hong Kong that controls the collection, holding, processing or use of personal data must comply with the requirements under the PDPO and the relevant Data Protection Principles,” Chung said.

Millions of people worldwide have already signed up for Worldcoin, which requires scanning one’s eyeballs to establish “proof of personhood,” meant to show someone is a unique person.

OpenAI CEO and founder Sam Altman co-founded Worldcoin with Alexander Blania, pitching the project as a key tool for a future in which robots and humans may become indistinguishable online.

For many, the motivation is less about online verification and more about getting token allocations of the project’s WLD token.

Worldcoin launched in Hong Kong in July. As in other regions, verification is done by independent operators, who are also paid in WLD.

Concerns about privacy and personal data when using Worldcoin have been raised, leading to the company pulling its orbs in India. It was also investigated by regulators in France, Germany, Kenya and Argentina.

“Worldcoin welcomes regulators, including the Office of the Privacy Commissioner for Personal Data (PCPD), and consumers to inquire and seek information or clarifications about its programs available to the people in their communities, cities, countries or regions,” a Worldcoin spokesperson told DL News.

Worldcoin has said that the biometric data never leaves its scanning orbs and is processed locally before being permanently deleted.

The project also uses zero-knowledge proofs to protect user data, per Worldcoin’s documentation.

Zero-knowledge proofs are a technology that, for example, may reveal whether someone is of the legal drinking age without revealing their precise date of birth or other identifying information.

“Worldcoin does not seek to know who a person is, just that they are human and unique,” the spokesperson said. “As such, any information used to verify unique humanness is promptly deleted by default.”

This article was updated on February 1 to include comment from Worldcoin and specify the nature of the raid.

Do you have a tip about another Asia crypto story? Get in touch at callan@dlnews.com