On legal basis, he added: "In our analysis there is no other possible legal basis [than] explicit consent for this specific service/processing activities."
Why does a requirement to let users ask for their data to be deleted, a right that's baked into the European regulation as part of the GDPR's suite of individuals data access rights, look so tricky for World[coin]? The proof-of-humanness blockchain project's jam is that it's building a system of immutable and unique IDs for verifying identity remotely. So if a person can edit all trace of themselves out of its ledger simply by asking, it's a challenge to its ambition of becoming a world-spanning authority on human verification.
Tools for Humanity (TfH) spokeswoman, Rebecca Hahn -- who does comms for the entity that develops Worldcoin -- said its grounds for appeal will focus on claims that World's technical architecture is "privacy-preserving" and that results in user data being anonymized.
The implication of that being that GDPR data access rights (such as being able to ask for deletion) should not apply, since truly anonymous data falls outside the scope of the law.
Responding on why World is so reluctant to let users delete data, Damien Kieran, TfH's chief privacy officer, told TechCrunch: "Our goal is to increase trust in digital interactions. To do that, we created the World's first anonymous digital passport to prove humanness. That means a person can anonymously verify they are a real human on a platform like X [which happens to be Kieran's former employer], solving problems such as bots once and for all.
"Key to that is ensuring that if an anonymous person abuses a platform's policies and the platform suspends them, that person cannot delete their World ID, create a new one, and go back to X presenting themselves as a new human. Thus, to meet our goals of increasing trust online in the intelligence age, we had to ensure we did this in a way that anonymized the underlying data, meaning it can't be deleted, and ensures that bad actors can't abuse the World network and other platforms."
Kieran added that World ID holders "can always delete their personal data, which resides solely on their phone."
However basic account data isn't where this GDPR battle is focused. It's about information that can be used to uniquely identify an individual.
Earlier this year World introduced an open source Secure Multi-Party Computation system which it claimed "allows iris codes to be encrypted as secret shares and distributed over multiple participants" -- without the need for the codes to be decrypted in order for identity checks to take place.
The suggestion is that this technical architecture transforms iris codes through subsequent processing, including encryption and sharding, in a way that limits individual privacy risks.
As part of these changes, Worldcoin also introduced a feature letting users request deletion of their iris codes. However, the level of control it's giving users has -- evidently -- been assessed as not meeting the GDPR's standard requiring individuals to have control over their information.
And it's important to stress that the GDPR not only sets rules to protect people's privacy; the framework also aims to ensure individuals can have autonomy over information held about them. It's that latter element that poses the biggest challenges to World's proof-of-humanness mission as it does not factor in supporting that level of individual autonomy.
The Bavarian DPA said Worldcoin's biometric-based individual verification procedure entails "a number of fundamental data protection risks for at least a large number of data subjects." And while the authority's statement makes a reference to "improvements" made to the venture's data processing it stresses that "adjustments are still required."
The authority added that its lengthy investigation ended up centered on the need for "comprehensive erasion following withdrawal of consent," and "the associated review of the consent process."
"With today's decision, we are enforcing European fundamental rights standards in favor of the data subjects in a technologically demanding and legally highly complex case," said Will.
World's appeal against the Bavarian corrective order does not address the crux data access issue head on.
Rather it's seeking to frame the matter as a technical question, of how European law should define anonymous data. Hence its blog post about the corrective order kicks off with the line that "World ID is anonymous by design." But trying to build momentum for a lobbying that Europeans deserve fewer individual rights is unlikely to be regionally popular.
Worldcoin has already seen its wings clipped around the region. Enforcement action from other data protection authorities -- including in Portugal and Spain -- saw it subject to emergency action that shut down its eyeball scanning ops in their markets. The two DPAs raised particular concerns about the risks of children's data being indelibly captured.
At the same time, Worldcoin -- or World as it recently rebranded -- has opened ops in Austria.
This article originally appeared on TechCrunch at https://techcrunch.com/2024/12/19/worldcoin-must-let-europeans-comprehensively-delete-their-data-under-privacy-order/