The authorities in Hong Kong have decided to ban the activities of the Worldcoin cryptocurrency project in the region. The Privacy Commissioner for Personal Data of Hong Kong, Ada Chung Lai-ling, stated that the project must cease all operations related to the collection of biometric data, such as scanning iris and facial recognition, as well as their storage. This data collection violates the Personal Data (Privacy) Ordinance, the authority noted.
Investigation and Findings
The investigation into Worldcoin’s activities began in January 2024 after potential breaches of citizens’ personal data privacy were observed. From December 2023 to January 2024, PCPD officials conducted searches at six facilities linked to the project. It was found during the inspection that the collection of biometric data was unnecessary, as operators of the devices could verify participants’ identity in person. As a result, PCPD deemed facial and iris scanning to be unnecessary and excessive.
Privacy Concerns and Violations
The Commissioner also pointed out the absence of a Chinese language privacy agreement, which could have led to local users who do not speak English misunderstanding the project’s terms. This means that participants may not have given true consent to the processing of their biometric data and were not informed of potential risks. Taking all these factors into account, PCPD deemed the data collection to be unlawful.
Furthermore, in April 2024, authorities in Buenos Aires identified violations in Worldcoin’s operations, uncovering unfair user service conditions, and in March, the project was blocked in Spain at the request of the Spanish Data Protection Agency (AEPD). These actions underscore a growing concern regarding the compliance with privacy and security of personal data in cryptocurrency projects.
