Spanish High Court Upholds Temporary Worldcoin Ban

The Spanish High Court on Monday sided with the country’s data regulator to uphold a three-month ban on OpenAI founder Sam Altman’s controversial digital identity and cryptocurrency platform Worldcoin due to privacy concerns.

See Also: Live Webinar | Secrets Detection: Why Coverage Throughout the SDLC is Critical to Your Security Posture

The Spanish Data Protection Agency last week imposed a three-month ban on the cryptocurrency in Spain after the agency received multiple complaints about the lack of transparency in how Worldcoin uses and processes the personal data of Spanish citizens, including minors.

The regulator raised concerns about Worldcoin’s collection and processing of biometrics data, which it said posed “high risks to the rights of individuals.” The agency called the temporary ban a “precautionary measure” to ensure the “protection of personal data.”

Following the ban, Worldcoin last week accused the Spanish regulator of “circumventing established procedures under GDPR” to issue the temporary ban and for spreading “inaccurate and misleading claims” about the company. Worldcoin subsequently appealed.

The Spanish High Court upheld the temporary ban Monday, according to a Reuters report.

Worldcoin uses decentralized iris-scanning technology for identity verification to issue its cryptocurrency coin. The project, which claims to be the “world’s largest identity and financial public network,” requires users to install an app and scan their irises with a device called an Orb.

The Orb verifies that the user is human and creates a hash for that person’s unique iris to set up a World ID, which allows users to authenticate themselves without having to reveal their specific identity.

Worldcoin has been mired in controversy since its launch and has come under the scrutiny of the French, German, British and Argentinian data regulators over data processing and compliance requirements.

The company claims it operates lawfully and has worked closely with the Bavarian data protection authority to ensure compliance under the General Data Protection Regulation.

The company did not respond to a request for comment from Information Security Media Group.