Privacy, Technology and Perspective
A Biometric Database run by a Cryptocurrency Corporation? – Not Now, Please; Maybe Not Ever: “Worldcoin,” a startup founded by Sam Altman and Alex Blania, has launched a cryptocurrency based on iris-scanning. Worldcoin’s valuation is said to have passed $1 billion already and its founders project that by 2023, 1 billion people will use Worldcoin’s technology. Details about Worldcoin’s launch appear in the following link:
Worldcoin: An Overview
Worldcoin combines (i) blockchain with (ii) an iris-scanning device, creepily called “the Orb.” To earn tokens, users must submit to Orb iris-scans. Worldcoin calls this “giving a free share [of Worldcoin tokens] to everyone on Earth.”
“Free” is ironic to the point of arguably misleading, however. Worldcoin tokens are only available in exchange for the user’s surrender of his or her biometric iris prints. In our view, this transaction may be many things, but if it requires the surrender of your biometric eye scans, it certainly isn’t “free.”
Worldcoin’s Privacy Claims:
On its website, Worldcoin touts the personal information it’s not asking for, while claiming to have mysterious, near-secret knowledge to use and cloak what it does want. Says Worldcoin: “We have designed Worldcoin in a way that both requires as little personal data as possible and preserves the privacy and anonymity of its users. Specifically, we determine whether you are real and unique without requiring you to provide personal information like your name, email address, physical address, or phone number. To make all of this possible, we use technological and cryptographic techniques that many people are not yet familiar with.” (emphasis added)
Worldcoin claims to create identifiers that correlate to the iris scans, but not to store the original scans themselves. Yet the identifier that is iterative of the iris scans directly identifies each individual user, and that identifier is stored in a presumably centralized database for the purpose of “checking uniqueness.” Why biometrics are required for this kind of check is an open question. A link to that webpage describing all of this follows:
In its Privacy Statement, Worldcoin is also circumspect about its use of biometrics. It references Worldcoin’s collection of “Authentication data” and generally offers vagaries about the use, sharing and security of that data. A link to that Privacy Statement follows:
Here are some questions that we have on a cursory review:
So our question is: Who will have access to the data and under what conditions?
What will they do with their hashed database of your iris scans (or identifiers)? Worldcoin’s Privacy Statement doesn’t say much about that, either. But some of the Statement’s information appears to be contradicted by other information that is publicly available. For example, on Twitter, it’s been noted that with respect to data use, Worldcoin’s current job openings include positions demanding expertise in machine learning, facial recognition, and creating larger data sets. See M. BTC (@MarkMulvey) October 22, 2021, https://twitter.com/m__btc/status/1451454389068222466.
And how is Worldcoin securing this information? With respect to the all-important issue of data security, Worldcoin’s Privacy Statement hedges, declaring that Worldcoin “strives to ensure that our systems are secure and that they meet industry standards, “seeks to protect Data that is provided to Worldcoin by third parties and by you,” and “endeavors to engage third-party service providers that have security and confidentiality policies” (emphasis added). “Strives,” “seeks,” and “endeavors” stop well short of any assurance that their cybersecurity measures will work — or even that they are being held to any specific industry standard, much less assessed or tested. While such language is not atypical, overall, the Security section of the Privacy Statement lacks specificity. We also find Worldcoin’s professed compliance with “industry standards” to be incongruent with the statements made by Worldcoin on its “Privacy by Design” page, referenced above, where, as previously mentioned, Worldcoin declares: “we use technological and cryptographic techniques that many people are not yet familiar with.” (emphasis added)
Privacy Commentators are Noticing:
Worldcoin’s use of biometrics has not escaped attention from privacy commentators. In response to Worldcoin founder Sam Altman’s Twitter announcement about the launch, Edward Snowden (of all people) tweeted:
This looks like it produces a global (hash) database of people’s iris scans (for “fairness”), and waves away the implications by saying “we deleted the scans!” Yeah, but you save the *hashes* produced by the scans. Hashes that match *future* scans.
Don’t catalogue eyeballs.
— Edward Snowden (@Snowden) October 23, 2021, https://twitter.com/Snowden/status/1451990496537088000
When Altman expressed surprise about the controversy, Mark Mulvey, author of the crypto-investing newsletter “Surf Report,” responded:
You missed the entire zeitgeist of tech, culture, and finance right now
The extreme surveillance and compliance measures in response to the pandemic combined with irresponsible centralized banking policy suggest now is not the time for a biometric coin corporation.
— Mark (@MarkMulvey) October 23, 2021, https://twitter.com/MarkMulvey/status/1452034709740036102?ref_src=twsrc%5Etfw
Our View: Biometrics and Cryptocurrency should Not be Combined, especially where Data is Stored a Centralized Database presumably run by a For-Profit Company:
Confirming identity through biometrics is almost uniquely dangerous, both to a person’s privacy from sweeping commercial and governmental surveillance, and as a matter of cybersecurity which the affected person can’t control. Some biometrics (such as facial recognition as you walk down a street) are readily used in public and en masse, while others—like fingerprints and iris or retina scans—can’t be changed or disguised.
Once biometrics like these are compromised (by hacking, sale or use without authority, or however else), the person they identify has, in effect, lost control of his or her identity altogether and is at a heightened, perhaps irreducible risk for identity theft.
In the past, we have written extensively about privacy and biometric information. One of our posts, entitled, “The High Cost of Groceries – Paying with Iris Scans” appears in the following link:
Here, the cost of Worldcoin is too high because it comes at the expense of the biometric privacy of its users. In our view, centralized biometric databases should not play a role in the future of cryptocurrencies — especially cryptocurrencies that are controlled by controlled by private enterprises whose practices are opaque and largely unregulated.
Hosch & Morris, PLLC is a boutique law firm dedicated to data privacy and protection, cybersecurity, the Internet, and technology. Open the Future℠