South Korea Fines Worldcoin Foundation $860,000 for Biometric Data Violations

The Worldcoin Foundation and its partner, Tools for Humanity (TFH), have been fined a combined $860,000 by South Korea’s Personal Information Protection Commission (PIPC) for breaching data protection laws.

The fines relate to the improper collection and transfer of biometric data, including iris scans, without adequate consent.

Inadequate Consent and Transparency

An investigation initiated in February revealed that nearly 30,000 South Korean individuals had their sensitive biometric data collected by Worldcoin and TFH without meeting the required legal standards for data processing.

The PIPC found that users were not properly informed about the collection and transfer of their iris data overseas. In addition, the information provided was only available in English, a situation that persisted until March 2024, undermining the process of obtaining proper consent.

The Commission also flagged issues surrounding the absence of a robust deletion process for the biometric data and the lack of age verification measures for users under 14. These findings prompted the PIPC to instruct Worldcoin and TFH to improve their consent procedures and strengthen data protection safeguards.

A Warning for Biometric Data Handlers

The South Korean PIPC has made it clear that adherence to data protection laws, especially concerning the growing use of biometric data, is critical. With the rising global deployment of advanced verification technologies, the Commission’s ruling underscores the importance of ensuring that sensitive information is managed responsibly and transparently.

Global Expansion Amidst Regulatory Scrutiny

Despite this setback, Worldcoin continues to expand its World ID verification services, recently launching in Guatemala, Malaysia, and Poland. The company aims to meet the growing demand for human verification tools to distinguish individuals from bots in an increasingly AI-driven digital landscape.