- Spain has moved to block Sam Altman’s cryptocurrency project Worldcoin, the latest blow to a venture that has raised controversy in multiple countries by collecting customers’ personal data using an eyeball-scanning “orb.”
- Worldcoin has registered 4 million users, according to a person with knowledge of the matter. Investors poured roughly $250 million into the company, including venture capital groups Andreessen Horowitz and Khosla Ventures, internet entrepreneur Reid Hoffman and, prior to the collapse of his FTX empire, Sam Bankman-Fried.
- “I want to send a message to young people. I understand that it can be very tempting to get €70 or €80 that sorts you out for the weekend,” España Martí said, but “giving away personal data in exchange for these derisory amounts of money is a short, medium and long-term risk.”
- Sharing such biometric data, she said, opened people up to a variety of risks ranging from identity fraud to breaches of health privacy and discrimination.
No they are proprietary as a whole. Parts of the hardware design are published, and parts of the software that runs on them, but not the whole thing.
Fundamentally Worldcoin is about ‘one person, one vote’, and anyone can create millions of fake iris images; the point of the orb is that it is ‘blessed’ hardware using trusted computing (or to use the term coined by the FSF, treacherous computing) and tamper detection to make sure that a central authority (namely Sam Altman’s Worldcoin foundation) has signed off on the orb running the exact secret / proprietary software running on the orb that generates an identity.
They could have alternatively have built a system that leverages government identity using zero-knowledge proof of possession of a government-signed digital identity document. But I think their fundamental thesis is that they are trustworthy to be a central authority who could create millions of fake identities if they wanted, but that governments are not.
I buy the centralization/trust criticism, if not the idea that government id would be an acceptable or functioning alternative (it’s not the case that every government is trustworthy or that everyone in the world has id or that those ids are easily verifiable). There’s also the problem of people being able to just sell their credentials. But it still seems misleading to focus on the idea that there is a big danger here of biometric data being collected when it likely isn’t and when it already is used and collected in many other contexts.