Do the Orbs adequately protect user privacy, or are there risks to be aware of?

Answers

The Bavarian data-protection authority (BayLDA) ordered Worldcoin to delete millions of stored iris hashes for violating the EU’s GDPR, proving that the hashes remain personally identifiable data under European law despite World’s “anonymisation” claims

Core Orb firmware and biometric pipeline are open-source, allowing anyone to audit that no personal data is retained

Prominent technologists warn the Orb scheme could create a dystopian biometric registry

AMPC’s MPC pipeline retains raw iris codes on-device, ensuring that biometric images never leave the Orb

World ID relies on zero-knowledge proofs (ZKPs) that mathematically prevent anyone from linking a person’s World ID across apps.

An independent Trail of Bits audit found no path to extract personally-identifiable data from production Orbs

South Korea’s Personal‑Information Protection Commission fined Worldcoin ₩1.1 billion (≈ US$0.8 m) for illegally collecting 30 000 irises and transferring the data overseas without consent.

Related topics

Sources

Don't catalogue eyeballs

South Korea fines Worldcoin for violating personal protection laws

Large-Scale MPC: Scaling Private Iris Code Uniqueness Checks to Millions of Users

Worldcoin Foundation open sources core components of the Orb’s software

Vitalik Buterin outlines ‘four major risks’ with Worldcoin following token launch

Worldcoin orb privacy and security audit report

Introducing AMPC: Another leap in privacy and performance for World ID

World(coin) must let Europeans comprehensively delete their data, under privacy order