Spain’s data protection regulator, the Spanish Data Protection Agency (AEPD), has issued a directive to Worldcoin’s parent company, Tools for Humanity, demanding the cessation of data collection and the use of already gathered information.
The decision, reported by the Financial Times and confirmed through a press release to Blockworks, emphasizes the need for immediate compliance, granting Worldcoin a 72-hour timeframe to adhere to the order.
This precautionary measure mandates Worldcoin to discontinue all data collection and processing activities while ensuring that previously collected data will not be utilized. The order comes in response to multiple complaints lodged against the company, highlighting concerns over insufficient information disclosure, data collection from minors, irrevocable consent, and other breaches of data protection laws.
pain’s General Data Protection Regulation, which places biometric data under “special protection” due to its sensitive nature, underscores the gravity of the situation. The AEPD’s decision aims to prevent potential data transfers to third parties and protect individuals’ fundamental rights to personal data privacy.
According to the AEPD’s statement, “This decision is based on exceptional circumstances, where it is necessary to adopt precautionary measures aimed at the immediate cessation of the processing activities to prevent the possible transfer of data to third parties and to safeguard the fundamental right to the protection of personal data.”
The order specifies that Worldcoin will be prohibited from operating within Spain for a “maximum period of three months,” marking a significant regulatory action aimed at ensuring the protection of personal and biometric data.
Worldcoin has previously faced international scrutiny over its practices, with incidents reported in Kenya and questions raised by regulators in Germany and France regarding the legality of its biometric data collection efforts.
Worldcoin’s native token, $WLD, is down 10% on the news.