What's Wrong with Worldcoin's Approach to Privacy?

Rebutting Worldcoin's assertion of privacy by design

Disclaimer: I am expressing some strong opinions, but they are just opinions. Nothing herein constitutes legal advice or financial advice.

Introduction

In fairy tales, a troll is a squat, ugly ogre type creature, who grunts and drools and forces travelers to pay a toll or answer a riddle before the traveler is allowed to cross the bridge. Sometimes, the troll kills the traveler if the traveler gets the answer wrong. It’s the stuff of nightmares.

Riddle: The more you take, the more you leave behind. What am I?

As the owner of a privacy tech company, I often say that it isn’t privacy tech just because the founders say it is. They need to walk the walk. But sometimes the disclosures read like riddles and are hard to unpack, especially when it seems so earnest. And, sometimes, you have to figure out what someone is not saying to understand what they are saying.

As you know, I have been putting together a bunch of webinars on privacy and security in the Metaverse due to my growing alarm about scams and violation of privacy rights in this new space. The webinar coming up on Thursday, March 31 (my mom’s birthday, may she rest in peace) is focusing on cryptocurrencies (promo code at the end of this piece).

I wasn’t sure where to take this upcoming panel until I read about the recent investment by Andreeson Horowitz and Khosla Ventures in Worldcoin.

The headline was “Here’s why the creepy Worldcoin project raised $100 million in private token sale.”

When something feels “creepy” it means that you think your privacy rights are being violated. I found my story.

Here’s the scoop. Worldcoin developed a hardware device, called an Orb. The Orb is an iris scanning device. They have strategically placed these Orbs in different countries across four continents (they disclose Chile, Kenya, Indonesia, Sudan and France). In each city, they post a job for an “Orb Operator” to stand on the street and convince people to scan their eyeballs via the Orb in exchange for “free” cryptocurrency from Worldcoin.

Do you remember in the movie Minority Report when Tom Cruise had his eyes replaced? He did it to avoid identification. It was so gross. I remember it vividly, the sick, dirty doctor wiping his runny nose, in a dirty room with moldy food.

Ewww.

Minority Report is a movie about a man who thinks he is building a utopia, stopping murder before it happens, only to realize it is a dystopia.

As I said before, sometimes companies use privacy techniques without actually furthering privacy principles, so I am naturally suspicious. In this case, I really want to give Worldcoin the benefit of the doubt because I want good people to build good things that really helps, especially the marginalized and the underrepresented.

Edward Snowden on Twitter

Buckle up, because here is my research and opinions on Worldcoin.

“A new, collectively owned global currency that will be distributed fairly to as many people as possible.” Worldcoin’s mission statement.

PRIVACY AND PRIVACY TECH

Like we saw with Tom Cruise’s character in Minority Report, scanning the iris is a method of identification and verification.

To begin my research, I started reading Worldcoin’s privacy page, which is actually titled as privacy by design¹. When I got to the statement quoted below, I felt it was a bit pedantic. However, undeterred, I finished the privacy page and then moved on to the “How the Launch Works.”

Some of the things we explain in this post are simplified to make them easier to understand; for a more technical description of how Worldcoin works, read How the Launch Works.

Worldcoin is using the iris scan to create a unique “anonymous” identifier, called an embedding, of your eye scan as its method of proof-of-personhood. They say that the Orb collects the jpeg iris scan and then that jpeg is converted into an embedding and sent to their database. The jpeg is deleted and, by the way, never leaves the Orb. That is a good privacy practice.

As a second layer of privacy by design, once your wallet is created based on the above, they use zero knowledge proofs² to deposit your free Worldcoin. This privacy technology protocol helps them make sure no free Worldcoin is deposited twice to the same person, ensuring fairness.

Proof-of-personhood, unlike proof-of-stake or proof-of-work, has a purpose of trying to guarantee that every unique person receives an equal amount of the reward. It is trying to fix the problem of Sybil attacks (i.e. many virtual identities). However, true to the nature of blockchain, creators wanted to come up with a method that at least attempted to maintain some privacy, which is what proof-of-personhood is meant to be. According to Wikipedia, there are a few methodologies for proof-of-personhood and it looks to me like Worldcoin is going for the “strong identities” method.

I like the idea that you verify identity and then hide or anonymize the identity in any future use cases by deleting the image and using an embedding (which you can think of as a fancy term for a computer generated code from the image, or as Snowden called it, a “hash”).

I don’t like the idea that biometric data is used as the verification method, especially biometric data that is so, dare I say, immutable?

When I first read the proof-of-personhood argument that Worldcoin makes on their website, I thought, yes, I know, they need to do KYC. You see, traditional financial institutions, which are regulated, are required to conduct due diligence on their customers to prevent fraud and financial crime. This know-your-customer (KYC) due diligence currently involves disclosure of a lot of personal information, like name, birthdate, driver’s license, passport, etc. In the blockchain and cryptocurrency sector, there is no middle person and most of the transactions are peer-to-peer so KYC obligations are not stringent but most crypto exchanges have opted in to the practice.

Bottom line is that Worldcoin does not have to do KYC and proof-of-personhood is not required. They are doing it so that they distribute the free Worldcoin evenly.

A requirement is one thing, but to require proof-of-personhood when it is not required by a regulation? Oh, I see, it is a requirement of the company’s strategy. So, the privacy question becomes, is it better to use your iris as the method of proof-of-personhood over the in-person, social network or Turing test methods? Is that adhering to privacy by design principles?

I am not sure, but I am leaning towards “no.”

If the sole purpose is to prevent giving free Worldcoin to people who have already received their free Worldcoin allotment i.e. a specific type of fraud to Worldcoin, then, yeah, I think their approach to anonymize the jpeg by creating an embedding and then destroy the original jpeg, which remained in the Orb, is pretty good, especially since they need it to scale to billions of people.

It’s that billions of users that must have drove Worldcoin to adopt biometric scanning for proof-of-personhood because it can scale. The other methods could scale but at lower accuracy. At least, that is the argument. So, they really had no other choice, right?

Well, other than don’t give away “free” Worldcoin.

Reading between the lines, it seems you can just pay for your Worldcoin and hold it in your digital wallet without giving up an eye scan.

You pay one way or the other.

Remember how I said I found out about Worldcoin just this week? Well, a reader of my Linkedin post pointed me to a very small little hyperlink at the top of the privacy by design page that describes how they are conducting their field work. This is where my hopes and dreams were really dashed. Worldcoin is currently also collecting body scan images, videos and face data. Wow. Remember above where I said the iris scan jpeg never leaves the Orb? Well, apparently, all of that field work data, including the iris scans, is not kept locally on the Orb, but encrypted and sent to a datacenter.³ Sorry if I misled you.

So riddle me this. I submit that the North star for Worldcoin is to be the only universal cryptocurrency in the world, the “one coin to rule them all.” I mean, it’s in their name.

The strategy is that everyone will not only want Worldcoin, but need to own it to exist. So how do they get there? Their brilliance is in this strategy. Convince people they are privacy-forward, approach users in areas where people are excited about the idea of “free” crypto and willingly exchange biometric information for it. This builds adoption and FOMO. Once Worldcoin reaches critical mass, the option of an iris scan for proof-of-personhood is replaced by the requirement of an iris scan to get Worldcoin, which you now have to have. It’s now the toll you have to pay. And why not? Who is to say they can’t require it?⁴

Troll Bridge Credit M Wayne Miller

Now they have a massive database of embeddings for almost every person in the world. A universal social security number, so to speak. Just like Snowden warns.

Being the issue spotting attorney that I am, I have to take it to the dystopian future. Let’s theorize that the founders are pushed out and new executives come in. The new executives and shareholders believe that advertising is an untapped, but very lucrative, use of the iris scans. The new guard doesn’t have the same anti-advertising values as the current founders seem to have. The have their lawyers review the privacy statement and it is vague enough to let them use all the biometric data for other purposes, like pushing ads to each unique individual. They already have the technology to scan irises from far away, and maybe they even build technology that enables them to reverse engineer the original jpegs of the iris scans, adding metadata that attaches the person’s name, gender, age, etc. Now they can identify a person walking down the street with a simple iris scan and push a personalized ad to that person.

Welcome to the world of Minority Report.

---

I am breaking up this blog post into two parts. I suggest, if you read the above and are getting a bit tired of it, that you come back and pick up here. I have attempted to write this so the break is natural and may also be a good time to reflect on what I have just proposed.

Security and Secure Technology

I want to switch the focus to embeddings for a moment. You might be wondering how embeddings work, so I will do my best to describe how my brain thinks about them. In machine learning there is a mathematical formula that basically says that the distance between two embeddings creates a statistical probability that they are different, thereby establishing uniqueness of one person from any other person in the system. Our iris is the best biological feature we have in terms of being unique enough from every other person that we can generally rely on the machine’s accuracy in calculating that distance. As a tech nerd, that’s pretty cool.

But using an iris scan is still creepy.

It can often be hard to distinguish between privacy and security. You can have security without any privacy in it, like the original concept of blockchain. Privacy means, “I don’t have to give you any information about myself if I don’t want to and yet, I can still live my life the way I want to live it.” Security is about preventing a bad thing from happening and sometimes will demand you give up some personal information to make sure you aren’t that bad thing.

I submit that the iris scan is all about security. It has nothing to do with privacy.

And the bad thing that might happen is you might take more free Worldcoin than you should be allotted. So the security isn’t for you, but for Worldcoin.

Proof-of-personhood is a security protocol to establish identity and verification, which are security concepts. You can either adopt a method that preserves the right to privacy, i.e. I don’t need to give up my data for you to trust that I am a person, or you don’t. When you adopt a biometric data based method, then you are opting out of a privacy by design method and you must now employ the best in class security available.

If you would allow me a moment to digress, I want to address the unbanked. In a survey conducted a few years ago, the unbanked in the United States were asked why they did not have a financial institution relationship and 1/3 of them said it is because of privacy concerns (that KYC stuff again). If you think about the benefits of cash currency, you can use it without providing any personal information. The only downside is that the more you have, the heavier it gets. Cryptocurrency avoids the weight problem, but doesn’t alleviate the privacy problem. I can trace all your transactions through the immutable ledger system. This is why “off-chain” transactions have been created to attempt privacy preservation.

And that is where we run into the security problems again. How do you make sure the off-chain transaction was not perpetuating a fraud?

If using an eye scan is security and creating an embedding from that eye scan is a way to anonymize the eye scan for privacy purposes, then the obvious question to me is, can an embedding be reverse-engineered? It’s a valid question and as someone who has been in cybersecurity for some time, my thought is, if you can’t currently, someone will figure it out. I will just leave this white paper here that I found after one search inquiry on Google.

A centralized database with a way to identify and access every human being on Earth is scary. I cannot get away from being recognized if that method of recognition is my eyeball. I am not getting my eyeballs replaced. Ew, Tom Cruise.

So the security issues here are security of the data. Well that’s not new and neither is their handling of it. That one paragraph in the privacy statement that warns no system is a 100% secure is not very comforting (and the FTC agrees with me)

Recognizing that they need to address security in their privacy by design marketing, Worldcoin spends time in the “How the launch works” section to describe the security of the Orb. It discloses that significant time and energy was spent to prevent spoofing and tampering security threats. Spoofing is when someone tries to fool the Orb with fake eyeballs. Since your iris scan is used to create your wallet and nothing further, there is no benefit to you. In other words, they aren’t preventing a hacker from spoofing your account. Just from tricking the Orb. For the anti-tampering description, they are trying to protect your data that is in the Orb from unauthorized access or collection. So anti-tampering security is protecting you since it would minimize the threat of a data breach/ data loss.

But that’s it for security.

Wait, huh? As I mentioned before, it is what they don’t disclose that is telling.

They briefly mention that they are sending analytics on Orb operations to the cloud, which is not the first time they mention reliance on the cloud. The cloud does have benefits, many of them to your security, so long as the right knobs are turned. I would like to see more explanation of that knob turning.

Specifically, I would like answers to the most common security questions. What are the deletion procedures for that jpeg image of the iris? Are they going to delete that training data collected during field work?⁵ What encryption method are they using to transmit the embeddings to the cloud database for storage? What encryption method is used for the data in storage at the cloud datacenter? Which cloud datacenters are they using? Do they rely on Amazon S3 for the deep learning models to run on the embeddings? Is the transmission between the S3 bucket and the embedding database encrypted? Who has access to the database? Who has access to the Orbs? Who has access to S3? Principle of least privilege? Do they have experts reviewing the code and the zero knowledge proof algorithms for potential vulnerabilities or bugs?

Throughout, they disclose they are relying on third parties, like Ethereum. Their privacy statement is quite unsatisfactory on this point as well. It says they share the data with third parties who have a legitimate purpose for accessing it. Are they doing privacy and security due diligence on those third parties? Why can’t they list them?

Look, I am very excited about Web3 and its possibilities. I do believe in cryptocurrencies because I like the security that comes with it and that it requires less reliance on third parties who could lose my money. I also think it is a great solution for the other 2/3 of the unbanked. But privacy needs to catch up and while I believe it is trying to catch up as fast as possible, it is not fast enough.

With de-centralization comes the burden of everyone having to do their own due diligence. You have to be even more knowledgeable about security than you were when the Google’s and Microsoft’s of the world did it for you. No more Precognitives predicting and protecting.

Conclusion

I thought I would wrap up this post with three suggestions for Worldcoin. If you like this article, please let me know what you think and if you have any further suggestions. Collectively, we can create change.

1. When I checked the Linkedin for Worldcoin last week, I could not find an indication of a separate and distinct privacy department or a separate and distinct information security department. If they want me to take their disclosures seriously, then I need to see them “walk the walk” and hire people in these departments and give these departments a real budget and authority. No reporting to legal BS.

2. I think the privacy statement is horrendous. Maybe it is because they don’t have a dedicated privacy professional in-house, but when you are building technology that you are selling based on the pains you take to be privacy-forward, don’t then sell me a privacy statement that is clearly a copy and paste job and that gives you all sorts of wiggle room in your data collection, processing and sharing practices. And don’t use cookies on your website.

3. Create a distinct security page that addresses all the common security questions, most of which I raised above. It isn’t entirely the Orb’s security that people care about. They care whether their data is being secured at every vulnerability point, from collection to processing to disposal. You don’t have to guarantee security, but you do need to be transparent about it.

Unfortunately, I don’t think Worldcoin is a privacy tech company. I think they are marketing privacy as justification for what they are doing. I would be curious to know if everyone at Worldcoin has had their iris scanned for purposes of training the models.

I really don’t want to pay the ugly troll a toll to cross this bridge. Oh, and to answer the riddle at the beginning of this blog post, it’s your footsteps.

You’re the best,

Caroline

P.S. I really want you at our webinar this week. I don’t have many RSVPs yet, so I am including a promotion code, which is Promise. The promise I am making you is it is free. The promise I ask in return is that you attend or watch the YouTube recording. This webinar is going to be so good. We have some real heavy panelists. March 31, 2022 11AM EDT via Zoom.

P.P.S. I found out while writing this article that one of the founders of Worldcoin is a founder of YCombinator. ClearOPS has applied and not gotten in to YCombinator. Full disclosure.

---

About the author: Caroline McCaffery is a co-founder at ClearOPS, which stands for clear operations in privacy and security. ClearOPS is a third party risk management platform for buyers and sellers speeding up review times to get to trust faster. She is a frequent blogger and speaker with over 20 years of experience as a lawyer working with tech startups. You can connect with her on Linkedin.

Security Expert Marketplace is the only exclusive community for vCISOs. Providing vCISOs with community, private events and public speaking opportunities, the Security Expert Marketplace is on a mission to facilitate better security.

1

Privacy by design has 7 basic principles and there are many good resources out there on it so I won’t explain them, but instead redirect you to the IAPP’s article on it https://iapp.org/media/pdf/resource_center/pbd_implement_7found_principles.pdf and a new organization that I happen to be involved with https://instituteofprivacydesign.org/certification-standard/. As a side note, I noticed that Worldcoin’s actual privacy statement is a faded grey on the bottom of their website. This is actually what is known as “dark patterns,” a method of discouraging a user from clicking on it by obfuscating it. tsk tsk Worldcoin.

2

Worldcoin also uses zero knowledge proofs, a privacy technology protocol applied to blockchain transactions that proves you are the secret owner without forcing you to reveal the actual secret. I am really excited about ZKP and am impressed with their use of it. I read about the Semaphore ZKP protocol that they use and the best way to describe it is that it proves you own the wallet with Worldcoin without actually disclosing your secrets so Worldcoin can deposit their cryptocurrency. I presume they will also use the protocol for voting, when they get there. I could write a whole blog post on this alone.

3

It is worth noting that deep learning techniques often require a lot of data. When I read their data collection practices for field work, I did note that they are almost apologetic about it and promise to stop collecting this extra data once field work is done and their models are trained. That is a big loophole because new models are developed every day and machine learning is advancing rapidly, so their models could potentially never be trained. However, we use deep learning at ClearOPS, so I do understand the accuracy problem very well. I know I am lucky to be in a business where I don’t need personal data for our A.I., but that was also a choice. I want to thank the reader who pointed this out to me. My jaw dropped when I read it. It dropped again when I read they plan to continue to collect this data, but it will be voluntary after field work is done.

4

Hello regulators and law makers! This is your job!

5

I mean, how embarrassing is that video footage collected? Is it someone twirling around on the street?