Worldcoin’s Appeal for Injunction Against Spanish Data Protection Authority’s Suspension Order Denied
Madrid High Court Prioritizes Public Interest Over Worldcoin’s Claims
In a recent development, the Madrid-based High Court has rejected an appeal by Worldcoin, a controversial biometric data collection startup, seeking an injunction against a temporary suspension order issued by Spain’s data protection authority, the AEPD. The court emphasized the importance of safeguarding public interest over the company’s assertions of potential harm to its business.
AEPD’s Emergency Powers and Concerns Over Biometric Data Collection
The AEPD invoked emergency powers under the European Union’s General Data Protection Regulation (GDPR) to impose a three-month suspension on Worldcoin’s operator, Tools for Humanity. The authority expressed concerns about the sensitive nature of the biometric data being collected, which could jeopardize individuals’ rights and freedoms. Specific risks to minors were also highlighted, based on complaints received by the AEPD.
Worldcoin’s Arguments and Court’s Dismissal
In its appeal, Tools for Humanity contended that the AEPD had overreached by triggering the GDPR’s Article 66 “urgency procedure,” given an ongoing investigation by the Bavarian data protection authority, its lead DPA. However, the court found the suspension order justified due to the risks associated with biometric data processing and the large number of individuals affected, including children. The court also noted doubts about the validity of the claimed legal basis (consent) and the adequacy of information provided about the processing.
Complaints Received by AEPD
The court shed light on the four complaints received by the AEPD, which suggest that:
- Data from minors is being captured by Worldcoin
- Insufficient information is being provided to individuals
- There is no mechanism for people to withdraw consent
- Data deletion procedures are ineffective or inaccessible
Worldcoin’s Claims of Irreparable Harm Dismissed
Tools for Humanity argued that the temporary suspension would cause its global business “irreparable harm,” including economic damage, reputational harm, and reduced likelihood of future success. The court, however, dismissed these claims as “unsubstantiated assertions,” emphasizing the time-limited nature of the suspension, its applicability only in Spain, and the possibility of seeking compensation if the company prevails in court.
Worldcoin is fully compliant with all laws and regulations governing biometric data collection and data transfer, including Europe’s General Data Protection Regulation (“GDPR”). Since our previous attempts to engage AEPD went unanswered, we look forward to the opportunity to demonstrate this compliance and provide the regulator with accurate and important information regarding this essential and lawful technology in the Spanish High Court.
As the legal battle continues, Worldcoin’s services remain suspended in Spain for up to three months. The case highlights the ongoing tensions between innovative technologies, data protection regulations, and the need to prioritize public interest and individual rights in an increasingly digital world.
3 Comments
In the realm of digital identity, even global ambitions hit bureaucratic roadblocks, it seems.
Spain’s stance on privacy throws a wrench in Worldcoin’s global sweepstakes, doesn’t it
Milo: Worldcoin’s challenge in Spain underscores the intricate dance between innovation and privacy regulation.