In an industry where decentralization and privacy are core tenets, few projects have stirred as much debate as Sam Altman’s Worldcoin—now simply known as “World.” The project has sparked both excitement and alarm for its ambitious vision: using iris scans to verify individual human identities and distributing its native token, WLD, to people across the globe in return.
World’s promise is lofty—financial inclusion through verifiable digital identity. But beneath the surface, critics argue the approach may come at a steep cost: the erosion of privacy, decentralization, and the very self-sovereignty crypto was built to protect.
A New Face of Identity—Literally
The core mechanism behind World’s identity verification is the Orb, a shiny, spherical device that scans a user’s iris to produce a unique “iris code.” This code is used to verify that a participant is a real and unique human, helping to combat Sybil attacks—where one person pretends to be many—to maintain the integrity of decentralized systems.
World claims this system does not retain personal biometric data. Once the scan is complete, the image is deleted, and the encrypted iris code is stored on the user’s phone using privacy-enhancing techniques like zero-knowledge proofs (ZKPs) and multiparty computation (MPC). According to the project, this ensures users maintain control of their data.
However, privacy advocates and decentralization purists are skeptical.
The Centralization Debate
“Decentralization isn’t just about distributing servers—it’s about distributing power,” said Shady El Damaty, co-founder of Holonym Foundation, in a conversation with Cointelegraph. His concern? The use of proprietary hardware and closed-source authentication systems creates a single point of control—a glaring contradiction to the ethos of decentralized identity.
El Damaty argues that even though World leans on ZKPs and MPC to protect user privacy, the model still centralizes key infrastructure in the hands of a single entity. “You cannot claim to be decentralized while controlling the very hardware required for verification,” he said.
World, however, pushed back on this criticism, stating that its infrastructure avoids centralized data storage and that the World App is non-custodial. This, they say, means users retain full control over their World ID and associated crypto assets.
Biometrics and the Shadow of Surveillance
For some, the concern runs deeper than technical architecture. Critics see a worrying pattern: big-tech-style data collection masked as benevolent innovation.
El Damaty drew a sharp comparison between World and Altman’s other venture—OpenAI. “It’s hard to ignore the parallel,” he said. “OpenAI has been accused of scraping massive amounts of unconsented data to train its models, and now World is doing something similar—just with biometric information.”
Indeed, lawsuits have emerged against OpenAI for allegedly using copyrighted material and personal data without permission. While World maintains that it’s a separate company with entirely different practices, the similarity in aggressive data strategies is raising eyebrows.
The project’s primary rollout strategy—targeting low-income communities in developing countries—also invites ethical scrutiny. El Damaty suggests that these communities may not be fully informed about the implications of giving away their biometric data in exchange for crypto tokens. “Informed consent is difficult to establish when incentives cloud the risks,” he warned.
Regulatory Resistance and Real-World Pushback
Global regulators haven’t turned a blind eye. Since World launched in July 2023, countries like Germany, Kenya, and Brazil have voiced concerns about the risks associated with biometric data collection.
Most recently, Indonesia joined the list, temporarily suspending World’s registration certificates in May 2025. While World continues to engage with regulators, the growing list of jurisdictions pushing back hints at a deeper discomfort with the project’s structure.
Despite this, World has made efforts to improve transparency. The company offers translated onboarding materials, in-app learning modules, and a public help center to educate users. Still, some critics argue these steps may not be enough to mitigate the risks for vulnerable populations.
Two Tiers of Participation?
Beyond privacy, there’s a philosophical concern about the social consequences of making biometric verification a gateway to digital access. El Damaty warns of a “two-tiered society,” where those willing to surrender their biometric data enjoy the full benefits of the platform, while those who resist are effectively locked out.
In response, World has stated that participation in its ecosystem does not strictly require an iris scan. Users can still access certain features with an unverified World ID. However, full access and verification remain tied to biometric enrollment.
This approach, while offering flexibility, still raises red flags about potential digital exclusion—especially in a future where identity is increasingly required to interact with decentralized applications, financial services, or even social networks.
Surveillance Risks in Authoritarian Contexts
A further concern lies in the potential misuse of biometric identity systems by authoritarian governments or malicious actors. Centralized repositories of sensitive data—no matter how encrypted—are attractive targets.
World insists its protocol is permissionless, open-source, and specifically designed so that user actions cannot be linked back to biometric data. But skeptics argue that such assurances may not hold in practice, especially without robust, independent oversight.
“Even if your intentions are good, the system you build could be co-opted or exploited,” said El Damaty. “That’s why we need identity protocols rooted in transparency, decentralization, and individual control—not opaque hardware and trust-me encryption.”
A Race Against AI Deception
Despite the criticisms, the need for secure digital identity is real. As artificial intelligence continues to evolve, the ability to distinguish between human and machine online is becoming increasingly urgent.
Evin McMullen, co-founder of Privado ID and Billions.Network, points out that without reliable identity tools, society may soon face a surge in misinformation, deepfakes, and malicious bot-driven manipulation. “Verifying humanity in digital spaces is a national security imperative,” she said.
Still, she adds, such systems must be built with caution: “We can’t solve one problem by creating another—especially one that compromises our autonomy or privacy.”
Conclusion: Balancing Innovation with Responsibility
Worldcoin’s vision is undeniably bold. But as with any powerful technology, it comes with trade-offs. The project’s reliance on proprietary hardware, centralized processes, and aggressive data collection tactics has put it at odds with many in the crypto community.
If biometric identity becomes the norm, the industry must ask: Can innovation and privacy truly coexist? And more importantly—who gets to decide?
To many, the answer lies not in abandoning digital ID efforts altogether, but in building open, decentralized systems that empower users rather than extract from them.
As McMullen puts it: “We must prove our humanity without sacrificing the very freedoms that make us human in the first place.”
