Main Points :
- Thailand’s PDPC ordered deletion of 1.2 million iris scans and a full operational shutdown of World (formerly Worldcoin).
- Regulators argue the token-for-biometric-data exchange violates Thailand’s Personal Data Protection Act (PDPA).
- World faces global scrutiny, with investigations or suspensions in Germany, Kenya, Spain, Portugal, Hong Kong, Brazil, Colombia, and others.
- The project has begun shifting toward secure multiparty computation, redesigned Orbs, and non-biometric verification using passports + NFC.
- Regulatory pressure signals a new era: “Biometric governance” will define which crypto projects survive the next cycle.
- For investors, this trend creates room for privacy-preserving identity tokens, zk-ID solutions, compliance-friendly KYC networks, and alternative decentralized reputation systems.
1. Introduction: A Global Flashpoint Between Crypto, Biometrics, and Regulation
The rapid expansion of crypto-based identity networks has collided with growing concerns around data governance, privacy, and national sovereignty. This tension reached a new peak on November 25, 2025, when Thailand’s Personal Data Protection Committee (PDPC) ordered World, previously known as Worldcoin, to delete approximately 1.2 million iris scan records collected in the country and halt all domestic operations.
The project—co-founded by OpenAI CEO Sam Altman—was built on the idea that a universal digital identity (called a “World ID”) could authenticate real humans online. But its core method, involving biometric “Orb” devices that scan users’ irises in exchange for WLD tokens, has been criticized worldwide for undermining meaningful consent, potentially exploiting low-income participants, and storing irreplaceable biometric data on global infrastructure.
Thailand’s shutdown is not an isolated event: nearly a dozen countries have taken similar actions. But Thailand’s scale—1.2 million scans—makes this one of the largest enforcement waves yet.
This article provides:
- a structured summary of the event
- an analysis of global regulatory trends
- additional context from recent developments
- opportunities for crypto investors and builders
- and a full Japanese translation afterward
It also includes a visual chart illustrating regulatory actions worldwide.
“Global Regulatory Actions Against Worldcoin (2023–2025)”
2. Thailand’s Enforcement: What Exactly Happened?
2.1. PDPC Orders Deletion and Suspension
Thailand’s Personal Data Protection Committee concluded that World violated key principles of the country’s Personal Data Protection Act (PDPA). The main issues cited:
- Collecting iris data in exchange for tokens (WLD) undermines “freely given consent.”
- Biometric information is categorised as sensitive personal data, demanding the highest level of protection.
- Participants may not have fully understood the risks, permanence, and irrevocability of biometric sharing.
- The company allegedly did not meet Thailand’s transparency requirements.
Therefore, the PDPC issued:
- Deletion of ~1,200,000 iris scans collected in Thailand
- Immediate suspension of all domestic operations
- Removal of Thailand from the list of supported “Orb” locations
2.2. World’s Response
In an official statement posted on X (formerly Twitter), World’s Thailand division said:
- They have temporarily suspended verification services.
- They have removed Thailand from the official Orb deployment list.
- They assert they have operated legally, complied with local regulators, and provided transparent information.
- They do not accept the accusation of illegality.
This dispute mirrors past conflicts in Europe and Africa, where World consistently argues that its data architecture is privacy-preserving and user-controlled.
3. Worldcoin’s Regulatory Challenges Around the Globe
3.1. Countries With Investigations or Suspensions
Since launching in 2023, World has encountered regulatory pushback in:
- Kenya – mass verification sites shut down; Parliament launched an investigation.
- Germany – data protection authorities found violations of EU’s GDPR.
- Spain & Portugal – temporary suspensions due to minors allegedly being scanned.
- Brazil, Colombia, Indonesia, Hong Kong – inquiries into data storage and consent.
- India – requests for clarifications, heightened scrutiny on biometric programs.
The recurring regulatory themes include:
- insufficient clarity on data storage
- risk of coercive consent (due to token incentives)
- concerns over storing immutable biometric data
- transparency of algorithms and cryptographic guarantees
- suspicion toward global biometric databases
3.2. Why Regulators Are Concerned
Core concerns:
| Issue | Why It Matters |
|---|---|
| Biometric permanence | Unlike passwords, iris data cannot be replaced if leaked. |
| Economic incentives | “Paid” consent may not be free consent under data laws. |
| Cross-border storage | Sovereign states fear foreign control of citizen biometrics. |
| Mass surveillance risk | Identifiers could link online and physical identity. |
| Power centralization | A global biometric database controlled by a single entity raises antitrust and geopolitical questions. |
These concerns have led some regulators to describe World as “the most sensitive privacy test case of the decade.”
4. World’s Technological Countermeasures
Facing global pressure, World has launched multiple security and transparency upgrades:
4.1. Secure Multi-Party Computation (sMPC)
The project began transitioning its biometric system to:
- split encrypted data across multiple nodes
- prevent any one party from reconstructing a user’s biometric template
- reduce the risk of centralized database compromise
This aligns with privacy-preserving techniques used in certain zero-knowledge identity networks.
4.2. Redesigned Orb Devices
A new generation of Orbs includes:
- enhanced transparency indicators
- open-source firmware
- displays showing what is being processed
- improved security audits and verifiable logs
These upgrades seek to address critics claiming the previous Orb version operated as a “black box.”
4.3. Non-Biometric Verification
Responding to regulators, World introduced:
- passport-based verification
- NFC-enabled secure identity checks
- no biometric collection required
This may become the path forward in markets hostile to biometric scanning.
5. Broader Implications for Crypto Investors and Builders
For readers seeking new assets, income sources, or practical blockchain applications, the World incident reveals several market opportunities:
5.1. The Rise of Privacy-Preserving Identity Tokens
As regulators push back on biometric models, demand grows for:
- zero-knowledge ID
- decentralized reputation systems
- selective-disclosure identity proofs
- wallet-based attestations
Projects building zk-ID, anonymous compliance, or proof-of-humanity without biometrics may benefit.
5.2. National Digital Identity + Crypto Interoperability
Countries like Singapore, Japan, UAE, and the Philippines are moving toward:
- government-issued digital ID
- eKYC credential wallets
- signed attestations that work across DeFi and centralized exchanges
These systems could replace biometric-heavy models.
5.3. Institutional Trends and New Revenue Sources
Investors should track:
- identity-as-a-service tokens
- decentralized oracle networks for KYC events
- privacy-preserving transaction scoring
- hybrid compliance + anonymity infrastructure
With increasing regulation in crypto, compliance-layer protocols may become valuable long-term assets.
6. Recent Developments (2024–2025) from Other Sources
Here are additional developments relevant to the World ecosystem:
6.1. WLD Token Market Behavior
- WLD has experienced volatility in reaction to regulatory announcements.
- When Germany and Kenya announced suspensions in 2023–2024, WLD briefly dipped by 15–25%.
- After the 2025 Thailand order, similar short-term volatility was observed.
6.2. Competition Intensifies
Major players emerging in decentralized identity (DID):
- Polygon ID — zero-knowledge KYC
- Ethereum “EAS” Attestation Standard — on-chain credentials
- Soul-bound tokens (SBT) — reputation layers
- zk-KYB networks for corporate verification
These may offer “safer” alternatives compared to biometric-driven ID.
6.3. Governmental Shifts Toward Data Sovereignty
Nations are prioritizing:
- local storage
- local encryption
- banned export of biometric data
- third-party audits for digital identity projects
Thailand’s action is part of this larger sovereignty movement.
7. Conclusion: A Turning Point for Global Crypto Identity
Thailand’s deletion order and suspension represent more than a regulatory event—they symbolize the broader global debate over who owns identity, how biometric data should be governed, and what a safe digital ecosystem should look like.
For builders:
It is now essential to design products with privacy by design, local compliance, and non-coercive consent models.
For investors:
This regulatory wave will elevate projects that prioritize privacy, decentralization, and zero-knowledge infrastructure, leading to a new category of investable assets beyond tokens—identity protocols, attestations, and compliance rails.
For the industry:
The era of “scan your iris for a token” may be ending.
A new phase begins: privacy-first identity for a regulated crypto world.
