The Ministry of State Security in China classified the collection of biometric data by a foreign company as a national security threat. The official announcement was made via WeChat on August 6, 2025.
Ministry Issues Caution Without Naming Project
In its statement, the ministry did not mention specific project names, but it noted that the data collection practice resembles the formerly announced project ‘Worldcoin’, now known as ‘World’. According to the MSS, the company collects users’ iris scans with promises of cryptocurrency rewards, storing these data through high-resolution scans. Scanning operations occur from Iran to Brazil and are not integrated within decentralized platforms, but rather conducted directly through a ‘Proof of Personhood’ service.
Analysis of National and Individual Security Risks
Iris data, unique to each individual, is one of the most reliable biometric identification methods. Unauthorized access to this data can significantly increase risks of cyberattacks, surveillance activities, and identity theft. If biometric data changes hands, users may face irrecoverable information leaks. On a national level, if data pools fall into the hands of foreign entities, it poses a risk of monitoring critical infrastructures and jeopardizing strategic decisions. The MSS indicated its intention to tighten laws regulating biometric data collection processes and to establish new oversight mechanisms covering similar practices.
Overview of Consequences and Responses to the Threat
The collection of biometric data has raised concerns not only in China but in other countries as well. For instance, in May, Indonesia paused World services due to licensing uncertainties. Meanwhile, Tools for Humanity continues to work on clarifying licensing conditions with local regulatory bodies. Last month, Shenzhen’s financial authorities also issued warnings against platforms promising false cryptocurrency investments, highlighting similar data collection tactics.
The classification of foreign biometric data collection practices as a national security threat underscores the growing concerns regarding personal information security, as well as the necessity of developing clear legal norms in this area.
