The Bavarian Data Protection Authority (BayLDA) in Germany ruled that Worldcoin violated GDPR regulations when collecting users' iris data, requiring it to delete illegally collected data and adjust its data processing procedures. BayLDA stated that Worldcoin must establish a data deletion mechanism compliant with GDPR standards within one month and obtain explicit user consent for certain data processing steps. Additionally, BayLDA also mandated the forced deletion of non-compliant data collected during the initial phase of the project launch in summer 2023. The Worldcoin Foundation has appealed this decision and called on the EU to clarify the legal definition of data anonymization as soon as possible, emphasizing that anonymization is an important tool for protecting privacy in the AI era. (Cointelegraph)