Proof-of-personhood → programmable identity: Worldcoin, eIDAS 2.0, the Digital Euro, Chat Control, and the Online Safety Act
Compiled 2026-06-10. Overlay — evidence-graded (fact | contested | weak | unsupported), excluded from the formal proofs. Ties to reject-age-verification and age-verification-abolition. The incentive analysis ("the real reason why") is in digitalid-orchestration-real-incentive.
Five tracks are usually covered as separate news stories. Read together they re-build one stack from five angles — a biometric "are-you-a-human" credential, a state identity wallet, state programmable money, message-scanning, and ID-bound age-gating on speech. Every track is sold on a harm no parent argues with (CSAM, deepfakes, minors, fraud). The provable thing is the stack; coordinating intent across the actors is not asserted here (graded and quarantined).
1. Worldcoin / World — the private "human" credential
OpenAI co-founder Sam Altman's World (built by Tools for Humanity) scans irises with an "Orb" to mint a World ID "proof of personhood" plus a WLD token. Altman's stated rationale (fact): because AI can now imitate humans online, you need a way to prove a human is human. It claims >18M people verified across ~160 countries (contested — self-reported).
It has been banned, suspended, or investigated for biometric-consent and data-protection violations in Brazil, Spain, Hong Kong, Portugal, Germany, Kenya, South Korea, Colombia, Indonesia (May 2025), the Philippines (Oct 2025 — "exploitation of vulnerable populations"), and Thailand (Nov 2025 — ordered deletion) (fact). Yet while blocked abroad it is expanding in the US, and in April 2026 announced World ID verification partnerships with Tinder, Zoom and Docusign (fact). The reading (contested): the same node that built the deepfake problem (OpenAI) is selling the identity "cure," positioning World ID as the human-login layer for AI-era platforms.
2. eIDAS 2.0 / EU Digital Identity Wallet — the keystone
Under Regulation (EU) 2024/1183 (in force May 2024), all 27 member states must give every citizen/resident an EU Digital Identity Wallet by December 2026 (fact). The wallet binds national eID to driving licences, diplomas, professional qualifications, and bank accounts in one credential, with selective-disclosure age proofs. The EU Age Verification Blueprint was open-sourced 15 Apr 2026 and is being piloted by FR/DK/GR/IT/ES/CY/IE (fact). Security caveat (contested): the reference age-verification app was reportedly spoofed within ~2 minutes and specs remain incomplete near the deadline — reinforcing the futility result. Reading (contested): once identity, credentials, and bank account share one credential, every later "age check" or "payment" becomes an authenticated, logged identity event.
3. Digital Euro — the programmable-money half
The ECB retail CBDC: European Council approved the direction Dec 2025; a European Parliament vote is expected June 2026; ECB targets technical standards in summer 2026, a pilot in H2-2027, and possible first issuance ~2029 (fact). Marketed as "digital cash" with privacy/offline features (contested claim), but a central-bank ledger is programmable and identity-linkable by construction. It supplies the money half of an identity+money rail and pairs naturally with the EUDI wallet — the public-money mirror of the US private-stablecoin Treasury rail (macro-stablecoin-treasury-rail).
4. EU Chat Control (CSAR) — the lever switch
"Chat Control" originally mandated client-side scanning of private messages. After years of opposition, Denmark dropped the mandatory-scan requirement on 31 Oct 2025 (Germany and others refused), and the Council position adopted 26 Nov 2025 removed the forced-scan/break-encryption mandate — but it (a) legitimises "voluntary" scanning of non-E2EE messages and (b) adds mandatory age verification for communication providers. Trilogues run Feb/May/June 2026 (fact). Reading (contested): the surveillance objective survived the "privacy win" by switching levers — from scan-everyone to identify-everyone (age verification kills anonymity). The child-protection frame is the constant.
5. UK Online Safety Act — the revealed preference
Age-verification duties went live 25 July 2025; Ofcom demands "highly effective" checks (facial estimation, credit card, digital ID) and can fine up to £18M or 10% of global revenue, with senior-exec criminal liability (fact). The public response was immediate and telling (fact): Proton reported +1,400–1,800% UK signups ("levels usually associated with civil unrest"), NordVPN +1,000%, and half the launch-day top-10 UK App Store apps were VPN/ID apps. Ofcom concedes it cannot stop VPNs and has floated action against VPN promotion. Reading (contested): mass circumvention shows the public reads this as surveillance, and the enforcement reflex (go after VPNs next) reveals the goal is attributability, not merely blocking minors.
The common pattern
| Track | Public justification (the defensible one) | Structural output (what it actually builds) |
|---|---|---|
| World / Worldcoin | "tell humans from AI bots" | a global biometric human-registry login |
| eIDAS 2.0 EUDI wallet | "convenient, secure eID" | identity + credentials + bank account in one credential |
| Digital Euro | "digital cash" | programmable, identity-linkable central-bank money |
| Chat Control (CSAR) | "stop CSAM" | legitimised scanning + mandatory age verification (de-anonymisation) |
| UK Online Safety Act | "protect children" | ID-bound age gates on speech, enforced by revenue-scale fines |
The honest claim: the stack is real and converging on a calendar (EUDI + Digital Euro + Chat Control trilogues all land 2026–27). What is not claimed here is a single coordinating cabal — that question, and the incentive that explains why so many actors push the same stack behind the same frame, is taken up (graded) in digitalid-orchestration-real-incentive.
← Research index · structured data: digitalid-worldcoin-eid-convergence.json · digitalid-worldcoin-eid-convergence.md