I still don't understand how someone is supposed to benefit from such a thing. If I want to use some service, I'll sign up for an account with it. The only thing a centralized ID is going to do is let the service correlate me with a different account on a different service, which is exactly the thing that I don't want.
How is someone supposed to benefit from a thing whose only function is to reduce the friction against forcing them to correlate their otherwise-independent activity against their will?
What I use my digital id for, is services, where the provider needs to know that I am me.
I only use a small part of the services that we have in Norway that you can access with out digital id (BankID) solution, but those are useful for me, and I do not think all of them would exists without it.
For governmental services, I use it for things like logging into health care services. Where I've used it for checking my prescriptions, and communicating with my doctor. If I had kids I would have used it for contact with the school.
An other governmental use is tax filling and tax returns which comes around every year, and this is just scratching the surface.
When it comes to non governmental usage, it is mostly bank and bank adjacent usage. I do use it to log into my different banks, my stock broker, and insurance providers.
The solution we have in Norway, is not perfect and one of the persistent problems, are that not everyone can get one, and since it is used a lot by the government, not having it, makes you a bit of a second class citizen.
I do believe that they are finally doing something about that, and that the system will be redone a bit next year, so even if the banks don't like you. You will be able to get one.
A well implemented system would somehow allow you to use your ID to prove you have the attributes a service needs (being over 18, able to drive, no criminal records, not a communist or whatever it is they need) without providing any further information that would allow multiple services to correlate ID's against eachother.
Making confirmations of those attributes easily available will only result in more services requiring them. It's not worth the convenience for the vanishingly few cases where such a verification is actually beneficial.
Don't you want ai governance or something? If the last human, political act is to ensure deanonymised data online, and there is then the capacity to slurp all that data up and auto-governance is ushered in, you then just need think about how to tweak the algo to get the effect you want. Who owns the algo, is the question.
You're mistaken, the proposed system isn't centralized. The IDs only exist in the wallet.
The wallet uses Digital Verification Services (DVS) to poll APIs in front of the data the government already holds on you. These services check details you enter against that data and return cryptographic signatures for each. The wallet puts these together as IDs in a bespoke way, depending on what you need to prove. You can have any number of variations of ID and none of them are centralized.
Some of these signed proofs can be disclosed using Zero Knowledge Proofs (a cryptographic means of demonstrating something without demonstrating anything else) which would actually make it harder to 'correlate' you in the way you describe.
Another thing to bear in mind, the ID is backed up by the Data (Use and Access) Act 2025 which reinforces data protection laws and actually wards against the use you describe.
There's a lot of misinformation flying around about this proposal, but the design itself doesn't match the negative characterizations. It's surprisingly good and weighted to the citizen.
> You're mistaken, the proposed system isn't centralized. The IDs only exist in the wallet.
That's a password manager or authenticator app. You don't need a government to do anything to have that.
> Some of these signed proofs can be disclosed using Zero Knowledge Proofs (a cryptographic means of demonstrating something without demonstrating anything else) which would actually make it harder to 'correlate' you in the way you describe.
People always bring this up as a theory, but most of the ZK systems don't actually do this, e.g. they give you a bitstring that "doesn't identify you" but they know who you are when they give it to you, and you're meant to present it to a third party who could collude with the service who does know who you are to map it back to you.
In other words, the ZK proof is an attempt to bamboozle people with complicated math rather than something that really works.
The only way to actually prevent this is to make the data the user presents to the second service indistinguishable for all users meeting the qualification, i.e. if you're over 18 then you get a secret, everyone over 18 gets the same secret, and then the second service just gets the secret and compares it, and you rotate it with some interval which is at least a week. (You can't rotate it continuously or you get timing attacks; even once a week is giving up a non-trivial amount of entropy because you can narrow down the user to the people who have requested the token in the last week and repeat the process every week that person uses it to keep winnowing it down.)
But the proposals don't ever seem to do that, most of them don't even use ZK proofs or don't use them properly.
> Another thing to bear in mind, the ID is backed up by the Data (Use and Access) Act 2025 which reinforces data protection laws and actually wards against the use you describe.
You can't fix this by making it illegal because you don't have a mechanism to identify when they're doing it. You give them data that could identify you and then whether they use it for that happens behind closed doors.
Then you get all of the chilling effects even if they're not (currently) doing it because with no way for people to corroborate, people have to assume that they are. And on top of that, you've now deployed a system that ties everyone's activity to their identity and then it's just the stroke of a pen before they're doing it openly, or it comes out that they're doing it illegally but nobody does anything to stop it a la Snowden.
I don't dispute your general sentiment that the ZK terminology is abused. However, at least one serious attempt exists to deploy a real ZKP system.
Specifically, our system [1] is available as open source [2] and work is underway to implement it in the EU age verification app [3]. I understand that this thread is about the UK and not the EU, and I make no claims about the UK. The system is not theory, but it is already shipping in Google Wallet [4] and in the Open Wallet Foundation multipaz system [5].
> That's a password manager or authenticator app. You don't need a government to do anything to have that.
Too reductive. Password managers and authenticators don't give you any means of passing your official data in an authoritative way.
> The only way to actually prevent this is to make the data the user presents to the second service indistinguishable for all users meeting the qualification
Where ZKPs are used (eg for proof of age over 18) you're describing exactly what the proposal seems to expect.
> You can't fix this by making it illegal because you don't have a mechanism to identify when they're doing it. You give them data that could identify you and then whether they use it for that happens behind closed doors.
The system provides for an auditing service to ensure this doesn't happen without user consent.
> Password managers and authenticators don't give you any means of passing your official data in an authoritative way.
The desire to pass "official data" from someone outside of the entity you're directly interacting with is the design flaw. Stop having that.
> Where ZKPs are used (eg for proof of age over 18) you're describing exactly what the proposal seems to expect.
I suspect that it isn't, because the only systems that actually work in terms of privacy correspondingly can't provide you with any way to identify someone if they're anonymously providing proof of age to anyone who asks, and then it would only take one person to set up a service to do that for everyone. Whereas if you can catch someone who does that you've just proven that the privacy protections aren't real.
> The system provides for an auditing service to ensure this doesn't happen without user consent.
You're suggesting that someone is going to audit something that happens inside of every private company. That's either going to be a box-checking exercise with zero effectiveness or a massively expensive ordeal that only compounds the problem by expanding access to include a set of government auditors -- or both.
The only way three people can keep a secret is if two of them are dead. If you don't want corporations to have your private information, you can't give it to them and then try to stuff the cat back into the bag. You have to prevent them from having it to begin with.
Laws requiring them to collect it are the opposite of that.
How is someone supposed to benefit from a thing whose only function is to reduce the friction against forcing them to correlate their otherwise-independent activity against their will?