> However if there's a digital ID system that lets the government instantly know everything about a person, you lose the protection of friction.
"Digital ID" doesn't necessitate that all data is collected into one gigantic store with centralised access. Just that you can use the same attestation of identity to access the various systems. And you can also grant others access to a limited subset of the data.
If the government wanted to they could already have set up some direct access from (say) the passport office to HMRC. It's all digital anyway, backwards as the UK government can be, they're not sending people to pore over paper ledgers in person like in The Jackal.
Some of the system already works like this anyway with the share codes for permission to work for foreigners and proving your driving licence.
Theoretically you would also be able to have an audit log of who asked for attestation for access to which system using that ID. Which you currently don't have when everyone is doing it by passport scans, NI numbers given over the phone and so on.
What it does allow is a creeping over-attestation especially of non-government services where you need to use the ID to do things that were previously anonymous or at least potentially anonymous. But since you currently need to use a driving license or selfie to look at boobies, that's already a thing.
It also, depending on cryptographic implementation, can leak information about attestations directly to the government. For example if I certify my identity at BumTickling.com, the website might only find out that I'm over 18, but the government may then know that BT.com's operator requested attestation of my ID's age field. Whereas currently, BT.com's (probably) shady identity service partner may have my selfie and know I tried to look at BT.com, but the government (probably, maybe they forward these things secretly) doesn't know about it unless they audit that partner.
It also has the possibility to gate access to government services behind app installations which, when done lazily, means not only smartphones are required which is bad enough, but specifically Google and Apple devices.
"Digital ID" doesn't necessitate that all data is collected into one gigantic store with centralised access. Just that you can use the same attestation of identity to access the various systems. And you can also grant others access to a limited subset of the data.
If the government wanted to they could already have set up some direct access from (say) the passport office to HMRC. It's all digital anyway, backwards as the UK government can be, they're not sending people to pore over paper ledgers in person like in The Jackal.
Some of the system already works like this anyway with the share codes for permission to work for foreigners and proving your driving licence.
Theoretically you would also be able to have an audit log of who asked for attestation for access to which system using that ID. Which you currently don't have when everyone is doing it by passport scans, NI numbers given over the phone and so on.
What it does allow is a creeping over-attestation especially of non-government services where you need to use the ID to do things that were previously anonymous or at least potentially anonymous. But since you currently need to use a driving license or selfie to look at boobies, that's already a thing.
It also, depending on cryptographic implementation, can leak information about attestations directly to the government. For example if I certify my identity at BumTickling.com, the website might only find out that I'm over 18, but the government may then know that BT.com's operator requested attestation of my ID's age field. Whereas currently, BT.com's (probably) shady identity service partner may have my selfie and know I tried to look at BT.com, but the government (probably, maybe they forward these things secretly) doesn't know about it unless they audit that partner.
It also has the possibility to gate access to government services behind app installations which, when done lazily, means not only smartphones are required which is bad enough, but specifically Google and Apple devices.