Any system mandated by the government will have a backdoor to deanonymize users. Nothing would convince me otherwise.

The places you actually need an ID are so rare, I don't think it's worth it to build such a system (and no, porn or social network definitely aren't valid use cases).

It's a problem in search of a solution.

We also need liability. Every time someone’s data is lost, the company losing it must be held accountable. They owe us huge amounts of money, and executives + board members should be jailed. No free pass.

Let’s see then if they really want to collect all our information all the time. Right now, they take it and handle it irresponsibly because they’re free from consequences.

My driver's license should have some anti-tamper identity proof that can do a challenge response. Or let me go pay a few bucks for an identity proof at the post office.

There must be a dozen other ways smarter people can think of but identity verification kills profits so the smart people don't work on them IMO. It's more profitable for social media to be an astroturfed shithole. It's more profitable to remove control of your PC.

You just need to deploy auditable (source-available, reproducible-build, firmware checksums LCD on-chip) biometrics booths that generate private keys from normalized biometric inputs, and then use those ephemeral private keys to generate and sign portable identity keys. Most people have fingerprints and retina patterns and that’s twelve signatures on an identity alone, allowing for continuity across severe biometrics events like regrown fingertips etc.

A nonprofit business could do this if backed by all existing dotcom and bitcoin billionaires. But they’d all want to profit from it, so either non-profit (NGO) or governmental it is.

Fun fact: this is already a core function of USPS. They serve as an identity verification hub for both US passports and their informed delivery and PO box services. They just have a human-dependent process rather than an identity-generator booth. So they’d be perfectly positioned to take your ID, hand you an attestation request QR code, and get your identity-signatures on it — without being able to reverse-engineer your biometrics from those signatures, but still being able to detect gross variances when someone else tries to lie about being you in a future verification.

Anyways, none of this will likely ever happen, but the rich tech folks could make it happen at any time if they cared to. Instead we get THE ORB which is doing retinas as a for-profit without auditable artifacts or hardware. Sigh.