What service needs a solution to verify identity that doesn't already exist?
Banks do KYC now. Employers already need a National Insurance number to employ someone. Benefits get paid to a named payee. Emergency healthcare needs no insurance and waiting lists come via a GP who indeed knows me.
What service needs a further centralised deposit of power over identity?
For example I get married abroad and I need to change my name, if a system was present I could just go to a website, enter my request, identify and then wait for my new docs to arrive, all while staying abroad.
But it’s even better - banks / employers don’t need all of my information all the time, thy just need to verify that I am who I say I am at that moment, so the credentials I am giving them through a digital system can reflect that. Call it requesting a scope from a government openid system.
And I have the power to revoke that.
And all of the various little government agencies don’t need to request all the documents to bootstrap trust every single time, they can just be given a convenient (timed) access token by me.
Implemented right, it gives much less data to people in a much more convenient and secure way. I guess the “implemented right” is the problem.
But maybe that’s an orthogonal thing that needs to be solved by itself? How we have an independent central banks that doesn’t (shouldn’t) succumb to the whims of governments - they have a clear narrow mission and they are supposed to follow it regardless of what an administration would want.
If we had an “auth provider” government thing that’s mission might be more closely aligned with the population, giving a government _just enough_ data to make it efficient but so it cannot abuse it.
Built in adversity and distrust is how we finally got a government to “work” with the separation of powers and all of that, maybe we need to think about improving the political system with some know how from web tech, cause I think working efficiency, effectively and reliably in an environment of mistrust is what web tech is known for.
Predictably enough, then...
https://en.wikipedia.org/wiki/2022_Optus_data_breach
> In September 2022, Australian telecommunications company Optus suffered a data breach that affected up to 10 million current and former customers comprising a third of Australia's population. Information was illegally obtained, including names, dates of birth, home addresses, telephone numbers, email contacts, and numbers of passports and driving licences.
When will we KYC shoes?