Most digital identity systems are built with good intentions.
Governments intend to protect citizens, reduce fraud, and comply with regulations. Platforms seek safety, compliance, and scale. Institutions want clarity, consistency, and proof that the right is being done.
The core issue is not intention, but system architecture, a key lever for achieving policy outcomes.
Again and again, digital identity policies become technical systems that fail to match their intended outcomes. Instead of reducing risk, they concentrate it; instead of preserving personal safety, they expose it; and instead of building trust, they erode it. This happens because policy objectives are regularly implemented via the most readily apparent technical path: increasing data collection, centralizing storage, and managing access through a single unified system. While this can appear efficient in planning documents, in real-world implementation, it frequently leads to complex, fragile systems that do not scale sustainably.
Centralised identity architectures are inherently attractive targets. Aggregating high-value data in a single location creates significant incentives for attackers and makes breaches not just possible but inevitable over time. This causality is evident across governments, healthcare systems, credit agencies, and technology platforms. The question becomes not if such systems will be compromised, but when.
When that happens, the consequences are asymmetric. Institutions absorb the loss of public trust and running costs. Individuals absorb permanent risk. Identity data cannot be rotated, reset, or reissued in any meaningful way. Once exposed, it follows people for life.
What is especially troubling is that, in policymaking and oversight, these outcomes are rarely identified as architectural failures. Instead, because breaches and other negative outcomes are treated as isolated operational mistakes or implementation errors, the underlying design remains unaddressed, and the harmful cycle continues.
Good policy should constrain bad outcomes by design. However, many digital identity systems structurally embed these bad outcomes. This is due to assumptions in the architecture—that security, governance, and good faith will always be perfect—that rarely hold in real-world scenarios.
There is also a disconnect between policy language and technical reality. While regulations use terms like protection, minimisation, and proportionality, the systems built to enforce them require maximal disclosure to prove minimal facts, thereby escalating exposure rather than reducing it.
Thus, proving eligibility exposes full identities; safety measures widen exposure; compliance resembles surveillance.
To improve, ask: What is the minimal data required? Must it be stored? How can the design reduce harm at every stage?
Honest answers yield: minimize data, build trust, and structurally limit the impact of failure.
Digital identity fails not because of the wrong goals, but because breaches, misuse, and abuse are treated as rare rather than expected.
To foster identity infrastructure that commands public trust, legislators should treat architecture not as a technical consideration but as a central ethical choice that affects long-term outcomes.
Good intentions are never enough. The architecture of a system ultimately determines who is protected—and who is left exposed—when things go wrong.