Centralised digital identity systems are often presented as a sign of progress.
They promise efficiency, consistency, and control. One system. One source of truth. One place to verify who someone is. For governments and large institutions under pressure to act quickly, this model feels reassuring.
But when identity becomes centralised at scale, the risks change in ways that are both predictable and underappreciated.
Centralisation concentrates value. A single identity system can hold names, dates of birth, addresses, biometric data, behavioural signals, and links to services across health, finance, education, and communication. That concentration makes the system enormously attractive, not just to attackers, but to anyone with an incentive to access, monetise, or repurpose the data.
This is not a theoretical concern. History is full of examples where large, centralised identity or personal data systems were breached, misused, or quietly expanded beyond their original mandate. Healthcare databases, credit agencies, telecom registries, and government portals have all demonstrated the same pattern. Scale increases impact. Centralisation increases fragility.
What is often misunderstood is that these failures are not primarily caused by poor execution. They are caused by design.
Any system that aggregates high-value personal data into a single point of control creates a single point of failure. Even with strong security practices, the incentives to attack, exploit, or abuse such systems grow over time. Technology changes. Threat models evolve. Governance erodes. Vendors rotate. The system persists, but the assumptions it was built on no longer hold.
When breaches occur, the consequences are not evenly distributed. Institutions may face fines, audits, or reputational damage. Individuals face identity theft, fraud, profiling, exclusion, and long-term vulnerability. The system survives. The people adapt.
There is also a quieter failure mode. Centralised identity systems tend to expand in scope. What begins as a solution to one problem gradually becomes infrastructure for many others. Data collected for verification is reused for enforcement. Systems built for access become tools for monitoring. Each expansion is justified as efficient, necessary, or logical. Rarely is consent meaningfully revisited.
Over time, identity stops being something a person controls and becomes something that defines how they are seen by systems they cannot influence.
This is why centralisation at scale should never be treated as a neutral architectural choice. It is a decision that determines how power is distributed, how failure is absorbed, and who is exposed when things go wrong.
The question is not whether centralised identity systems can work in ideal conditions. It is whether they are resilient to real-world conditions: human error, institutional drift, evolving threats, and political change.
In the next stage of this conversation, it becomes important to look at what happens when these systems are deployed at a national scale, and what lessons other countries should take from those experiences.
Because once identity becomes infrastructure, reversing course is far harder than building it in the first place.