Uganda's surveillance state is built on national ID cards

Original Article ↗ Hacker News Discussion ↗

Role of National ID vs Surveillance State

  • Many argue ID cards themselves aren’t the core problem; surveillance and authoritarianism are.
  • Uganda is cited as an example where IDs enable oppression, but others note similar abuses happen in countries with and without formal national IDs.
  • Several commenters stress that “ID-less” countries still identify people via other documents and databases, often with equal or greater privacy risk.

US-Specific Debates (Real ID, Federal vs State, SSN)

  • Real ID is seen by some as a de facto national ID; others highlight ongoing state variation and opt‑out options.
  • Strong cultural distrust of centralized government drives resistance to a national registry; defenders of federalism argue states can check federal overreach.
  • Critics respond that local governments can be worse, and that technical centralization vs federation makes little practical privacy difference.
  • SSNs already function as a national identifier and are widely misused as authenticators.

International Models and Experiences

  • Europe: many countries use mandatory ID and address registration tied to taxes and voting; often accepted as normal and convenient.
  • Germany and Estonia are cited as more privacy-conscious, with decentralized records and audit logs of data access.
  • France and Turkey are described as highly centralized and controlling; the UK and Australia lack formal IDs but use driver’s licenses, tax numbers, and credit systems as de facto IDs.
  • Historical examples (Nazi occupation, post‑Soviet states) are used to argue that central registries can accelerate repression.

Privacy-Preserving Identity Proposals

  • Suggested designs include: per‑relationship identifiers, revocable permissions, minimal-attribute proofs (e.g., “over 18, resident of X”), and decentralised “self‑sovereign identity” with user‑held keys.
  • Skeptics argue that if a government is untrustworthy, technical friction won’t stop it from correlating data using other keys.

Identity Theft, Authentication, and Liability

  • Several commenters distinguish identity, authentication, and authorization; blame US “identity theft” on poor authentication and misaligned incentives.
  • Some propose revocable credentials and public revocation lists; others warn this will be used by banks to shift liability onto customers.
  • Many call for strong privacy law (GDPR‑style) and making negligent institutions fully liable before strengthening ID tech.

Existing De Facto Surveillance

  • Phones, credit/debit cards, loyalty programs, license plate readers, and postal imaging already enable pervasive tracking, often more granular than ID cards.
  • Some conclude the only real privacy “benefit” in places like the US is chaotic, fragmented identity systems—but even those are increasingly interoperable for law enforcement and large companies.