Some of the bureaucratic battles that a functional government would be fighting right now include establishing manual identity management as an essential state function, NSA red teams to enable defensive improvements to widely used software and networks, widespread antitrust action if not progressive corporate taxes to limit the extent of a single vulnerability, postal banking, automatic tax filing, and a whole host of different data protection & privacy acts.
A breach like Equifax should have cost their shareholders 100% of their shares, if not triggering prosecutions.
We are not doing any of this because we are being led by elderly narcissists who loathe us and rely on corporate power, in both parties, and that fact was felt at a gut level, and enabled fascism to seep right in to the leadership vacuum.
> identity management as an essential state function
I dimly remember some sci-fi book, the kind where everything was Very Crypto-Quantum, and a character was reminiscing about how human spacefaring civilization kinda-collapsed, since the prior regime had been providing irreplaceable functions of authoritative (1) Identity and (2) Timekeeping.
Anyway, yes, basic identity management is an essential state function nowadays, regardless of whether one thinks it should be federal or state within the US.
That said, I would prefer a tech-ecology where we strongly avoid "true identity" except when it is strictly necessary. For example, the average webforum's legitimate needs are more like "not a bot" and "over 18" and "is invested in this account and doesn't consider it a throwaway."
The current standard is "Whoever receives calls to my cell phone number is effectively me". The designee of all account recovery actions.
The terrifying thing about this is that phones are almost trivially SIM cloned, surveilled, and impersonated, when they're not just owned with malware.
