[semi-extrinsic]

> We could potentially do ID checks that only show exactly what the receiver needs to know and nothing else.

A stronger statement: we know how to build zero-knowledge proofs over government-issued identification, cf. https://zkpassport.id/

The services that use these proofs then need to implement that only one device can be logged in with a given identity at a time, plus some basic rate limiting on logins, and the problem is solved.

[9dev]

Thank you - this gets way too few attention especially among tech folks. People act like uploading your government ID to random online services was the only solution to this problem, which is really just a red herring.

[Seattle3503]

Uploading IDs is the only solution we will get unless the people who care about privacy come up with something better.

[9dev]

OP literally highlighted a working solution. The EU is actively pursuing a knowledge proof solution that doesn't require uploading IDs.

[worldsayshi]

Yes this is what I'm thinking about!

The challenge here though is to prove to the user, especially without forcing the user to go into technical details, that it is indeed private and isn't giving away details.

The user needs to be able to sandbox an app like that and have full control of its communications.