Fundamentally a state has the right to know who is resident. Residents have to make a tax declaration, while citizens must be available for jury duty. A state photo identity seems like a good idea.
Today everything is computerised. Does that mean that there should be more or less information on an identity card? To me there should be less. A card should show your name and your face, and then a reference number used to access a state-managed database. Several different databases in reality. The police should have access to a database with your criminal record, while an authorised medical facility should have access to your medical records.
The card should be "machine readable", but the machine info should be identical to the human-readable information.
Today most identity cards also have your age and your sex. I think this is private information that you only share by choice. For example, to buy alcohol you need to prove your age. So you should be able to go to the post office and get a "civil certificate" that lists the information that you want to share. When you buy alcohol you present your ID card, saying who you are, and the civil certificate saying the age of that person.
What about identity theft? What happens if I lose my card? Well, really its going to be like your credit card. You will get a new ID card with a new number, and the old card's number will be invalidated. The card's number is not your ID number. On the other hand, the old number must not be reused immediately. So the card must have an expiry date, and the number should only be valid with that expiry date. Just like a credit card.
OK, but what happens if someone copies my card? This is a real risk. You can't copy a "chip and pin" credit card, although you can pretend. You can easily copy a digital passport. In the case of the ID card, every database access should be logged, and as the identity principal you should have a web access to monitor each access. Optionally you should be able to enter your mobile phone number and get an SMS every time someone uses your card number to access your personal information.
So what happens if I use my ID card to open a bank account, and then I lose my card. When I get a new card are my bank accounts blocked because the old number is invalid? Obviously a card verification result is valid until the card expires. So even if the card changes, the bank must accept your identity at least until the old card expires naturally. Depending on applicable legislation a bank may require you to update your card information at the end of the old card's validity date.
It should be impossible or illegal to deduce your identity from the card number without going through a state database. Most state databases should require the card number plus the name before providing any results. So your local post office or hospital can't surf the records using people's names. However a hospitable may have personnel specially authorised to invoke emergency powers to perform a search only on the name. In this case each search must be justified to an appropriate judicial representative after the fact.
With this system, what would the problem be? I think its not the existence or use of a state ID card, it is the requirement to produce the card when interrogated by the police. Somehow its like a requirement of self-incrimination, I can understand the reluctance. However if you can't identify yourself immediately to the police they have to power to take you into custody. So for most of us we would empty our wallet to find any partial identity they might accept. For dignity’s sake, I'm not sure that the ID card is worse.
