Digital ID — The Control-Grid Component
Identity is the load-bearing component. Once a population is enrolled into a single verifiable credential, every other capability on the grid — payments, content access, benefits, movement — can be hung off it. This page documents the deployment country by country, scored in the Convergence Index. The framing each jurisdiction uses differs (inclusion, security, child protection, anti-fraud); the infrastructure converges.
China
China runs the reference implementation: a mandatory national Resident Identity Card issued from birth, linked to residence, banking, telecoms, and travel, with no legal limit a citizen can invoke against state access. The identity layer sits underneath the surveillance stack — facial-recognition deployment at national scale, with blacklisted individuals’ faces projected on intersection billboards, and an estimated $2.6 billion of state investment in a single recognition vendor, SenseTime (SCMP). There is no Article-45 debate and no Puttaswamy judgment here, because there is no independent check to have the argument in front of: the 2017 National Intelligence Law obliges any organization to support state intelligence work on demand. Capability, scale, and unconstraint all max out — which is why China anchors the index at the top.
European Union
The EU is building the same identity layer with the rule-of-law framing bolted on, and the timeline is now imminent. Under Regulation (EU) 2024/1183 (in force 20 May 2024), every member state must offer a compliant EU Digital Identity Wallet by the end of 2026, with regulated relying parties — including banks — obliged to accept it by late 2027 and a Commission target of 80% adoption by 2030 (European Commission; EUR-Lex 2024/1183). The framework’s most-contested clause is Article 45, which constrains browsers from enforcing their own security requirements on government-issued certificate authorities; more than 400 cybersecurity experts and NGOs signed a Mozilla/EFF letter warning it hands any member state the technical means to intercept any EU citizen’s encrypted traffic (EFF; Mozilla; The Register). Running ahead of the wallet, the Commission’s July 2025 age-verification “mini-wallet” — built on the same technical stack as the EUDI wallet — is piloting in France, Spain, Italy, Denmark, and Greece, an explicit on-ramp to the full identity layer (European Commission). The limits are real but eroding at the margins, which is why the EU scores high on capability and low on unconstraint.
India
India built the world’s largest biometric identity system — Aadhaar, with roughly 1.4 billion enrollments linking fingerprints, iris scans, and facial photographs to a 12-digit number (UIDAI). It is also the clearest documented case that exclusion is not an edge case but the operating logic: the Right to Food Campaign documented more than twenty starvation deaths where authentication failures blocked subsidized-ration access, with failure rates of 49% in Jharkhand and 37% in Rajasthan — worn fingerprints and changed iris patterns locking out laborers and the elderly (NPR; Scroll.in). In January 2018 Tribune India reporters bought database access for about $8 through a WhatsApp group, exposing 1.1 billion records; the UIDAI’s response was to file a police complaint against the journalist (Tribune India). The Supreme Court’s 2018 Puttaswamy judgment upheld Aadhaar 4:1 but struck down mandatory bank and SIM linking and the national-security access provision (Supreme Court Observer). The ratchet turned again in February 2025: new amendment rules opened Aadhaar authentication to private businesses — e-commerce, travel, hospitality, healthcare — which critics argued “virtually re-legislate what was struck down” (TechCrunch).
United States & United Kingdom
Neither country has a single mandatory national ID — and both are assembling the equivalent by other routes. The US has no federal scheme (fragmented Real ID and state driver’s licenses — DHS), but it operates the watchlist apparatus (the TSDB, ~1.2 million names, with documented false positives on children — CRS), the private identity-by-scraping of Clearview AI (60 billion images; a $51.75M settlement leaving the company an equity stake — ACLU), and, since Free Speech Coalition v. Paxton (June 2025, 6–3), a wave of state laws requiring verified-age identity to access lawful content — roughly 25 states by end of 2025 (Justia; EFF). The UK went furthest fastest: the Online Safety Act’s “highly effective age assurance” duties took effect 25 July 2025 (VPN sign-ups surged ~1,400% that day — ITIF), and in September 2025 the government announced a national digital ID — branded “BritCard” in the press — initially mandatory for Right-to-Work checks (GOV.UK). A Parliament petition against it passed 2.9 million signatures (Petition 730194); in January 2026 the government dropped the mandatory element ahead of consultation — but kept building the underlying layer (GOV.UK Wallet, One Login at 12M+ users, digital Right-to-Work checks regardless — Computer Weekly; House of Commons Library). The retreat was on the branding and the single-provider mandate, not on the identity layer.
The counter-argument
The strongest case for the infrastructure is real: the World Bank estimates about 850 million people lack official identification and are therefore locked out of healthcare, education, and financial services, and its ID4D programme frames digital ID as the unlock (World Bank). India’s own government credits Aadhaar-linked direct transfers with saving roughly $1 billion a year in fuel-subsidy leakage. Both readings are correct at once: the same enrollment that delivers a subsidy is the enrollment that can withhold one. The component does not care which motivation enrolled you.
Part of the Convergence Index component set. Scored in the interactive index; full cross-country comparison in the convergence table. Source dossier maintained at evilrobots.lol.