In the near future, the most valuable thing you own will not be your bank account, your driver’s license or even your home. It will be you: your identity. The power to prove who you are, backed by accurate and verifiable data, will become the key that unlocks nearly every part of life. Access to government services, job opportunities, travel, health care and even participation in your community will all depend on it.
We already see this future coming into focus. From online transactions to border crossings, from health record access to voting security, the world is moving toward a system where identity and personal data must be verified, authenticated and trusted. Yet in many states, the policies and frameworks that govern digital identity remain an afterthought. They are often added onto other initiatives or left to private-sector solutions that may not serve the public interest. That is a dangerous path.
When governments fail to define their role in digital identity, they risk handing that authority to organizations that may prioritize profit or control over individual rights. Without clear public policy, identity systems can grow in ways that erode privacy, weaken security and diminish personal autonomy, often without the public even realizing it is happening.
THE PREMISE OF STATE-ENDORSED DIGITAL IDENTITY
State-Endorsed Digital Identity, or SEDI, begins with a simple idea: Identity belongs to the individual — not to the state, not to a corporation and not to a third-party verifier. The rightful role of government is not to grant identity, but to endorse and protect it.
This approach ensures three important things: privacy, because no one is tracking when and where a credential is used; resilience, because proof of identity works even when there is no Internet connection; and freedom, because individuals can transact without being silently profiled or blocked by a hidden gatekeeper.
THE CORE PRINCIPLES OF SEDI
SEDI is not a static blueprint. It is an emergent strategy, designed to adapt as technology, threats and public expectations evolve. It rests on several core principles:
- State Endorsement as National Security Infrastructure: Digital identity is too foundational to democracy, commerce and security to be outsourced. States must lead.
- Open Standards and State-of-the-Art Infrastructure: Systems must be built on open, interoperable protocols that are future-proof and invite innovation.
- Individual Control and Self-Determination: Identity belongs to people. They choose when, where and how to use it.
- Zero Surveillance and Zero Tracking: Verifying your identity should never generate a trail of data that can be mined or abused.
- Backward Compatibility and Continuous Improvement: New credentials should work alongside legacy systems, while steadily raising the standard for privacy and security.
- Supportive Laws and Policies: Legal frameworks must enable adoption through liability protections, affirmative defenses and clear statutory guidance.
POLICY AND DESIGN REQUIREMENTS
To make these principles real, states must set clear rules and expectations for digital identity systems. That means requiring features like:
- Guardianship and delegation for minors, vulnerable adults and trusted agents.
- Recoverability so people are not permanently locked out if a credential is lost or stolen.
- Quantum-resistant encryption by default, to prepare for the future.
- Unlinkability, so verifiers cannot piece together a person’s interactions without consent.
- Minimal disclosure, where only the information needed for a transaction is shared.
- Interoperability that allows credentials to work across state lines while respecting sovereignty.
- Transparency and redress, so people can see how credentials are used and can challenge misuse.
THE URGENCY OF INTENTIONAL POLICY
Digital identity will not wait. If states do not act, identity will be defined by others. Private companies, foreign governments and global platforms already see the opportunity. Their systems may serve commercial or strategic interests, but they will not necessarily protect individual rights or democratic values.
The good news is that states have a choice. By leading, they can ensure that digital identity serves the public interest. They can set the standards, define the rules and protect their residents.
A CALL TO ACTION
On Oct. 17, 2025, Utah will host the State-Endorsed Digital Identity Summit, the nation’s first state-led, multistate collaboration on digital identity. Legislators, CIOs, chief privacy officers, policymakers and public interest leaders will gather to shape the principles and frameworks that will guide identity for decades to come.
This is not another tech conference — it's a chance for state leaders to align on one of the most important governance challenges of our time.
The stakes are clear. If we fail to act, identity will be defined for us by whoever has the resources and ambition to control it. If we act together, we can ensure that identity remains what it has always been: ours.
Policy must be intentional. Rights must be protected. And the future of identity must be led by the states. SEDI is the path forward.
Learn more and register for the State-Endorsed Digital Identity Summit.
Christopher Bramwell is the chief privacy officer for Utah.
