红杏视频

As we鈥檝e been warning for several years, a wave of U.S. digital driver鈥檚 license programs that lack strict privacy controls threatens to create a privacy nightmare that remakes the Internet and swings power from individuals to large institutions. Almost without exception, the states that are enacting or piloting these programs are doing so without engaging in political conversations and debates about the predictable negative consequences they will bring and the need for privacy and other protections. These state legislatures are ceding decision-making power to other parties such as secretive international committees, DMV bureaucrats, big tech, and the TSA 鈥� and the decisions made around digital IDs will bear upon everyone鈥檚 privacy and free speech rights.

There is, however, one state that is a prominent exception to this neglect: Utah. Legislators and state officials there, acting with the blessing of governor Spencer Cox, are forging an interesting and promising path with a program they are calling 鈥淪tate-Endorsed Digital Identity,鈥� or SEDI. In March 2025, after unanimous (!) passage by both houses of the state legislature, the governor signed a bill, , that establishes the SEDI concept and outlines some initial principles for it. The bill has gaps, and lacks any enforcement powers, but Utah officials say it鈥檚 a preliminary authorizing measure that is envisioned as being followed by more detailed implementing legislation down the road. Utah has also created a digital driver鈥檚 license based on an ISO standard being relied upon by many other states, but the concept is that the SEDI approach would move to the fore and their other digital ID would shrivel away.

The philosophical underpinning of the state鈥檚 SEDI concept is that 鈥渋dentity鈥� is not something bestowed by the state, but that inherently belongs to the individual; the state merely 鈥渆ndorses鈥� a person鈥檚 ID. The practical result of that somewhat abstract point is that SB260, a issued by the Utah Department of Government Operations, and other outline strong privacy protections for digital ID of the kind that we have been advocating for.

The , entitled 鈥淪EDI: Protecting Liberty in the Digital Age,鈥� summarizes SEDI as comprising six major points.

The first, and perhaps most important, is privacy. The paper describes a decentralized approach that allows people to share no more data than is necessary and under which 鈥渘o tracking by other parties is permitted.鈥� SB260 states that 鈥淚t is the policy of Utah that鈥� the state is obligated to respect an individual's privacy interest associated with the individual's identity.鈥� That is broad, but good to see in state law. More specifically, the law says that Utah can鈥檛 issue IDs unless the state ensures that individual use is 鈥渇ree from surveillance, visibility, tracking, or monitoring by any other governmental entity or person鈥� besides the party that is checking the ID. Other provisions that we regard as necessary for an ID to be privacy protective are absent or vague in SB260, but officials I've spoken with are hopeful that subsequent legislation will fill these gaps.

The other five elements of SEDI summarized in the white paper are:

• A 鈥渃omprehensive legal framework鈥� 鈥� clear rules around the operation of a digital identity system that include open standards, transparency, enforcement of protections, auditing, and a 鈥渞ight to paper.鈥� Overall the purpose of these key provisions is to create a system that 鈥減rotects rights and ensures appropriate accountability.鈥�
• 鈥淚ndividual control,鈥� in which the state throws its weight behind a movement known as 鈥渦ser-centric鈥� or 鈥渟elf-sovereign鈥� identity, that strives to ensure that government identification systems are used to empower individuals, not to control them.
• 鈥淒elegation,鈥� the ability for 鈥減arents and legal guardians鈥� to 鈥渕anage their children鈥檚 credentials until the age of majority鈥�.
• Security.
• Backwards compatibility, meaning that SEDI would be compatible with 鈥渆xisting technologies鈥� as a practical concession to the need for continuity. (To me this raises questions about whether it would be possible to protect privacy while being compatible with other, less privacy-protective identity systems.)

Utah officials involved with SEDI are fully aware of the policy vacuum they are filling, and the manifesto proclaims that SEDI 鈥渨ill be a digital export of freedom to the world.鈥� In pursuit of that ambition, the government invited state legislators and officials from other states (as well as yours truly) to a 鈥溾�� last month at Utah Valley University as part of an effort to persuade other states to join with Utah in a 鈥淪EDI consortium.鈥� That is a recognition that if Utah is to buck the current national trend of uncritically adopting the ISO standard without adequate technical and legal protections, it probably can鈥檛 do that alone given the eventual need for state digital licenses, like physical ones, to be interoperable across the country.

There are many details to be worked out, and we may have disagreements with a final product. Nevertheless, Utah is serious about privacy. The state has better than average on the issue, perhaps because of many of its citizens鈥� cultural memory and inheritance of living as an oppressed religious minority. Utah is a conservative state, and its concern also reflects the strand within American conservatism of skepticism of government power and the regimentation of American life. In May 2025 I was invited to a prior in Orem called the 鈥淯tah Data Governance Summit.鈥� That sounds awfully obscure and wonky to most people, and in many ways it was, but it鈥檚 a measure of how seriously Utah takes its privacy that the keynote speaker was the governor, and the first panel discussion included the Majority Leader of the Utah Senate and the Majority Leader of the Utah House.

In our 2021 红杏视频 report on digital identity, we wrote that

because of the way we have backed into the identity system we have today, we are not having the explicit political conversations and debates about our identity systems that we ought to be having. This raises the danger that a relatively small cadre of corporations and specialized government bureaucracies will build a new infrastructure for their own economic and administrative purposes regardless of the larger implications.

New Jersey passed a with privacy protections that are exceptional compared to most states, but Utah is the one state where 鈥渢he explicit political conversations and debates鈥� are taking place in full form. Whatever the outcome of its deliberations and any devils that may lie within the details of that outcome, the state is playing a laudable leading role in having the conversations and pushing for good privacy protections around digital ID. We hope other states will join Utah in these vital conversations and that the outcome is that any digital ID system our nation may end up with features solid civil liberties protections.