And one of the major causes of that problem is that there is no US equivalent to the GDPR, even as the current ID systems are being abused quite thoroughly. Until we have something like the GDPR to prevent companies needlessly demanding personal information, simply making ID verification easier would mean even more places asking for identifying information, using it to build even more surveillance databases, and eventually leaking it all. For starters, imagine that every website currently using SMS login nags as an excuse for collecting phone numbers would switch over to requiring full legal names, inescapable ID verification, and then hard linking their collection of dossiers with the rest of the surveillance industry.