1. 8
  1.  

  2. 9
    1. Make it illegal to ask for any federally-issued identifier (including SSN, ITIN, or any thing invented in the future) for non-government use.
    2. Make it illegal to retain any federally-issued identifier together with other identifying information for non-government purposes (with a time delay to give companies time to change their primary keys).
    3. Restrict the government’s use of SSN and ITIN to the SSA and IRS. Enrollment in state-sponsored retirement transfers has nothing to do with driving a car.
    1. 2

      This article leans rather heavily on the assumption cardholders will understand the nature of a private key after just copying a string of numbers for all kinds of forms. I suspect a layperson would try to put both numbers on, or use their private key as their public key. And I don’t think it’s fair to expect every browser to have safe JavaScript crypto to handle the key. What if there’s a malicious extension? Or JavaScript is turned off? Or the browser is really old or they don’t have a computer, as sometimes happens in a country of 300 million plus.

      It seems a card with a chip or the printed private key in a less prominent spot with warnings would be better.

      The broad idea is appealing, but upgrades of this scale have so many edge cases. And those edgecases are usually really vulnerable people.