I don't get the whole idea of treating identity verification as a private enterprise problem. I realize it's easy to just blame LinkedIn or Microsoft here, but the core issue is architectural. We are trying to solve a public utility problem by building private honeypots.

The government should provide an API or interface to validate a user, essentially acting just like an SSO. Instead of forcing users to upload raw passport scans to a third-party data broker, LinkedIn should just hit a government endpoint that returns an anonymized token or a simple boolean confirming "yes, this is a real, unique person." It gives platforms the sybil resistance they need without leaking the underlying PII.