Questions
What Are Digital IDs and Data Centers?
Summary: Digital IDs are identity systems that vary significantly across five dimensions—breadth of use, legal requirement, underlying technology, data storage strategy, and data access controls—while data centers are the infrastructure backbone that stores, processes, and enables access to the personal and institutional data that digital IDs depend on.
Not all digital IDs are equal. They tend to differ in type, use-case, technology, and structure. Because of the various differences between the digital IDs currently in use, it may be helpful to discuss the various features of the digital IDs rather than dismissing them altogether.
Digital ID features can be divided into five basic categories. Breadth of use/use case distinguishes foundational IDs (designed to serve as general-purpose identification across multiple arenas of life such as voting, banking, healthcare, and travel) from functional IDs (narrow identity confirmation purposes such as a digital driver’s license).
Legal requirement varies from mandatory (legally required to utilize a digital ID) to quasi-mandatory (not technically required legally but de facto required due to use cases) to optional (available for use instead of a physical ID). Underlying technology also differs: Estonia’s e-ID uses PKI, chip-card, and mobile; India’s Aadhaar is biometric (fingerprint, iris, face); South Korea’s i-PIN uses blockchain (DID) and mobile; and the U.S. mobile driver’s license is device-based.
Data storage strategies span centralized (all identity data stored in a single location controlled by a governmental entity), decentralized (data stored in separate databases and transferred through secure data exchange), device-based (identity data stored locally on a user’s smartphone), and blockchain + mobile (data stored on a user’s device and verified against data on the blockchain). Data collected ranges from biometric (India’s Aadhaar requires fingerprints, iris scans, and facial recognition) to demographic (name, date of birth, address, citizen information).
Data access, permissions, and controls vary significantly. Governmental entities in Estonia and India have access to all data stored; in South Korea and the U.S. mobile driver’s license, users have more control. Aadhaar is uniquely problematic because it creates a broad authentication infrastructure that private companies are allowed to query, with citizens having low control over their data.
Two considerations matter when thinking about this typology. First, the categories are not rigid. A digital ID could begin as optional and decentralized and then shift to required and centralized. Just because a digital ID begins with a limited breadth of use doesn’t mean it couldn’t expand over time. Second, if and when governing authorities in the United States begin conversations about digital IDs, we need to be prepared to ask intelligent questions about these systems rather than accepting the “efficiency and convenience” argument without further discussion.
Governmental and private sector data centers house applications and data critical to a given enterprise. Government data centers store personal information from census data, tax records, identification documents, and more. After the 2010 Federal Data Center Consolidation Initiative (FDCCI), data management has become a bigger part of the federal government’s agenda. While data centers may not seem particularly dangerous at the moment, they create an underlying infrastructure for data storage, data mining, and centralized digital ID strategies. These data centers may be necessary; however, they also create capacities that should not be ignored. Central to the question about data centers is who has access to the data and for what purposes.
Key Takeaways: Digital ID and Data Center Typology
- Five Feature Dimensions: Breadth of use, legal requirement, underlying technology, data storage strategy, and data access controls—all vary across systems.
- National Examples: Estonia (e-ID, PKI/chip-card/mobile, decentralized), India (Aadhaar, biometric, centralized), South Korea (i-PIN, blockchain, device-based), United States (MDLs, functional, device-based).
- Category Drift: Digital ID categories are not rigid—optional/decentralized systems can expand into required/centralized ones over time.
- The “So What”: Data centers are the infrastructure that makes digital ID, data mining, and centralized surveillance possible; the key question is always who has access and for what purposes.
About the Author — James Spencer, PhD, is a theologian, author, and host of the Thinking Christian podcast, where he writes and speaks on Christian formation, political theology, and technology. He holds a PhD in Theological Studies from Trinity Evangelical Divinity School and completed the Institute for Educational Management at the Harvard Graduate School of Education. He serves as President of the D.L. Moody Center in Northfield, Massachusetts, as adjunct faculty in Wheaton College’s MA in Leadership program, and as an Associate Research Fellow at the Kirby Laing Centre for Public Theology. His writing has appeared in The Wall Street Journal, The Washington Times, Christianity.com, and Sojourners; he has been quoted in The Telegraph; and he is a regular guest on Stand in the Gap Today with the American Pastors Network. His forthcoming book is Digital Discernment (InterVarsity Press, Fall 2026). Learn more at jamesgspencer.com.