Which countries have mandatory national digital IDs and how do their laws differ from U.S. proposals?

1. Who already has mandatory or de‑facto mandatory national digital IDs?

Aadhaar in India is the clearest example: UIDAI’s Aadhaar enrolls biometric and demographic data for over a billion people and has become mandatory for “hundreds of public services and many private ones,” making it functionally compulsory in many aspects of life ^{[1] [7]}. Estonia’s digital ID, introduced in 2002, is embedded into civic life and used for voting, banking and digital signatures; it’s described as mandatory for many state interactions ^{[2] [1]}. Reporting also shows China launched a National Online Identity Authentication service in July 2025 and followed with a digital ID card in September 2025, with registration and biometric links required by its Internet ID regulations ^{[3] [8]}. Recent press links the UK’s announced “Brit Card” to a mandatory right‑to‑work check by 2029, marking a move toward enforced use for at least one key public purpose ^{[4] [2]}.

2. How the laws and designs differ across countries

Designs vary from biometric‑centred central registries (India, China) to government‑issued cryptographic credentials that support many services (Estonia). India’s Aadhaar links biometric records to a unique number and has been made mandatory for many public and private transactions ^{[1] [7]}. China’s 2025 internet ID rules tie national ID numbers and facial recognition into its National Online Identity Authentication app, reflecting tight state control and broad private‑sector linkage ^{[3] [8]}. Estonia’s model emphasizes a government‑issued digital identity used for authenticated signatures and access to services, institutionalized over two decades ^{[2] [1]}. The UK’s announced plan centers on a digital “wallet” for citizens to prove right‑to‑work, with the government stating mandatory use will first apply to that use case ^{[4] [9]}.

3. How U.S. proposals differ in principle and legal approach

U.S. activity so far is incremental and federated rather than a single mandatory national ID. Federal efforts have focused on standards, pilots, and agency guidance (Login.gov expansions, NIST guidance, executive orders to promote privacy‑preserving systems), with state mobile driver’s licenses (mDLs) rolling out experimentally ^{[10] [11] [5]}. Policy proposals emphasize a federated architecture that preserves multiple credentials and physical alternatives rather than replacing all IDs with a single national credential ^{[12] [5]}. Legislative efforts such as the Improving Digital Identity Act aim to coordinate federal involvement and standards, not to impose a universal mandatory ID ^{[6] [13]}.

4. Key legal and civil‑liberties contrasts

Mandates vs. voluntariness: India and China have systems that are mandatory or required for many interactions; Estonia’s long practice effectively integrates digital ID into civic life. U.S. proposals and pilots emphasize voluntary adoption, standards, and protections, and debate continues over biometric bans and limits on surveillance ^{[1] [3] [6] [14]}. Privacy and control: U.S. policy documents and academics repeatedly stress privacy‑preserving design and legal guardrails, while reporting on China and India highlights centralized biometric linkage and wider compulsory uses ^{[6] [3] [1]}. Security tradeoffs: Estonia’s system is mature but has faced hacks and vulnerabilities in the past; reporting notes cyberattacks against Estonian services in earlier years ^[7].

5. What the reporting does not say or leaves unclear

Available sources do not provide a comprehensive, up‑to‑date catalogue of every country’s legal mandate status; several trackers list dozens of national systems but differ on whether use is technically mandatory or effectively required in practice ^{[8] [15]}. Details on legal remedies, oversight mechanisms, data‑sharing limits, and opt‑out paths for each country are unevenly covered in the cited reporting ^{[3] [6]}. Specifics of how the proposed UK mandate will be enforced across private actors beyond right‑to‑work checks are still being developed in consultations ^[9].

6. Takeaway for U.S. observers and policymakers

Policymakers choosing between models face tradeoffs: centralized biometric mandates can produce fast scale and administrative efficiency but raise privacy and surveillance concerns ^{[1] [3]}, while the U.S. path emphasizes federated standards, optional adoption, and legal guardrails to preserve alternatives and civil‑liberties protections ^{[5] [12]}. Public debate should center on which services would be required to accept digital credentials, what legal oversight and redress exist, and how to provide inclusive non‑digital alternatives — subjects that current U.S. proposals explicitly flag as priorities ^{[6] [12]}.