5.2.1 Centralised identity models maximise sovereignty but risk political overreach
Centralised identity management models (Figure 4) are widely regarded as the "traditional" and "siloed" approach to digital identity systems, where a single authority controls the creation, storage, and management of digital identities, often to streamline social service provision (Sedlmeir et al., 2020; Naghmouchi et al., 2023; Zwitter et al., 2020). From a digital sovereignty perspective, these models are often framed as instruments of state power, consolidating control over identity infrastructure and citizen data to drive state-centric data economies (Prasad, 2022; Naghmouchi et al., 2023).
Figure 4. Centralised identity management
Despite the apparent success of centralised identity models in large-scale deployments, such as the EU's Digital COVID Certificate and the UK's NHS staff passport during the pandemic (Sedlmeir et al., 2020), India's Aadhaar system — the world's largest digital identity programme — is frequently criticised throughout the literature as a tool of "statecraft and biopolitical control" (Prasad, 2022). Scholars argue that the technological centralisation of Aadhaar is used to assert national ownership over citizen data while disregarding individual autonomy (Abraham & Rajadhyaksha, 2015; Anand & Brass, 2021; Naghmouchi et al., 2023; Sedlmeir et al., 2020; Zwitter et al., 2020). This approach is inherently viewed as a political choice to maximise sovereignty and deepens existing inequalities by exposing already marginalised groups to increased levels of digital exclusion and surveillance (Anand & Brass, 2021; Ivic & Troitiño, 2022; Prasad, 2022).
In addition, several studies also highlight the security vulnerabilities of centralised identity systems, which overburden citizens with numerous credentials across institutions—"paradoxically decreasing security" (Boysen, 2021)—and increase the likelihood of widespread privacy breaches due to centralised data storage (Naghmouchi et al., 2023; Sedlmeir et al., 2022).