The Identity Legislation: 5 Countries That Began it All

ByShay Hobbs
Protesters holding signs for change protesting legislation.

People are at odds with new potential requirements regarding identity, proof of identity and the methods we must utilize. We’re looking down the barrel of new legislation targeted at our digital media and operating systems, which is leaving people uneasy. The tensions surrounding digital identity have been developing since 1999, offering context for how future legislation may evolve.

Where it Began

In order to find out where we are headed, we need to take a look at where it began. Our trip down history lane regarding government legislation about our identities begins with Finland, 1999, in an attempt to replace the older citizen ID. Named the Identity Card Act, while not mandatory, it served two purposes with its FINEID chip. It authorized individuals, and it applied qualified signatures.

The results were less than popular, garnering less than 1% use for online authentication. As of 2006, its use remained marginal, with the introduction of their RFID chip-based Passport that holds biometric data. This is only the beginning of what is sure to be an intense breakthrough regarding government-issued ID cards.

Our next point of interest brings us to the year 2000 in Estonia, where they created a digital signature that acted as proof of identity. It regulated certification services, making the signature legally binding and adding a time of signing that could not be altered. It established the requirement for identity documents, including an electronic ID, to be issued, which began in 2002. It set the groundwork for the bill that would pass in 2016, the Electronic Identification and Trust Services for Electronic Transactions Act.

Not far behind, Malaysia was among the first countries to deploy a national smart ID card with embedded biometrics at scale first-ever legislation pushing biometrics as well as photo identification placed in a computer chip embedded in plastic, with the National Registration Act having laid the groundwork for this to be possible. They were innovative in being the first to use a smart card to store the information, which was required for all residents. Infants had the non-biometric MyKid, which would be upgraded to MyKad once turning 12, sound similar to Discord’s Teen-By-Default?

Entering Web-Based Legislation

Close-up of a blue Ethernet cable
Blue Ethernet Cable, Courtesy of PixaBay via Pexels

As Malaysia was perfecting its position, South Korea began looking to implement legislation of its own in 2003, cooperating with web portals for elections in 2004. By 2007, they had expanded to major websites, with there being 35 Korean websites implementing a name registration system by 2009 in compliance with South Korea’s amended Information and Communications Network Act.

It was enforced after the suicide of then famous actress Choi Jin-sil, who took her own life in late 2008. It was speculated that it was caused by stress from rumors on the internet, from blogging to portal websites citing supposed involvement in the suicide of another actor, Ahn Jae-hwan. This enforcement ended up being repealed in 2012 after it had been deemed unconstitutional.

Mandatory Prepaid SIM Card Registration

While everyone was working on identification documents, Thailand was seeking something everyone would keep in their pocket. Broadening beyond biometric data, through legislation in 2005, they enforced mandatory registration for prepaid SIM cards through an Emergency Decree by then His Majesty King Bhumibol Adulyadej, enacted by Prime Minister Thaksin Shinawatra. The government had specifically issued announcements that required SIM registration with their legislation, starting with ID, which became biometrics in the years to come.

This decree gave broad powers to the authorities for enhanced control over communications and security within what was the Emergency Zone, the Southern Provinces of Pattani, Yala and Narathiwat. As 2013 rolled around, the National Broadcasting and Telecommunications Commission (NBTC) began pushing for stricter regulations on prepaid SIM registration. By 2015, regulators said tens of millions of prepaid SIMs remained unregistered and warned they would be disabled if users did not comply.

The developments in Thailand marked only one phase in a broader global shift toward tighter identity controls. Several other countries have adopted similar laws in the years since, a trend that continues to raise questions about privacy, surveillance and digital governance. The next installment in this series examines five more nations and the legislation shaping their identity systems.

When she isn't baking or writing, Shay is often found looking at useful tools for parents. Avid android enthusiast and part-time gamer, her passions lay with fact finding and unusual gadgets. Whether it is tech, games, history, the laws that bind us, cooking, or baking, Shay just can't pick one thing.