Publish the first trust story collection
validate / validate (push) Successful in 23s

This commit is contained in:
Compleet
2026-07-14 13:58:14 +01:00
parent e7e690a8ed
commit eaf9a614d9
39 changed files with 1815 additions and 327 deletions
@@ -0,0 +1,50 @@
---
title: "The state can protect your privacy and still see everything"
description: "China's national internet identity service reduces the need to hand civil-ID data to platforms by concentrating authentication in a public system."
published: 2026-07-14
editorialOrder: 13
reviewed: 2026-07-14
author: "Ana"
maintainers: ["Ana"]
status: developing
featured: false
homepage: false
section: "Government"
draft: false
tags: ["china", "internet-identity", "privacy", "centralisation"]
trustPattern:
claim: "A government internet number protects citizens by keeping real-name data away from private platforms."
trusted: "Users must trust the unified public service not to correlate, repurpose, compel, leak, or silently expand the authentication record."
failure: "Data minimisation at each platform can coincide with a more complete view at the centre."
---
China's national network identity authentication service began operating under final rules on 15 July 2025. A person can obtain an internet number and certificate derived from legal identity information. Participating services can verify the person without receiving their civil identity in plain text.
The privacy benefit is concrete. A platform that needs to confirm real identity need not store another copy of the user's document details. The official rules say participation is voluntary, platforms must retain alternative methods, and unnecessary identity data should not be collected.
The centralisation is equally concrete. Authentication that was previously fragmented among platforms can pass through one state-built service.
## Privacy from whom?
"Privacy-preserving" is incomplete without an adversary.
The internet number can improve privacy **from private platforms**. The platform receives a result rather than the underlying document. It may reduce leaks, overcollection and commercial reuse at that layer.
At the same time, the public service becomes a strategically important observer and dependency. The relevant questions concern logging, correlation, legal access, purpose limitation, deletion and whether voluntary adoption remains genuinely equal once the convenient route becomes normal.
This is not a uniquely Chinese paradox. Identity brokers, mobile operating systems and federated-login providers make the same bargain in different institutional settings: reveal less to many parties by trusting one party more.
## Do not average the trust
It is tempting to label the system either a privacy tool or surveillance infrastructure. It can be privacy-improving along one relationship and power-concentrating along another.
A useful audit therefore draws two data flows:
1. what the relying platform no longer receives;
2. what the central authentication service can now observe or compel.
The first is the product's benefit. The second is its constitution.
### Source
- [Cyberspace Administration of China: National Network Identity Authentication Public Service Measures](https://www.cac.gov.cn/2025-05/23/c_1749711107835487.htm)