California is accelerating its push into digital identity, with officials launching new pilot programs designed to streamline how residents access public services. But while the state promotes the convenience and efficiency of these efforts, the broader implications for privacy and data control remain a growing concern among advocates for digital rights.
Jonathan Porat, California’s chief technology officer, said the state’s Department of Technology is moving ahead with new collaborations following initial efforts that included the mobile driver’s license launched last fall and a single sign-on pilot through Login.gov tied to transportation benefits.
That project, run through the Cal-ITP platform, lets eligible residents access transit discounts using a contactless payment system linked to their identity. Seniors, veterans, and others were able to verify eligibility for reduced fares without presenting physical documentation. According to Porat, the project’s success in Monterey County and Santa Barbara led the state to explore expanding the system to more than a dozen other local transit agencies.
But while the state touts these pilots as progress toward modernizing access to benefits, the increasing reliance on digital credentials has sparked important questions about surveillance, data sharing, and long-term risks.
California’s approach differs from other states that have focused on digital IDs primarily for age or identity verification. Porat explained that the state wants to use these tools to confirm eligibility across a range of public services. “We’re proud as a state to have [a mobile driver’s license] as well, but we’re really thinking about, how can we digitize the way that we validate residents’ identities and eligibility for different programs,” he said.
That vision includes broader partnerships, including with federal agencies like the VA and CMS. “What we’re doing now is trying to expand the breadth of those different benefits programs,” Porat said. “So we started by looking at a couple of simple things, like age-related discounts, and now we’re going so far as to have agreements with the federal VA and CMS, the group that manages Medicare and Medicaid, so that if you receive disability, if you are above a certain age, if you have a certain status, you can get those discounts automatically, just by paying with your wireless payment.”
Such integrations may offer smoother access to services, but they also carry a potential cost: a growing infrastructure that links personal data across multiple agencies and systems. Even with safeguards, the more centralized and digitized identity becomes, the greater the potential for misuse, breaches, or overreach, particularly if future administrations or private vendors push for expanded uses.
Digital identity systems often come with promises of user control and minimal data collection. The real test will be how these assurances hold up over time, especially as new uses emerge and public agencies rely more heavily on third-party vendors. Privacy advocates have long warned that once identity systems are in place, they tend to expand in scope, often in ways that individuals cannot easily opt out of.
