Absolutely valid. In the context of identity verification, I trust ID.me more than random companies that do not have government contracts because government contracts come with security and compliance regulations that require regular audit and make the chances of breach less likely. In either case, it’s a private company and, as any security nut would have told you, when it gets sold all bets are off like 23andme. Even more importantly, in the US, any kind of ID verification is a terrible idea, government or private, because we have no data regulation or privacy constraints. I call out the US here because we have no GDPR equivalent (CCPA wouldn’t hold up to federal data). Even if ID verification were conducted by the government, it can still be used for gnarly shit like we saw with ICE and DOGE.

On a sliding scale of evil, ID.me is the evil I know will currently fight to continue remaining the only evil which is the only solace I have in the US.