The more people you give your personal information to, the less personal it becomes.

The servers storing this information have been hacked in the past and it will happen again in the future. The fewer places your ID lives, the lower the risk of it leaking.

Even if you don’t view the data as sensitive, it still associates a person with a website. Depending on the site, that can have negative ramifications in a person’s life. This is especially true when certain websites get associated with various political leaning and when the data leaks, the people who happened to be registered (for whatever their reason) get attacked.

Where I'm from we sorted this out with laws. It's not hard to figure out if one of your workers are associating with a union, but you're not allowed to treat them differently based on that. Laws make sure you don't, even though you technically could.

The tricky part is proving you’re being treated differently and that’s the reason why. Trying to legislate human behavior at that level doesn’t seem to work well.

My company has rules against retaliation. Good luck proving that’s the reason you didn’t get promoted, or were left off of a project. People get left off projects and don’t get promoted all the time. Keeping your job because the company is legally obligated to sounds like an uncomfortable working environment.

What's the difference between a state agency issuing a document, and sending that document to 100 random websites. This is your question, correct?

That’s a strange assumption. ID verification is part of entering the contractual relationship in many parts of this world, it’s absolutely normal thing. You don’t show your ID to random sites, only to those where you want to become a customer. If you don’t want to sign the contract, you don’t show your ID. I don’t know how many places have a copy of my passport (many hotels, for sure) and I don’t care as long as they are compliant with the laws. Tracking via ID is economically much less effective, since most websites won’t require ID verification anyway, so the biggest concern should be identity theft - but there having a copy of your ID is rarely enough in countries with developed government ID infrastructure. E.g. in Germany you must present original ID to open a bank account or change your residence address. In countries with digital IDs and government services identity theft often goes via easier routes by hijacking digital ID accounts.

The difference between one and two is being able to link two things I did. If you know who I am, that barely affects me. But if you can then cross-check whether I also went ballroom dancing, or went to a golf course, or went to a sexclub, or went to a ball-game. Then it starts affecting me.

Giving your data to a website is the same as giving it to a stranger on the bus. Maybe closer to going to a seedy part of town and giving your ID to random criminal and hoping they don't do anything unscrupulous.

It is not the same, it’s a classic straw man argument. First of all, not just some data, but your ID details - this is important detail. Second, not to a random website, but to a website you wish to engage in a contractual relationship and where your ID is actually required. Third, they are unlikely criminal and there are legal protections in this scenario in most civilized countries. Fourth, the way it goes, it is very unlikely that you will be presenting your ID, instead providing attribute proof through a third party. See e.g. Nect Wallet and similar apps. ID verification will not increase your risks of identity theft etc compared to leaks of other PII. Probably the risk will be lower due to higher compliance requirements.