And this law is very likely in place to avoid situations what Airbnb has created.
Namely Airbnb has created a database of (very likely high quality) copies of ID cards that when leaked could be used for identity theft in similar places where digital photographic copies of ID cards over the Internet are accepted as proof of identity.
To be more clear - digital photographic copy of a ID card can not be considered as a proof of the identity because it only shows that the person who is providing this information had either access to the copy itself or had limited time to make a copy in real life.
It seems like you have an impossible standard for determining proof of identity. What type of verification do you envision that isn't subject to flaws? Presenting an ID in person also only proves that someone had access to or a copy of an ID. Of course, there are some physical appearance constraints, but it's not hard for a determined identity thief to get around those.
Personally, I'm glad I live in a country that doesn't criminalize identity verification that utilizes 21st century technology (though I'd gladly accept some other German public policies).
Making a photocopy of an ID is in my opinion not a finest example of the 21st century technology.
One option to have a proof of identity without an actual in person visit is to use a trusted third party (what has verified the person in person). This could be a state (if it provides such service) or a private institution (a Bank for example).
Otherwise you can use old and proved method of trust. I understand that of course for a service like airbnb this might not be enough and this is also the reason why I probably would not use them in the future.
Denmark's online id system, called NemID (EasyID) requires
* A username
* A password
* A one-time verification code, either from a card which is posted to your registered address, or using some kind of USB thing (as far as I know, the USB option is mostly used by companies).
The system is run by the government.
I don't know what information a business using this system for authorization gets — I'd guess name, address and perhaps date of birth — but they at least don't have the password or single use verification code, so they can't authorize themselves in my name.
I think, when I verified my ID a couple of years ago, they used a sort of middleware to analyse + verify the ID. If I remember right, they said they didn't actually store the ID (i.e. the underlying image was discarded once verified)
Namely Airbnb has created a database of (very likely high quality) copies of ID cards that when leaked could be used for identity theft in similar places where digital photographic copies of ID cards over the Internet are accepted as proof of identity.
To be more clear - digital photographic copy of a ID card can not be considered as a proof of the identity because it only shows that the person who is providing this information had either access to the copy itself or had limited time to make a copy in real life.