As a reaction on the eID comments of Philip and Guy.

So, if they pushed on data retention laws and interceptable cell phones, what would be the odds of them giving up control of your keys?

This is not completely correct with the Belgian eID. Let me explain. The government indeed generates the private keys on separate machines before uploading them to the card. This is (they say) for performance reasons and they (they say) delete the original private keys completely from the systems. This is indeed a practice that is contrary to all the PKI principles. I won't discuss this part.
But if you analyze the eID card a little better (check my post) you will see that the card contains two types of certificates. One for Authentication and one for Signature. These certificates are not usable for data encryption.
Knowing that the government can create their own certificates (you do thrust them as a CA) they can easily generate new certificates that contain 'valid' data. There is no need to keep the private keys of the population to perform identity hijacking.

Why you should distrust your Belgian eID card?

When speaking about the eID it's important to specify what part you are talking about. Is it the SmartCard or is it about the Government-issued-certificates?
The SmartCard contains some empty slots (check my post) and that you can upload or generate your own private keys on the card. These keys can be considered secure as long as the SmartCard hasn't been cracked.

Edit: When I speak about trust it is about 'relative trust' depending on the environment and situation. Security is not binary, it's never either a 1 or a 0