1. It's easier to centralize cryptographic cert issuance than passport issuance.
You may allow embassy personnel to issue passports, while still requiring a computer system in the homeland to verify that the person actually exists in some government register (and that photos match) before the certificate can be issued.
If you give embassy personnel blank passport templates, they can issue passports with completely fake identification details, for people who have never existed. The moment computers get into the mix, that may no longer be possible, or at least leave an audit trail.
2. There's no risk of surveillance. Reading data from the chip still requires you to read the MRZ, so you can't do that remotely.
There's nothing a chip gives you that you wouldn't get from a normal passport (beyond a very easy and hard-to-fake way to verify that the passport is authentic).
You may allow embassy personnel to issue passports, while still requiring a computer system in the homeland to verify that the person actually exists in some government register (and that photos match) before the certificate can be issued.
If you give embassy personnel blank passport templates, they can issue passports with completely fake identification details, for people who have never existed. The moment computers get into the mix, that may no longer be possible, or at least leave an audit trail.
2. There's no risk of surveillance. Reading data from the chip still requires you to read the MRZ, so you can't do that remotely.
There's nothing a chip gives you that you wouldn't get from a normal passport (beyond a very easy and hard-to-fake way to verify that the passport is authentic).