"We must make sure that, in our scramble to reopen the economy, we do not overlook inequity of access to the vaccine; ... and the potential that today's vaccine passport will act as a catalyst toward tomorrow's system of national digital identification that can be used to systematically collect and store our personal information."
This statement was originally published on eff.org on 16 December 2020.
A COVID vaccine has been approved and vaccinations have begun. With them have come proposals of ways to prove you have been vaccinated, based on the presumption that vaccination renders a person immune and unable to spread the virus. The latter is unclear. It also raises digital rights concerns, particularly if you look at the history of healthcare access, and consider how it maps onto current proposals to digitize and streamline “vaccination passports” for travel.
We must make sure that, in our scramble to reopen the economy, we do not overlook inequity of access to the vaccine; how personal health data in newly minted digital systems operate as gatekeepers to workplaces, schools, and other spaces; and the potential that today’s vaccine passport will act as a catalyst toward tomorrow’s system of national digital identification that can be used to systematically collect and store our personal information.
We have already witnessed problems with COVID-19 testing and its intersection with digital rights. Some individuals weren’t able to access testing simply because they did not have access to a vehicle. The digital divide emerged in places like San Francisco’s Tenderloin district, one of the city’s poorest neighborhoods, where many weren’t able to access testing because they did not have a smartphone. The danger of further social inequity is just one reason why we opposed a since-vetoed bill in California that proposed to create a blockchain-based system of verifiable credentials for medical test results, including COVID-19 antibody tests. We must draw on the lessons from the recent past and earlier vaccination efforts as we go forward.
Current Proposals
EFF is focused on proposals to distribute these vaccination credentials digitally. While paper-based credentials are possible, too, most proposed plans involve digital implementations. In fact, some companies already have digital passport systems. CLEAR is rolling out a HealthPass that logs testing or vaccination status. This company provides pre-flight screening in major airports around the country. Ticketmaster has considered partnering with CLEAR for another “Health Pass.” Such partnerships could lead to another intertwined network of unprecedented sharing of personal information, similar to issues we have currently with data brokers and advertising information.
Some have suggested using W3C’s (The Worldwide Web Consortium) Verified Credentials and Digital Identifier specifications as a potential way to standardize vaccination passports. However, this standard does not tend to solve the equity issues of unequal access to vaccination and digital technologies. They are also not exempt from attacks that can potentially leak data.
Advocates of digital systems have suggested they would address the fraud and forgery concerns raised by paper-based credentials. Proposals like CommonPass – which notifies users of local travel rules and attempts to verify that airline passengers are complying with those rules – are designed to face this issue head on. Informing users of local information is a great feature. However, these systems do little to address the more prevalent fraud targeting individuals during this pandemic. Until these vaccinations become accessible to all, concerns over fabrication should not overshadow concerns to access to the vaccine in the first place.
Blockchain Is Not a Silver Bullet
Many proposals for vaccination passports reference blockchain technology, a distributed public ledger, as a means to share vaccine credentials. But there are qualities of blockchain that contradict privacy concerns. One is immutability, meaning the fact that personal health information can’t be changed. Immutability may have anti-forgery benefits, but that does more for the credential verifier than the credential holder. Permanence eliminates the ability to delete or correct sensitive personal information from the system.
Interoperability of data with the private sector does not equate to decentralization of data.
Also, many healthcare systems have centralized authorities. One of blockchain’s main selling points is peer-to-peer decentralization – an attribute that’s diametrically opposed to the implementation of a health mandate. Interoperability of data with the private sector does not equate to decentralization of data.
Privacy is much more than just preventing a data breach or forgery. Limiting a definition of “privacy” to just these measures would short-change our need to control our personal information. Framing our policy goals should not be left to private companies seeking to sell products they say will help mitigate a pandemic. And, as researcher Harry Haplin notes in a recent paper,
“temporary measures meant for a purpose as seemingly harmless as reviving tourism could become normalized as the blockchain-based identity databases are by design permanent and are difficult to disassemble once the crisis has passed.”
For these reasons, layering blockchain to improve security or privacy for health documentation doesn’t make sense in this context, and has the potential to do far more harm than good.
Lessons Learned Should Be Lessons Applied
A digitized system based on proof of immunization will amplify the lack of access.
The COVID-19 pandemic is unprecedented in our lifetimes, but there are lessons we can learn from the past. In 2009, the H1N1 (“swine flu”) vaccination rollout was plagued with inequitable access. With supply potentially limited for COVID-19 vaccinations for the next 6 months, more of the same can occur. A digitized system based on proof of immunization will amplify the lack of access. Resources, especially tax dollars, should be focused on giving people more information about and access to vaccinations, rather than creating a digital fence against those who haven’t been vaccinated yet – and subjecting people who have been vaccinated to new privacy risks.
Trust is critical to public health. Today, many people are already wary of the COVID vaccination. Sweeping in smartphone-based products and new privacy concerns would only harm public health efforts to ease the public’s mind. Immunizations and providing proof of immunizations are not new. However, there’s a big difference between utilizing existing systems to adapt to a public health crisis and vendor-driven efforts to deploy new, potentially dangerous technology under the guise of helping us all move past this pandemic.