Yellow fever is a deadly virus. Transmitted via infected mosquitoes, symptoms can be so mild that people don’t even know they’re sick. But serious cases are nasty. The whites of the eyes turn yellow. The skin grows yellow and hemorrhages. The liver, heart, and kidneys fail. There is no medicine to treat or cure yellow fever. But there is a highly effective vaccine, which is why 40 countries in sub-Saharan Africa and South and Central America, where yellow fever is endemic, require travelers to prove they’ve received the yellow fever vaccine. To do so, they require an official document created by the World Health Organization. It’s called International Certificate of Vaccination or Prophylaxis—or, colloquially, the “yellow card.”
Vaccine passports are hardly a novel concept. Countries around the globe, to curb the spread of deadly diseases, require foreign visitors to present certificates of vaccination. Many of our own states have vaccination requirements for kids to attend school.
But a technology implementation that will allow people to present a QR code on their smartphone to prove they’ve been vaccinated is something new. The past two months have witnessed a proliferation of plans by states, countries, companies, and international consortia to develop digital vaccine passports. Though the building blocks for digital vaccine passes have been around for a while, such a technology has never been deployed on such a large scale, and with such a big potential impact on people’s lives. This is what has some people concerned. Equity-minded folks are concerned about stratifying society between vaccine haves and have-nots. Privacy activists are worried about increased surveillance. Republican politicians are crying government overreach.
Every vaccine passport technologist I’ve interviewed has asked me not to call them vaccine passports. Drummond Reed is the chief trust officer at Evernym—the technology underlying the International Air Transport Association (IATA)’s TravelPass initiative. He prefers “vaccine pass” because it’s more accurate. “Passports are inherently discriminatory,” says Reed. They have age and citizenship requirements, “and that’s not consistent with being able to get a vaccination or a COVID test.” Unlike vaccine passes, passports also require strong proof of identity and are issued only by governments.
Vaccine passes, whether digital or analog, are a tool that people can use to prove that they have been vaccinated or have received a recent negative COVID-19 test. The idea is that they will gain people access to certain things that have been off-limits during the pandemic, like attending concerts at Madison Square Garden, eating in a crowded restaurant, or going to a packed sports event.
This week, New York rolled out its Excelsior Pass, a branded version of IBM’s Digital Health Pass. President Joe Biden’s official pandemic strategy includes a paragraph about how the State Department, Health and Human Services, and Homeland Security will assess the feasibility of “linking COVID-19 vaccination to International Certificates of Vaccination or Prophylaxis (ICVP) and producing electronic versions of ICVPs.”
Biden administration officials have said that they are in the process of coming up with the criteria for vaccine passes, but will leave the tech development to private companies and nonprofits. Andy Slavitt, a White House senior adviser for COVID response, specified at a March 29 briefing that “unlike other parts of the world, the government here is not viewing its role as the place to create a passport, nor a place to hold the data of citizens.”
Vaccine credentials already exist in the United States in the form of the paper card people receive once vaccinated. You may have seen friends and family posting photos of their cards on social media, which the FTC strongly recommended not doing because the personal information printed on them is like catnip for identity fraudsters.
Brian Behlendorf, general manager for blockchain, health care, and identity at the Linux Foundation and an active coordinator of the Good Health Pass Collaborative, points out that the paper cards are less secure than a digital solution, and were never meant as official vaccine passes. “The point was to help people keep track of if they’ve been immunized, if the batch that they took was a bad batch,” he says. “It wasn’t intended to be a high security type of document.”
Given the accessibility barriers inherent to smartphone apps—not everyone has a smartphone or reliable cell service—vaccine pass developers are being careful to offer analog alternatives. “There are paper-based options,” notes Kaliya Young, an identity tech expert and the ecosystems director of COVID Credentials Initiative, which is also part of Good Health Pass Collaborative. “There’s a way to express digital information on paper so you don’t have to have a digital wallet. That’s going to be a really critical part of the solution.”
Sean McDonald, the CEO of a company called FrontlineSMS, is skeptical that deploying a relatively untested tech solution is the right move. During the 2014 Ebola outbreak, McDonald partnered with religious leaders in West Africa—his SMS platform was used to send people messages about how to participate in traditional burial practices without getting infected. He recalls there was a lot of buzz around using cellphone location data to track people spreading Ebola, but that was largely just big data hype—woefully inept at tracking transmissions. “Generally speaking, if you’re inventing the solution at the time you learn about the problem, you’re a little bit late,” he says.
The vaccine-pass technology is complicated and the process jargony, but it’s important to understand the basics to ask the right questions and be informed. Here’s a brief glossary of terms:
- Issuer: The entity that gives out the vaccine certificate. In the case of COVID-19, it will likely be a health care provider, testing site, or health department.
- Verifier: The entity that needs to verify that someone has been vaccinated or has received a negative test. This might be an airline, restaurant, concert venue, or school.
- Verifiable credential: The information—namely, that you have been vaccinated or had a negative test result—that needs to be verified. The verification process is essential because some people will try to forge or falsify this information. Throughout the pandemic there have been reports of people buying falsified negative COVID-19 tests in Zimbabwe or showing screenshots of old QR codes on contact-tracing apps in China. Some vaccine passes are being developed based on the verifiable credentials standard from W3C, one of bodies that codifies the international standards that govern the internet.
- QR codes: A matrix of squares that encode information like a word, phrase, URL, or long string of numbers. Vaccine pass projects use QR codes because they’re easy to store and scan from a smartphone, and can contain a digital signature.
- Digital signatures: An algorithm that confirms that information is authentic and hasn’t been corrupted. Digital signatures can be embedded in QR codes and verify data about a vaccine certificate, such as who signed it and when.
- Blockchain: A method of storing information about a transaction in a decentralized database, also known as a distributed ledger. For vaccine passes, the blockchain also stores the tools needed to verify that whoever dispensed that vaccine (such as a hospital) was authorized to do so. This allows a ticket-taker at an arena to verify a vaccine certificate. Vaccine passes needn’t use blockchain technology but as far as I can tell most of the digital ones in development do. Documents that describe how transactions on different blockchain platforms are validated—known in blockchain world as a consensus protocol—are public documents.
Countries with digital vaccine certificates in the works include Israel, China, Japan, United Arab Emirates, the Philippines, Denmark, Sweden, Iceland, the UK, Estonia, Australia, France, and Singapore. Other projects are more international in scope. The EU Commission hopes to launch a Digital Green Certificate that will allow travel between EU countries by summer. Airlines and various international consortia are in the process of developing passes that would work across borders and facilitate international travel. (These include the IATA travel pass, the CommonPass, American Airlines’ VeriFly, the ICC AOKpass, and IBM’s Digital Health Pass.)
Elizabeth Renieris, a technology and human rights fellow at Harvard’s Carr Center for Human Rights Policy and former policy counsel for Evernym, points out that governing bodies like the EU Commission have never rolled out technology close to this before—no interoperable digital passports, ID cards, or driver’s licenses. “How can there be such an accelerated rollout for something that has never been done before for any other purpose?” Renieris asks. “To attempt this for the first time, and to do it at such high stakes with such potentially severe risks to very fundamental freedoms, just feels like a very rash move.”
Problems with the earliest iterations of the vaccine passes are to be expected, Behlendorf says. He encourages consumer watchdog groups and public health authorities to ask hard questions about how these apps work, and report any concerns. His expectations for the initial rollout “would be low,” he says, but he expects the apps to improve and move toward open-source solutions. “This will be a process. My hope is that through public pressure, and through technologists working together, we’ll have the second wave of apps towards the end of this year.”
I called New York’s Excelsior Pass hotline for more information on how the Excelsior Pass will work. The customer-service agent who answered told me the EP isn’t really a vaccine passport: “It’s completely voluntary, not mandatory at all. It’s just more or less a convenient app.”