The next time you attend a wedding or concert, visit a place of worship, eat indoors at a restaurant or even go to work, you may need to show digital proof of vaccination or negative COVID-19 test results.
On Friday, New York became the first state in the United States (US) to roll out a vaccine verification app, often referred to as a digital vaccine passport. It's using IBM's Excelsior Pass app, which leans on blockchain and displays a personalised QR code to verify health status. The state tested the app earlier this month at a Brooklyn Nets basketball game and a New York Rangers hockey game at Madison Square Garden.
Vaccine verification apps could play a key role in helping us get back to normal. But the companies behind them may first need to convince millions of Americans – scarred from years of headlines about data scandals – that these apps don't pose significant privacy risks.
In his announcement, Governor Andrew Cuomo specifically nodded to potential privacy concerns about the app, with the promise of "keeping personal information secure." Likewise, Steve LaFleche, general manager of IBM Public and Federal Markets, said in a statement that New York's digital passport relies on a "flexible and accessible tool that places security and privacy at its core."
But not everyone is convinced. "Some of these everyday life apps will create a new layer of digital infrastructure that was previously anonymous," said Albert Fox Cahn, founder and executive director of the Surveillance Technology Oversight Project and a fellow at the New York University (NYU) School of Law. "You don't need that type of surveillance to pick up a quart of milk from a bodega."
Chief among privacy fears is the question of whether location or medical data will be collected and stored and who will have access to that information. The companies behind these apps have said they will not store data, but the perception could nonetheless dissuade some Americans from embracing the apps.
"User trust is paramount in order for digital smart health cards to be successful in empowering individuals to demonstrate their vaccination status as society reopens," said Dr Brian Anderson, chief digital health physician at non-profit MITRE, which manages federally funded research and development centres, and co-founder of the Vaccination Credential Initiative.
"That's why it's imperative that companies are open and transparent in regards to their privacy policies so that individuals can make an informed decision about who they want to share their vaccination information with."
Silicon Valley has tried its hand at tech solutions to help address the public health crisis, including exposure notification apps that would help stop the spread of COVID-19, but those efforts mostly fell short of their promise. Now, digital health passes could be a way for tech companies to make a meaningful impact on the US reopening.
However, these products must confront a number of concerns, including potential counterfeit vaccine cards, the digital divide and, perhaps most immediately, consumer distrust and shifting norms about how technology companies handle personal data.
Privacy concerns have emerged in other countries where digital passport apps have been introduced. Israel's government-validated vaccine certificate program is under scrutiny not only for draining smartphone performance and memory but for being a closed-source program, so it's unclear where some of the data may be going.
Similarly, Singapore faced backlash earlier this year after stating law enforcement had access to personal data collected from contract tracing apps for criminal investigations, despite earlier privacy assurances.
The Vaccination Credential Initiative – which includes IBM, Microsoft, Salesforce, Oracle, the Mayo Clinic and the Commons Project, a non-profit with a vaccine passport app currently working with some airlines – is playing a key role in developing US standards and guidelines for digital health passes, including its approach to data privacy. Anderson said its specifications should be set in the next few weeks.
"None of the data would be stored on a central server ever – and there would be a validation step to ensure that," said Anderson. "Data would also never be aggregated, so an issuer wouldn't know if a person went to this restaurant or that restaurant. It wouldn't be able to sell movement or data to destinations either – that would be wholly inappropriate."
Eric Piscini, project lead for the digital pass app at IBM, emphasised to the media that the company will not keep user medical information on its platform and does not track location.
"From an individual's perspective, IBM Digital Health Pass puts them in control, allowing them to store, manage and authorise sharing of their health status from their mobile phones with designated recipients in a secure manner, without exposing the underlying data used to generate it," he said in an interview before the launch.
But Cahn said he's generally underwhelmed by some of the outlined privacy policies, noting New York state's page for the digital health pass app "raises far more questions than it answers," such as only linking out to the state-wide IT standards page and not stating whether data could be used by law enforcement. – CNN Business