What’s wrong with vaccine passports?

April 12, 2021
Dan Sutherland

Everything is wrong with the framing of this story. It’s wrong because this is a global health emergency, and we need solutions which are both global and very human. Politicians are arguing over it, governments are scaring privacy and human rights campaigners, all of which risks failing to see the bigger picture.

Let’s frame it differently. Just like when we wear a mask, we’re doing it to protect both ourselves and those around us, technology can offer the same benefits. But it has to be properly thought out and deployed or users won’t trust it and won’t use it. And don’t call them Passports, it immediately gives a negative impression.

At Self we have worked on a number of ways our technology could help solve for some of the issues around understanding individual COVID risk over the last year. In doing so have arrived at a set of principles that are designed to ensure a system would be effective:

  1. The system must be private. The technology needs to identify the user, and confirm their status, but without revealing their identity or any other defining characteristic. Any data should be under the control of the user at all times.
  2. The system must be easy to implement. Companies and individuals should be able to integrate systems and processes fast and effectively whoever they are.
  3. The system should be joined up. Integration between employers, the state, test and trace systems, healthcare and other support should be seamless.
  4. The system has to be distributed. The challenges are simply too big to be efficiently or safely rolled out to a centralised system in a timely fashion. Centralised, state run systems also demonstrably disadvantage minority communities wary from years of mistreatment at the hands of state agencies. They, like everyone, must feel that they are in control and trust that participating is something positive for them and their communities as well as the wider population.
  5. The system has to be cheap. COVID has cost everyone enough.
  6. The system must be universal. Whether you have access to technology or not, any system must be able to work for you.

Achieve all of those and the “Vaccine Passport” can operate without being a risk to civil liberties or a box of data delights the government will want to keep access to.

Back in the spring of 2020 while our team was locked down around the world and things were pretty uncertain we decided to explore how Self could be used to solve for some of the problems which were emerging as COVID unfolded. We focussed on the then hoped for re-opening of pubs and restaurants, recognising that the experience we all missed was only going to be there if entertainment could be actually back to normal.

Self was in a pretty early state back then, so the prototype we developed was just an exercise in exploring what Self could achieve given a specific use case. We called our prototype Presence, it allowed users to do several key things:

  • Identify themselves in real time: COVID infects people and not phones so we needed to be sure which human the data related to.
  • Easily import data about their health into Presence: This meant we could know test results (then there were no vaccines, but the process is identical) were accurate and which human they related to, but the data was only on the phone and the metadata was anonymised so there wasn’t a privacy issue.
  • Warn users if they are at risk: Then help them cancel bookings, get refunds and allow them to stay away rather than finding out at a door that they needed to isolate.
  • Integrate with Test and Trace solutions then being launched by Apple and Google: this meant we could generate virus heat maps which could know the actual virus status of each human, but without knowing who those humans were.

Presence had the ability to map and analyse infection data from actual users in real time whilst also using Self’s ability to allow anonymised communication to mean that people who were at risk could be contacted instantly. So we could respect Apple and Google’s requirement to not capture user data; We could capture data about the virus’ spread and we could ensure people who were at risk could be isolated and supported.

We wanted to ensure that only healthy people turned up at venues, giving users the tools to realise they needed to isolate and making it easy and private for them to do so. Presence also allowed organisations to:

  • Check users’ virus status in person anonymously
  • Check users’ virus status online before a booking is made so that people who are at risk could be triaged out to get help before they began a booking session to protect their privacy.
  • Check users’ virus status with a contactless tap: for example to access public transport or buildings.
  • The metadata amassed by Presence could be used directly by Test & Trace teams, sending automated quarantine notices to anyone who had come into contact with someone who was ill and providing key-signed proof that the recipient had seen the message.

Presence was not foolproof, but it would have been able to protect people’s privacy by simply not providing access to the user’s data to organisations or the government. We reckoned they didn’t need it, because anyone who was sick would engage directly with the state through existing channels. Presence could remain anonymous and as such it would be more trusted and more widely used, which in turn would mean it was more effective than a centralised system.

It would also be billions of pounds cheaper than the current cost of tracing systems and allow the money spent by the UK government on supporting people through the virus to only go to those who were in quarantine or sick.

Presence has now evolved to form part of Self core — supporting our mission to make trusting each other online easier and more secure. So Self could also be used to build an effective, privacy focussed method of controlling COVID. One that didn’t impact the freedoms we all hold dear.

So, in summary, no; to achieve what is needed to help restart the world we don’t need a vaccine passport with photos, and our personal details on it, and we don’t need the state interfering with our freedoms because they are very, very important. We do need a tool that citizens can use to ensure that as the world opens up again they aren’t a risk to others or at risk themselves. That’s not a Passport, it’s knowledge and freedom and a fast path back to some kind of normality.

Sign up for the Self private beta

More blog posts from Self