Vaccination rates are on the rise and several countries, including the United States, are relaxing public health restrictions as they steer toward a full reopening. Digital health certificates, or vaccine passports, are part of these efforts as a number of organizations are requiring proof of vaccination, including commercial airlines, employers, colleges and universities, and retail establishments. But while digital health certificates may facilitate a safer reopening and faster economic recovery, technological solutions to vaccine verification also raise valid concerns about the privacy of personal health data and their potential to exacerbate racial and socioeconomic inequities. If implemented without needed privacy protections, the vaccine passports could foreclose economic and social opportunities for those without immunization proof.
As Congress continues to debate the need for federal privacy legislation, now is the time to implement a national standard on how personal data is collected and processed to avoid the abuse of fundamental rights. Federal privacy legislation should be a national imperative as digital health certificates become more commonplace to ensure short- and long-term data protections, especially as more private companies are either collecting or requiring vaccination data.
The EU has already recognized potential consumer abuses in its implementation of the Digital Green Certificate, which will be fully operative by July. But the EU passport has a firm basis in the General Data Protection Regulation (GDPR) laws to increase public confidence in its use. Similarly, Israel initiated the “Green Pass” system in February, which enables vaccinated people to download “a health ministry app linked to their medical files” or present a vaccination certificate to gain access to gyms, hotels, theaters, indoor dining, and other venues that are reserved exclusively for the vaccinated. Denmark, the U.K., China, Singapore, Malaysia, and India have also developed vaccine passports.
By contrast, the incongruent efforts across the United States to mandate or strongly recommend the use of vaccine passports have faltered largely due to partisanship and some acknowledgment of the absence of an omnibus data privacy law. While New York State has launched its own digital health certificate, the Excelsior Pass, and San Francisco has mandated that all city employees must be vaccinated against COVID-19, states including Arkansas, Florida, and Indiana have successfully passed laws prohibiting COVID-19 vaccination requirements. As of May 6, state bills have passed at least one legislative chamber in Alabama, Iowa, Missouri, Tennessee, and Texas, and similar measures have been introduced in Alaska, California, Michigan, Minnesota, New Jersey, Ohio, and Washington.
Intense political opposition to vaccine passports stems from a uniquely American conception of liberty. The Supreme Court’s landmark case, Jacobson v. Massachusetts, shows that there is well-established precedent for states to intervene with individual rights in order to protect public health. As Ceylan Yeginsu of the New York Times argues, the term “vaccine passport” is polarizing and misleading. The author writes that “a passport is issued by a government and certifies personal data, [so] many people fear that if they are required to have one related to the coronavirus, they will be handing over personal and sensitive health data” that may be abused by data controllers.
Yenginsu’s observation highlights the need for a comprehensive federal privacy law to replace the current patchwork of privacy laws in the United States. As the EU’s experience with the Digital Green Certificate under GDPR demonstrates, the efficient creation and deployment of a vaccine verification system can effectively facilitate interstate travel and engagement in other activities while safeguarding personal data and respecting fundamental human rights. This is largely because both European lawmakers and citizens have some confidence and trust in the technological solutions to the pandemic and potential recourse for enforcement.
The case for digital health certificates
For over a century, health certificates have played a vital role in advancing global health security. As early as the 1880s, students and teachers had to present vaccination cards as proof of inoculation against smallpox. In the 1920s and 1930s, countries began requiring airline passengers to provide vaccination certificates. By 1959, the World Health Organization’s creation of the International Certification of Vaccination (“yellow card”) led to enormous progress in the suppression or eradication of diseases like cholera and smallpox, lending credence to the utility of vaccine passports.
Today, advancements in technology promise to make vaccine verification more convenient and secure. With a digital health certificate, a smartphone is the ticket to normalcy. Digital platforms provide strong authentication for proof of vaccination, verifying that the health certificate is genuine and belongs to the person who is presenting the data. In New York, where COVID-19 vaccine verification is required for major sporting events and other large gatherings, smartphone owners can simply scan a QR code that certifies their vaccination status. Due to the rampant sale of fraudulent versions of the CDC’s paper vaccination card, the stronger authentication measures provided by digital health certificates may be mission-critical to the success of vaccine verification efforts in the United States.
Digital health certificates can also induce a speedier economic recovery by establishing a measure of public confidence that returning to work, eating at a restaurant, shopping at a local boutique, or engaging in other forms of economic activity will not result in recharged infection rates. Vaccine passports can expedite international travel by lifting certain travel restrictions, such as testing and quarantine requirements, leading to a rebound in tourism.
International travel and admittance to venues like theaters and indoor sports stadiums furthermore provide strong incentives to the rendering of vaccination proof, especially for people who are initially skeptical of the vaccine and could nudge the U.S. population closer to herd immunity. As of June 24, 45% of Americans had been fully vaccinated, but 70 to 85% of the entire population needs to be vaccinated to achieve herd immunity.
However, despite the wide-ranging economic and public health benefits, digital health certificates raise a plethora of ethical concerns regarding their ability to safeguard user data and contribute to an equitable pandemic response.
Barriers to privacy and equity
Safeguarding privacy is one of the core issues surrounding the use of a digital health certificate in the United States. Digital vaccine passports may contain sensitive medical information in a centralized database, so individuals’ vaccination data may be vulnerable to data breaches, government surveillance, or corporate misuse depending on what privacy and security measures are in place and what entities have access to the data. The Biden administration has already announced that “there will be no centralized, universal federal vaccinations database,” but companies like CVS and Walgreens that have played a major role in getting shots into Americans’ arms must keep detailed vaccination records.
As a result, private companies may lead vaccine passport development in the United States. IBM and CLEAR are two front-runners that have designed vaccine verification technology for use by major employers, sports stadiums, and airports. The New York Times has also reported that United, JetBlue, and Lufthansa airlines plan to use the CommonPass, developed by The Commons Project, World Economic Forum, and Rockefeller Foundation, to enable passengers to fly to certain destinations. The International Chamber of Commerce and International Air Transportation Association are also creating vaccine verification apps for international travel.
The lack of a comprehensive federal privacy law potentially heightens the risks involved with sharing sensitive personal health information (PHI), such as vaccination status, with a commercial entity. For example, if a person records PHI on a patient intake form at a medical facility, that information is protected by the Health Insurance Portability and Accountability Act (HIPAA), but that same data is not protected if they enter it into a popular fitness or health app. Moreover, it is unclear whether CVS, Walgreens, and other clinics—which are storing vaccination data for millions of Americans—have the same legal responsibility as medical providers to protect PHI. Without regulations to guard against the improper use and sale of personal information, commercial vaccine passports may carry strong privacy risks. This is particularly true if vaccine verification becomes mandatory to participate in everyday life, giving people little choice but to hand over sensitive data to private companies.
Equity is also a major concern regarding the ethical implementation of digital vaccine passports. The increasing disparities of vaccination rates among more vulnerable populations such as low-income, people of color will be a factor in whether a person is included in a range of public and private activities. Among historically disadvantaged populations who are hesitant to get the vaccine due to other medical conditions, will they be fairly treated, or further manipulated by the possible mandatory requirement of a vaccine passport?
In April, when vaccine demand exceeded the U.S. supply, the Kaiser Family Foundation reported that people of color and people of low socioeconomic status were being vaccinated at lower rates across the United States. In the early stages of vaccine distribution, then, a mandatory vaccine passport system would have exacerbated racial and socioeconomic disparities by creating a “two-tiered society” in which white and wealthy people would disproportionately enjoy the freedom to travel, work, and attend gatherings. As a result, scholars argued in a Brookings blog post that vaccine verification should only be mandatory for people who are able to receive the COVID-19 vaccine to mitigate inequities.
However, these scholars suggest that “once COVID-19 vaccines are widely and easily available, entities may—and perhaps ought to—require vaccine verification.” This suggestion flows to a fundamental idea of fairness expressed by Mark Hall and David Studdert in the New England Journal of Medicine. They argue that “requiring people who decline vaccination to bear some consequence for their refusal seems only fair, especially if, collectively, such hesitancy puts herd immunity out of reach.” Thus, how will data privacy be implemented for populations who outright refuse protective immunity?
Finally, digital health certificates can further widen the digital divide. Data from the Pew Research Center shows that smartphone ownership is lowest among rural and minority communities. Additionally, many older Americans struggle to operate smartphone apps. As a result, large swaths of the American population may be unable to access a digital vaccine passport, even if it was an option. To ameliorate digital divide concerns, many countries with digital vaccine verification systems are also accepting paper vaccine records from those unable to provide a digital health certificate and negative COVID-19 tests from those who are not vaccinated.
As the current debate over digital health certificates becomes more prominent, the conversations should start with data privacy as the basis for discussion, especially if such technological solutions are being done in the public interest. The future of the nation’s pandemic recovery may depend on providing evidence of vaccinations while also protecting personal privacy.