The socio-technical challenges of designing and building a vaccine passport system
The fourth in a series of public evidence events on vaccine passports and COVID status apps.
In the fourth of our public evidence events on vaccine passports and COVID status apps, we explore what technical and practical considerations any government facilitating vaccine passports and COVID status apps, and the surrounding societal-technical system, need to consider.
Associate Director (Emerging technology & industry practice)
Carmela TroncosoAssistant Professor, Security and Privacy Engineering Lab at the École Polytechnique Fédérale de Lausanne
Ranjit SinghResearcher, AI on the Ground Initiative, Data & Society
Lord James O'ShaughnessyConservative Member of the House of Lords and a Health Minister from 2016 to 2018.
The World Health Organisation (WHO) has established the Smart Vaccination Certificate consortium which will recommend standards for security, authentication, privacy, and data exchange and develop appropriate guidance detailing use cases, standards, and best practices for member states. The EU Member States, with the support of the European Commission, have adopted guidelines on proof of vaccination for medical purposes set out a trust framework for establishing the authenticity and integrity of certificates. Private initiatives such as the Linux Foundation Public Health’s COVID-19 Credentials Initiative and the Vaccination Credential Initiative, which includes Microsoft and Oracle, are also putting forward and pushing for open, accessible and interoperable technical standards.
These technical concerns are inextricably linked to practical questions around implementation and the wider policy these systems fit into. Who has the legitimacy to create these systems and set standards? How do policymakers and developers prove they and their systems are trustworthy? Are transparent pilots and early engagement with the public (including marginalised groups) enough? What social support needs to be in place for those unable or unwilling to be vaccinated?
And looking beyond the next few months, can these systems be built with sunset clauses and the ability to be ‘switched off’ once their purpose has been served and the crisis has passed? Or will they become part of more permanent infrastructure and push politicians towards particular policy choices?
The panel will consider:
- What technical design decisions can and should be made, including security, authentication, identity linkage, interoperability, data-sharing, input data? Is it possible to design these systems in a way that preserves privacy and prevents the repurposing of information flows?
- What practical considerations should governments be thinking about in designing these systems, beyond the technical specifications? What wider policy architecture is required around these systems to achieve their intended outcomes and mitigate harms?
- Does the creation of vaccine passport systems inevitably mean a greater embedding of digital identity systems, for better or worse, or is that a choice? How wary should we be of building long-term infrastructure in response to a time-bounded crisis?
What place should COVID-19 vaccine passports have in society?
Findings from a rapid expert deliberation to consider the risks and benefits of the potential roll-out of digital vaccine passports
A shot in the arm, not a shot in the dark
7 steps for Government to clarify whether vaccine passports should have a place in society
Vaccine passports and COVID status apps: call for public evidence
An open call for evidence from public health officials, civil society organisations, researchers and citizens
The ethical implications of vaccine passports and COVID-19 status apps
The third in a series of public evidence events on vaccine passports and COVID status apps.