For Vaccine Passports, Less Tech Is Best

Of interest given that discussion has already started in the Canadian context:

I have been reluctant to write about whether and how Americans might provide proof of vaccination against the coronavirus. It’s a political, cultural, ethical and legal minefield. Technology is not the point at all.

But if some workplacesschoolspublic gathering spots and travel companies start requiring a “vaccine passport,” it makes sense for them to do so in ways that preserve people’s privacy, are simple to use, win people’s trust and don’t cost a fortune.

Let me tell you about an intriguing proposal from PathCheck Foundation, a health technology nonprofit. The central premise is that technology related to our health should be as minimal as possible. That philosophy should be our North Star.

Here is one problem with some early technology approaches to digital vaccine credential systems: They create too many middlemen that tap into your health records, said Ramesh Raskar, an associate professor at the M.I.T. Media Lab who also founded PathCheck.

In the United States, states are mostly the ones maintaining records of which residents are vaccinated. Early efforts to create vaccine credentials, like the Excelsior Pass in New York, essentially create a replica of those state databases with information including your name, date of birth, address, the batch numbers of your shots and so on. And that’s what businesses and others access when they check whether people walking in the door are vaccinated, Dr. Raskar said.

When you add multiple layers of technology into any system, it increases the possibility of your sensitive data leaking out. It’s also expensive and complicated for everyone involved. “It’s completely unnecessary,” Dr. Raskar told me.YOUR CORONAVIRUS TRACKER: We’ll send you the latest data for places you care about each day.Sign Up

PathCheck’s idea is to create simple software code that anyone — workplaces, schools or airlines — can incorporate into apps, without the need to replicate health records.

When you need to show a vaccination credential, a one-time code would transmit two pieces of information: your identity, and that you’re vaccinated. Yes, there’s still a middleman, but the difference is that the apps would do as little as possible to access your sensitive information. The relevant data is communicated more directly between your phone and the state health records. You might have to show your ID, too.

He compared this proposal to paying for a sandwich with cash instead of a credit card. There is no need for a complicated paper trail to buy lunch. The metaphor isn’t perfect, but it’s useful.

Some of the organizations pitching vaccination credential technology, including IBM and the airport screening company Clear, are making a similar pitch that their technologies are as minimal as possible.

Dr. Raskar says that they’re often not, because tech companies, states and others have tried to throw a lot of smarts at the problem. If you hear the word “blockchain” with vaccine credentials, know that something has gone off the rails. The risk is that we get complicated, potentially incompatible technology for people to provide proof of vaccination.

What we really need is dumb technology that does as little as possible and knows as little about us as possible. “How can we make it simple, simple, simple as opposed to what technology companies are doing, which is to add more?” Dr. Raskar said.

PathCheck is just one of multiple companies and nonprofit groupsthat are developing fraud-proof vaccination credentials. It’s going to be confusing for awhile as these technologies are evaluated and tested.

But PathCheck deserves credit for turning the approach to vaccination credentials on its head. Less and dumber technology is usually the best.


About Andrew
Andrew blogs and tweets public policy issues, particularly the relationship between the political and bureaucratic levels, citizenship and multiculturalism. His latest book, Policy Arrogance or Innocent Bias, recounts his experience as a senior public servant in this area.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: