Published online by Cambridge University Press: 12 July 2021
The extensive disruption to and digital transformation of travel administration across borders largely due to COVID-19 mean that digital vaccine passports are being developed to resume international travel and kick-start the global economy. Currently, a wide range of actors are using a variety of different approaches and technologies to develop such a system. This paper considers the techno-ethical issues raised by the digital nature of vaccine passports and the application of leading-edge technologies such as blockchain in developing and deploying them. We briefly analyse four of the most advanced systems – IBM’s Digital Health Passport “Common Pass,” the International Air Transport Association’s Travel Pass, the Linux Foundation Public Health’s COVID-19 Credentials Initiative and the Vaccination Credential Initiative (Microsoft and Oracle) – and then consider the approach being taken for the EU Digital COVID Certificate. Each of these raises a range of issues, particularly relating to the General Data Protection Regulation (GDPR) and the need for standards and due diligence in the application of innovative technologies (eg blockchain) that will directly challenge policymakers when attempting to regulate within the network of networks.
1 EC, “Coronavirus: Commission proposes a Digital Green Certificate” (2021) <https://ec.europa.eu/commission/presscorner/detail/en/IP_21_1181>.
2 N Vabret et al, “Immunology of COVID-19: current state of the science” (2020) 52(6) Immunity 910–41.
3 Editorial, “The rocky road to universal COVID-19 vaccination” (2021) 21(6) Lancet Infectious Diseases 743.
4 RCH Brown, J Saveluscu, B Williams and D Wilkinson, “Passport to freedom? Immunity passports for COVID-19 (2020) 46 BMJ Journal of Medical Ethics 10.
5 Royal Society, “Twelve criteria for the development and use of COVID-19 vaccine passports” (2021) <https://royalsociety.org/-/media/policy/projects/set-c/set-c-vaccine-passports.pdf?la=en-GB&hash=A3319C914245F73795AB163AD15E9021>.
6 N Kofler and F Baylis, “Ten reasons why immunity passports are a bad idea” (2020) 581 Nature 379–81.
7 NHS Digital Technology Assessment Criteria <https://www.nhsx.nhs.uk/key-tools-and-info/digital-technology-assessment-criteria-dtac/>.
8 E Rodriguex-Villa and J Torous, “Regulating digital health technologies with transparency: the case for dynamic and multi-stakeholder evaluation” (2019) 17 BMC Medicine 226.
9 JH Moor, “What is computer ethics?” in Computer Ethics (London, Routledge 2017) pp 31–40.
10 Ada Lovelace Institute, “What place should COVID-19 vaccine passports have in society?” Findings from a rapid expert deliberation to consider the risks and benefits of the potential roll-out of digital vaccine passports (17 February 2021) <https://www.adalovelaceinstitute.org/summary/covid-19-vaccine-passports/>.
11 A Mahindra et al, “Paper card-based vs application-based vaccine credentials: a comparison” (2021) arXiv preprint arXiv:2102.04512.
15 COVID-19 Credentials Initiative, “COVID-19 Credentials Initiative: Home” (2021) <https://www.covidcreds.org/>.
20 IBM, “How IBM blockchain powers IBM Digital Health Pass” (2021) <https://www.ibm.com/watson/health/resources/digital-health-pass-blockchain-explained/>.
21 European Commission “EU Digital COVID Certificate: European Parliament and Council reach agreement on Commission proposal” (2021) <https://ec.europa.eu/commission/presscorner/detail/en/IP_21_2593>.
22 The numbers in parentheses in this section refer to the numbered sections in the EU Digital COVID Certificate document, supra, note 21.
23 T Osama, MS Razai and A Majeed, “Covid-19 vaccine passports: access, equity, and ethics” (2021) 373 BMJ n861.
25 IBM, “New York and IBM begin COVID-19 Digital Health Pass pilot” (2021) <https://newsroom.ibm.com/New-York-State-and-IBM-Digital-Health-Pass-Pilot>.
26 Y Tang, J Xiong, R Becerril-Arreola and L Iyer, “Blockchain ethics research: a conceptual model”. In Proceedings of the 2019 on Computers and People Research Conference (New York, Association for Computing Machinery 2019) pp 43–49.
27 IBM, “Blockchain and GDPR” (2018) <https://iapp.org/media/pdf/resource_center/blockchain_and_gdpr.pdf>.
28 A Gretch, I Sood and L Arino, “Blockchain, self-sovereign identity and digital credentials: promise and praxis in education” (2021) 4 Frontiers in Blockchain 7.
31 SMK Ferdous, F Chowdhury and MO Alassafi, “In search of self-sovereign identity leveraging blockchain technology” (2019) 7 IEEE Access 103059–79.
32 EU blockchain Observatory, “Blockchain and the GDPR” (2018) <https://www.eublockchainforum.eu/sites/default/files/reports/20181016_report_gdpr.pdf>.
34 F Bieker, M Friedewald, M Hansen, H Obersteller and M Rost, “A process for data protection impact assessment under the European General Data Protection Regulation” in Annual Privacy Forum (Cham: Springer 2016) pp 21–37.
35 B Yuan and J Li, “The policy effect of the General Data Protection Regulation (GDPR) on the digital public health sector in the European Union: an empirical investigation” (2019) 16(6) International Journal of Environmental Research and Public Health 1070; B Marovic and V Curcin, “Impact of the European General Data Protection Regulation (GDPR) on health data management in a European Union candidate country: a case study of Serbia (2020) 8(4) JMIR Medical Informatics 14604.
36 EU, “Open source software in the European Union” (2020) <https://euipo.europa.eu/tunnel-web/secure/webdav/guest/document_library/observatory/documents/reports/2020_Open_Source_software/2020_OSS_Full_EN.pdf>.
37 EU, “Open Source Software Strategy 2020–2023” (2020) <https://ec.europa.eu/info/departments/informatics/open-source-software-strategy_en>.
39 M Morvillo, “Glyphosate effect: has the glyphosate controversy affected the EU’s regulatory epistemology?” (2020) 11(3) European Journal of Risk Regulation 422–35.
40 N McBride, “The application of an extended hierarchy theory in understanding complex organisational situations” (2015) 33(3) Systems Research and Behavioural Sciences 413–36.
41 A Minto and E Trincanato, “The policy and regulatory engagement with corruption: insights from complexity theory” (2021) European Journal of Risk Regulation <https://doi.org/10.1017/err.2021.18>.
42 B Latour, Science in Action (Milton Keynes, Open University 1987).