We Can Create a Global Health Pass for COVID
Lots of countries are investigating the possibility of a digital health certificate to help speed up international travel. The EU’s European Digital COVID Certificate is due to come into effect July 1. But will this make any difference in time for summer travel?
Dakota Gruener is executive director of ID2020, a San Francisco-based public-private partnership, which promotes ethical, privacy-protecting approaches to digital ID.
GRUENER: A number of governments and industries are moving forward with different health-pass programs, including the European Digital COVID Certificate, IATA’s Travel Pass and a multitude of others.
ID2020 launched the Good Health Pass Collaborative in February of this year because, while we saw a lot of outstanding work being done, it was being done in silos. We recognized there was a need to weave together these efforts and to identify and fill gaps where they might exist. This was the only way to ensure that there could be seamless interoperability between digital health passes.
What does interoperability mean in practice? Put simply, it means that you or I should be able to travel from one country to another with the confidence that our health pass is going to be recognized and accepted by airlines and border control agencies.
The collaborative is a partnership of more than 125 companies and organizations from the health, travel and tourism, and technology sectors. Our partners are jointly developing principles and open standards, which ensure that digital health pass solutions can be trusted because they are designed to adhere to core principles around privacy, user-control and equity.
Why Is This So Hard?
BRINK: People have been traveling with paper health certificates like yellow fever certificates for years without difficulty. Why is this so difficult to do?
GRUENER: The yellow vaccination card that many of us have had since we were children has many benefits: It’s paper, so there’s little risk of exclusion because basically anyone can use a piece of paper, and there’s no infrastructure required to use it. And it’s low cost.
But when we think about digitizing that health certificate, a few issues arise. The good thing is that there is now a way to ensure a higher level of fraud resistance. Unlike a piece of paper, which is easy to forge, you can build protections into the design of a digital certificate that make it easier to trust that it has not been tampered with.
But there’s also a lot of complexity in how you design these systems. If they are not designed very carefully and intentionally, they could create significant privacy concerns.
Good Health Pass partners believe that digital health passes should be privacy-protecting and user-controlled. In other words, users should be able to determine when, where and with whom we share their personal health information. To get to that point, standards grounded in these principles are vitally important — and that’s what we are seeking to create.
Surveys have shown that there is actually widespread public support for requiring proof of COVID status for international travel.
No Central Database
The challenge is: How do you create digital health passes that have the benefits of a paper-based credential (i.e., easy to use, low-cost and non-exclusionary), with the additional benefits of being hard to forge and appropriate for the digital world we live in?
In the U.S., there’s no central federal immunization database, but there are 54 state-level immunizations registries. These offer a way to get to a more aggregated record of who has been vaccinated. But even this is an imperfect tool, as it relies on the fact that, at the point of vaccination, individuals present identification which could, in theory, be forged. That said, the immunization information systems do provide the most reasonable basis from which to issue health certificates.
BRINK: How much has the issue become politicized in the U.S., with individual states banning these types of passports?
The term “vaccine passport” has become incredibly politicized in the U.S., but the term is factually inaccurate and unnecessarily divisive.
The term suggests that access to venues and activities will require individuals to provide proof of vaccination, and some have conflated them with a vaccine mandate.
While our focus has been specifically limited to international travel, we have always held that individuals should be able to provide either proof of vaccination or a recent test result. But it’s important to note that essentially all of the systems being proposed — both here in the U.S. and internationally — recognize multiple forms of proof that an individual is safe to travel (e.g., proof of vaccination, testing and, in some cases, recovery).
In the U.K. and EU, the debate has been much more focused on defining the range of appropriate use cases for digital health passes or digital health credentials. In other words, “Am I going to have to show this to get into my pub?”
While the issue remains divisive, surveys have shown that there is actually widespread public support for requiring proof of COVID status for international travel. Depending on which survey you read, between 78% and 91% of individuals support requiring proof of vaccination or proof of testing for international travel.
This is encouraging, but it does not negate the fact that governments and the tech sector face a trust deficit. There’s a real need to ensure that these systems are designed in ways that protect user privacy and address concerns around equity and inclusion.
When Will We Get There?
BRINK: Are you hopeful that we will reach a kind of single solution, or do you think we’re going to end up with multiple different types of certificates with every country?
GRUENER: Things are moving both incredibly quickly and yet, not nearly quickly enough. The travel and tourism industry is struggling and sending shockwaves throughout the global economy. More than 61 million travel and tourism jobs have been lost in the last year.
I think we will see some global standards — and compatibility between a number of different formats. The G7 has made a commitment to work toward interoperability because issuers, whether businesses or government, are going to issue credentials in a number of different formats.
The main point is that if you’re an airline, if you are a border authority, if you’re anyone who’s a verifier, you don’t want to have to figure out how to accept multiple different forms of credentials.The Good Health Pass Interoperability Blueprint outlines a path to work through this messiness, by creating compatibility between multiple types of credentials, such that they can be universally verified.