The scheme is currently being tested, with the prime minister saying that it will be applied to mass gatherings and indoor events – such as football matches and clubs – but not for pubs.
Boris Johnson said there would be a “proper review” about Covid passports, which will be led by Michael Gove and examine the “moral, philosophical, ethical viewpoints on it”.
What is a vaccine passport?
A vaccine passport would be a check on your phone – most likely similar to the QR code scanner used by the existing NHS Covid-19 app – that would inform business owners about the user’s vaccine status.
This could be stating whether a user had a vaccine, was naturally immune, or had recently tested negative. The intention is that this could be used to facilitate international travel as well as opening up businesses.
The passport will not be compulsory in all areas. Shops, public transport, and essential services will not require the passport, but theatres, clubs, festivals, and sporting events could fall under its remit. The FA Cup final and a mass running event are among the events that will be studied in April and May to check the effectiveness of passports.
The UK is not the only country investigating this potential technology. European countries including Greece, Spain, and Portugal are hoping that vaccine passports will help their tourism industry.
How will it work?
Michael Gove has suggested that the UK could take inspiration from a “vaccine passport” scheme being carried out in Israel, which uses a smartphone app.
“The Israeli approach involves a smartphone app and the NHS app could serve a similar purpose here. But we must not exclude those who do not have a smartphone, so we’re exploring paper-based complements to the app. Privacy and data security must be watertight”, he wrote in the Telegraph.
“At the moment, businesses could set up their own private certification schemes and use them to restrict access. Nightclubs and other venues already police entry … We are looking closely at how we can guarantee fairness.”
What are the concerns?
Many MPs, as well as human rights groups, have expressed reservations about vaccine passports due to concerns it would be “divisive and discriminatory”.
Politicians including Liberal Democrat leader Ed Davey and Tory 1922 committee chair Graham Brady said the certificates should not be used to “deny individuals access to general services, businesses or jobs”.
Other MPs against the proposal include Dawn Butler, Rebecca Long Bailey and Jeremy Corbyn, Layla Moran, Tim Farron, and Alistair Carmichael, as well as Iain Duncan Smith, Peter Bone, and Steve Baker.
“We oppose the divisive and discriminatory use of Covid status certification to deny individuals access to general services, businesses or jobs,” the MPs said in a joint statement, which was coordinated by the campaign group Big Brother Watch.
European data protection watchdogs have proposed three types of vaccine certificates – people who have been vaccinated, recovered or tested – so to avoid discrimination, Reuters reports.
Is the technology safe?
The Open Rights Group has said that there are risks in the vaccination passport scheme. “Vaccination data could be (ab)used in ways that were not foreseen, or exploited for commercial purposes. In turn, this risks exposing individuals to discrimination and other adverse consequences”, they write, pointing to the government’s lacklustre record on data protection.
Human rights organisation Liberty expresses similar concerns, saying that the public has “good reason not to trust those in power with large-scale digital projects involving access to our personal data”.
Over the course of the pandemic, the group states, “figures recording coronavirus cases have been lost, police records have been wiped, and apologies for data breaches have been issued to various groups.
“What’s telling is that in all conversations about immunity passports, little attention is paid to privacy protection or data access. In looking for a way out of lockdown, people are not giving serious consideration to how immunity passports would jeopardise our freedom in the long-term.”
Israel’s app, which was used as an example by Michael Gove, reportedly had security issues because it was using outdated code. The initial version of the app also sent feedback to the personal email address of an employee of the country’s health minister.
“Part of the problem in Israel is that they’ve got this central database,” Peter Yapp, a partner at law firm Schillings who previously worked at the National Cyber Security Centre, told The Telegraph.
“They have also used some encryption which is not necessarily top notch encryption, so might be vulnerable. They’ve done it very quickly.”
A different solution would be to use a decentralised system, where information is not stored on one official server but on the devices themselves. The UK had initially hoped to use a centralised database for its contact-tracing app – but eventually moved to one such decentralised app, using software built by Apple and Google.