How can we travel safely again? If you’ve recovered from Covid-19, can you return back to the office? Is there a way to fully open up the economy again without risking a second wave? These are all questions that governments all over the world are trying to answer by considering so-called ‘immunity passports’.
Immunity passports aim to provide citizens with a form of portable credentials that they could share with anyone, including their employers and authorities, at any point to prove they are immune from Covid-19. Any immunity passport would therefore rely on antibody tests – which are intended to show whether someone has recovered from the infection – to then provide certification that a person is immune and cannot catch the virus again.
The arguments in favour of the concept are clear. By providing a tool that can display and link an individual’s identity with their Covid-19 antibody test status, this can allow those who have had and recovered from the virus to exit lockdown and help return societies to some semblance of normality.
This could be especially useful for frontline and key workers. For example, by providing hospital staff that have recovered with immunity passports, healthcare systems can ensure that these are the staff treating Covid-19 patients as opposed to getting a member of staff who hasn’t got immunity to treat infected patients, substantially reducing the risk of the latter both contracting and spreading the virus.
However, the realities are much more complicated, and several challenges, risks and questions must be addressed before a widespread rollout is put in place.
The ‘antibody elite’ and the emergence of a ‘two class’ society
The first associated risk is the likelihood of an ‘antibody elite’ or a ‘two tier’ class system emerging.
In other words, if immunity passports were to be rolled out across society, those citizens with a passport could enjoy some preferential treatment, while those without continue to be subjected to health restrictions.
This could have a knock-on effect of amplifying financial and social inequalities. For instance, employers may prefer to hire those with confirmed immunity over those that still have the risk of contracting the disease. In fact, some employers may make it compulsory for candidates to have an immunity passport.
Increased risk of intentional infections
This leads on to another associated risk with the widespread roll out of immunity passports: the creation of perverse incentives to obtain a passport.
For example, from what we have learnt from Covid-19, a healthy 20-year-old might deliberately choose to get infected to return to work or secure a job, as they know that their chances of having a severe case of the disease is very low. This incentive will also be high amongst those that are desperate for work and an immunity passport is the only way to get access to a pay cheque.
However, by getting infected and not staying in rigid quarantine throughout, they could accelerate the spread of the disease and increase the likelihood of a second wave in some countries. This has the potential to place increased pressure on healthcare systems across the world, of which many are just starting to get to grips with and control the pandemic.
A pandora’s box for data privacy?
A further challenge related to immunity passports is the privacy of data.
By the very nature of Covid-related immunity passports, they will contain sensitive and personal health data. This has made them a hot topic when it comes to data privacy, with many concerned about how the data will be stored, who will have access to the data and whether it will be incorporated into a wider, centralised surveillance infrastructure (including a contact tracing app).
Operating out of the highly user-friendly legal framework of GDPR is already a strong starting point to ensure that the individual remains in control and can share their health data whenever they choose. However, it is also crucial that any development in immunity passports not only focuses on digitising the test results of citizens, but also harnesses the latest innovative technologies that can ensure privacy-by-design, such as blockchain.
For example, a blockchain-enabled immunity passport could also work if the end-users provide proof of ID before testing and a permanent digital fingerprint of the signed certificate is placed on the blockchain, which is used by a verifier (such as an employer) to check its authenticity. Crucially, as sensitive medical data, such as Covid-related test results, is stored as a ‘fingerprint’, this offers a form of encryption and ensures that the digital certificate provided to the end-user is secure and tamper-proof by design, which means it is unalterably linked to their identity.
This could have several important consequences, but in terms of data privacy as each fingerprint is individual and does not reveal any information about whom the document belongs to, the key is that it safeguards the information it contains.
Hang on, is Covid-19 immunity even possible?
Despite the opportunities that blockchain affords in alleviating concerns around data privacy, the risks and question marks are still there.
However, arguably the biggest challenge, which has the potential to derail the concept of digital immunity passports entirely, is the question of whether Covid-19 immunity is possible.
At present, scientists simply don’t know how long someone remains immune to the coronavirus — or even if they can become immune at all. In fact, a recent study has found that people who have recovered from Covid-19 may lose their immunity to the disease within months, which suggests that the virus could reinfect people year after year, like the common cold[1].
As such, a more sensible line of action would be to follow the science; for any immunity passport to truly work effectively and be taken seriously, the antibody test must be proven to show that end-users cannot get infected again. This should not mean that governments and healthcare bodies abandon the development of digital immunity passports altogether, but any development must be contingent on what the scientific evidence tells us.
It is only then the debate around the impact immunity passports could have on data security and the possibility of deliberate infections can be truly worthwhile.
By René Seifert, co-head of TrueProfile.io
