This article is part of the On Tech newsletter. You can sign up here to receive it weekdays.
I have been reluctant to write about whether and how Americans might provide proof of vaccination against the coronavirus. It’s a political, cultural, ethical and legal minefield. Technology is not the point at all.
But if some workplaces, schools, public gathering spots and travel companies start requiring a “vaccine passport,” it makes sense for them to do so in ways that preserve people’s privacy, are simple to use, win people’s trust and don’t cost a fortune.
Let me tell you about an intriguing proposal from PathCheck Foundation, a health technology nonprofit. The central premise is that technology related to our health should be as minimal as possible. That philosophy should be our North Star.
Here is one problem with some early technology approaches to digital vaccine credential systems: They create too many middlemen that tap into your health records, said Ramesh Raskar, an associate professor at the M.I.T. Media Lab who also founded PathCheck.
In the United States, states are mostly the ones maintaining records of which residents are vaccinated. Early efforts to create vaccine credentials, like the Excelsior Pass in New York, essentially create a replica of those state databases with information including your name, date of birth, address, the batch numbers of your shots and so on. And that’s what businesses and others access when they check whether people walking in the door are vaccinated, Dr. Raskar said.
When you add multiple layers of technology into any system, it increases the possibility of your sensitive data leaking out. It’s also expensive and complicated for everyone involved. “It’s completely unnecessary,” Dr. Raskar told me.
PathCheck’s idea is to create simple software code that anyone — workplaces, schools or airlines — can incorporate into apps, without the need to replicate health records.
When you need to show a vaccination credential, a one-time code would transmit two pieces of information: your identity, and that you’re vaccinated. Yes, there’s still a middleman, but the difference is that the apps would do as little as possible to access your sensitive information. The relevant data is communicated more directly between your phone and the state health records. You might have to show your ID, too.
He compared this proposal to paying for a sandwich with cash instead of a credit card. There is no need for a complicated paper trail to buy lunch. The metaphor isn’t perfect, but it’s useful.
Some of the organizations pitching vaccination credential technology, including IBM and the airport screening company Clear, are making a similar pitch that their technologies are as minimal as possible.
Dr. Raskar says that they’re often not, because tech companies, states and others have tried to throw a lot of smarts at the problem. If you hear the word “blockchain” with vaccine credentials, know that something has gone off the rails. The risk is that we get complicated, potentially incompatible technology for people to provide proof of vaccination.
What we really need is dumb technology that does as little as possible and knows as little about us as possible. “How can we make it simple, simple, simple as opposed to what technology companies are doing, which is to add more?” Dr. Raskar said.
PathCheck is just one of multiple companies and nonprofit groups that are developing fraud-proof vaccination credentials. It’s going to be confusing for awhile as these technologies are evaluated and tested.
But PathCheck deserves credit for turning the approach to vaccination credentials on its head. Less and dumber technology is usually the best.
- On April 13, 2021, U.S. health agencies called for an immediate pause in the use of Johnson & Johnson’s single-dose Covid-19 vaccine after six recipients in the United States developed a rare disorder involving blood clots within one to three weeks of vaccination.
- All 50 states, Washington, D.C. and Puerto Rico temporarily halted or recommended providers pause the use of the vaccine. The U.S. military, federally run vaccination sites and a host of private companies, including CVS, Walgreens, Rite Aid, Walmart and Publix, also paused the injections.
- Fewer than one in a million Johnson & Johnson vaccinations are now under investigation. If there is indeed a risk of blood clots from the vaccine — which has yet to be determined — that risk is extremely low. The risk of getting Covid-19 in the United States is far higher.
- The pause could complicate the nation’s vaccination efforts at a time when many states are confronting a surge in new cases and seeking to address vaccine hesitancy.
- Johnson & Johnson had also decided to delay the rollout of its vaccine in Europe amid concerns over rare blood clots, but it later decided to resume its campaign after the European Union’s drug regulator said a warning label should be added. South Africa, devastated by a more contagious virus variant that emerged there, suspended use of the vaccine, and Australia announced it would not purchase any doses.
For more on this issue:
Before we go …
Being Big Tech means fighting big governments: Governments around the world are trying to put limits on tech companies with “an urgency and breadth that no single industry had experienced before,” my colleagues reported. The grievances aren’t uniform among China, the United States, Europe, Myanmar, India, Australia and other countries, but there is a common cause of government angst: tech companies’ power.
Hacking McDonald’s ice cream machines! I had no idea, but apparently the machines that mix McDonald’s ice cream and shakes are proprietary, fragile and complicated — and only approved technicians are allowed to fix them. One couple built an internet-connected gadget for franchisees to repair the machines on their own, Wired reported, and it started a war with the restaurant giant.
Amazon is opening a hair salon in London. It’s an experiment, but WHAT and also WHY?
Hugs to this
How do you bottle-feed a bunch of baby goats at the same time? You make a goat feeding assembly line.
We want to hear from you. Tell us what you think of this newsletter and what else you’d like us to explore. You can reach us at [email protected].
If you don’t already get this newsletter in your inbox, please sign up here.