Digital health passports, or vaccine passports, were included in the recent Report of the Global Travel Taskforce. For some, they are considered to be one of the main routes back to ‘normal’ international travel.

A recent report from The Royal Society highlighted 12 criteria which need to be met in order to provide an effective vaccine passport. Inevitably, this included legal, ethical and scientific considerations. From a legal perspective, the stand-out concern is around privacy and data protection. How can organisations ensure compliance with data protection laws such as GDPR and the Data Protection Act 2018? This is particularly important given the data being collected relates to a person’s health and medical status –considered ‘special category’ data and held to a higher standard of compliance. The transfer of this data between multiple organisations and countries, some of which with lower standards of personal data protection than the UK and EU, is also a cause for concern. The security of the personal data will need to be prioritised, as well as ensuring purpose limitation. The data should not be used for anything other than the limited purpose for which it has been collected, and it should not be held for any longer than needed.

Challenges have also been raised around potential discrimination against those who have not, or cannot, be vaccinated. This may be due to age (since the vaccine roll-out is mostly being done by age group), as well as religious or spiritual beliefs which may not allow for vaccination. It could also include those deemed unsuitable for vaccination due to a medical condition, pregnancy, or disability. All of those are potentially protected characteristics and organisations should be careful not to unduly discriminate against such persons. The inclusion of negative tests results and antibody tests may help offset this.

The Report of the Global Travel Taskforce suggests travel certification as a possible strategy for re-opening international travel. It also recommends close coordination with industry to ensure third party apps can be integrated with a national digital certification system that is interoperable, safe and secure.