Tuesday, April 20, 2021

On Tech: For vaccine passports, less tech is best

We need dumb technology that does as little as possible and knows as little about us as possible.

For vaccine passports, less tech is best

Simoul Alva

I have been reluctant to write about whether and how Americans might provide proof of vaccination against the coronavirus. It's a political, cultural, ethical and legal minefield. Technology is not the point at all.

But if some workplaces, schools, public gathering spots and travel companies start requiring a "vaccine passport," it makes sense for them to do so in ways that preserve people's privacy, are simple to use, win people's trust and don't cost a fortune.

Let me tell you about an intriguing proposal from PathCheck Foundation, a health technology nonprofit. The central premise is that technology related to our health should be as minimal as possible. That philosophy should be our North Star.

Here is one problem with some early technology approaches to digital vaccine credential systems: They create too many middlemen that tap into your health records, said Ramesh Raskar, an associate professor at the M.I.T. Media Lab who also founded PathCheck.

In the United States, states are mostly the ones maintaining records of which residents are vaccinated. Early efforts to create vaccine credentials, like the Excelsior Pass in New York, essentially create a replica of those state databases with information including your name, date of birth, address, the batch numbers of your shots and so on. And that's what businesses and others access when they check whether people walking in the door are vaccinated, Dr. Raskar said.

ADVERTISEMENT

When you add multiple layers of technology into any system, it increases the possibility of your sensitive data leaking out. It's also expensive and complicated for everyone involved. "It's completely unnecessary," Dr. Raskar told me.

PathCheck's idea is to create simple software code that anyone — workplaces, schools or airlines — can incorporate into apps, without the need to replicate health records.

When you need to show a vaccination credential, a one-time code would transmit two pieces of information: your identity, and that you're vaccinated. Yes, there's still a middleman, but the difference is that the apps would do as little as possible to access your sensitive information. The relevant data is communicated more directly between your phone and the state health records. You might have to show your ID, too.

He compared this proposal to paying for a sandwich with cash instead of a credit card. There is no need for a complicated paper trail to buy lunch. The metaphor isn't perfect, but it's useful.

ADVERTISEMENT

Some of the organizations pitching vaccination credential technology, including IBM and the airport screening company Clear, are making a similar pitch that their technologies are as minimal as possible.

Dr. Raskar says that they're often not, because tech companies, states and others have tried to throw a lot of smarts at the problem. If you hear the word "blockchain" with vaccine credentials, know that something has gone off the rails. The risk is that we get complicated, potentially incompatible technology for people to provide proof of vaccination.

What we really need is dumb technology that does as little as possible and knows as little about us as possible. "How can we make it simple, simple, simple as opposed to what technology companies are doing, which is to add more?" Dr. Raskar said.

PathCheck is just one of multiple companies and nonprofit groups that are developing fraud-proof vaccination credentials. It's going to be confusing for awhile as these technologies are evaluated and tested.

ADVERTISEMENT

But PathCheck deserves credit for turning the approach to vaccination credentials on its head. Less and dumber technology is usually the best.

For more on this issue:

If you don't already get this newsletter in your inbox, please sign up here.

If you've found this newsletter helpful, please consider subscribing to The New York Times — with this special offer. Your support makes our work possible.

Before we go …

  • Being Big Tech means fighting big governments: Governments around the world are trying to put limits on tech companies with "an urgency and breadth that no single industry had experienced before," my colleagues reported. The grievances aren't uniform among China, the United States, Europe, Myanmar, India, Australia and other countries, but there is a common cause of government angst: tech companies' power.
  • Hacking McDonald's ice cream machines! I had no idea, but apparently the machines that mix McDonald's ice cream and shakes are proprietary, fragile and complicated — and only approved technicians are allowed to fix them. One couple built an internet-connected gadget for franchisees to repair the machines on their own, Wired reported, and it started a war with the restaurant giant.
  • Amazon is opening a hair salon in London. It's an experiment, but WHAT and also WHY?

Hugs to this

How do you bottle-feed a bunch of baby goats at the same time? You make a goat feeding assembly line.

We want to hear from you. Tell us what you think of this newsletter and what else you'd like us to explore. You can reach us at ontech@nytimes.com.

If you don't already get this newsletter in your inbox, please sign up here.

Need help? Review our newsletter help page or contact us for assistance.

You received this email because you signed up for On Tech with Shira Ovide from The New York Times.

To stop receiving these emails, unsubscribe or manage your email preferences.

Subscribe to The Times

Connect with us on:

facebooktwitterinstagram

Change Your EmailPrivacy PolicyContact UsCalifornia Notices

LiveIntent LogoAdChoices Logo

The New York Times Company. 620 Eighth Avenue New York, NY 10018

No comments:

Post a Comment