Can vaccination passports make it easier restitution στην κανονικότητα, αλλά υπάρχουν επίσης ανησυχίες για το τι είδους προσωπικά δεδομένα συλλέγουν και πόσο καλά τα προστατεύουν. Σύμφωνα με τον Tony Anscombe, τον επικεφαλής για την information security audience at global cybersecurity company ESET, here's what we need to know.
Throughout the COVID-19 pandemic, technology has taken center stage, but not without presenting some issues and challenges.
Applications, for example, used to prove vaccinated or to validate medical examinations, are among the latest in a long list of technologies that have been the focus of interest and are raising concerns about the protection of privacy. life and safety.
And while many Authorities avoided implementing vaccination requirements for a return to normality – such as dining indoors or attending a concert or performance – as doing so could be seen as infringement of human rights, the Delta variant forces them to reconsider.
As countries, states, and cities slowly return to normalcy and allow mass gatherings and events indoors, they often require evidence either vaccination or a negative COVID-19 diagnostic test (or both).
The need for vaccination passports is growing and has two distinct elements: the first is the right to privacy and the second is how technology can be utilized to ensure the desired functionality.
Whatever solution the government, the state or health care provider, must provide security and privacy protection by default, while this solution should include enough data to be certain that you are the person who administered the vaccine or test.
According to Tony Anscombe, ESET Chief Security Evangelist, some of the features he suggests to consider when using the Digital Vaccine Passport Application are:
1. To create a Covid passport you only need some basic data: name, date of birth and date of vaccination. This information is sufficient to confirm that the vaccination was given and, if necessary, to cross-check the identification of the holder with another document such as a driver's license.
2. Communication and all stored data must be encrypted.
3. The privacy policy should state the purpose of the application and that no personal information is disclosed to third parties.
4. No attempt to locate or collect unnecessary data other than the data used by the device to improve the user experience is considered acceptable.
5. Apps should only be installed from official sources, such as the Apple App Store or the Google Play Store.
6. In countries that have adopted the General Data Protection Regulation (GDPR) or similar privacy legislation, such as the CCPA, applications should be bound by the relevant privacy regulation to ensure that the subject data, the individual has the necessary privacy and security.
