The COVID Credentials initiative (CCI) has launched to use digital identity to address the spread of COVID-19. The aim is to develop “immunity passports” and much more. The group includes individuals who are part of Evernym, ID2020, uPort, Dutch research organization TNO, Microsoft, ConsenSys Health and consultants Luxoft. So far, at least 69 have signed up.
Evernym is the firm that initiated the self-sovereign identity (SSI) platform Sovrin and Hyperledger Indy. CCI aims to use W3C digital credentials standards.
The key to SSI is that it empowers privacy. Access to the data is only available to the individual and the organization that provides a credential – perhaps a hospital that tested you. As an individual, you can then choose with whom to share that data.
Bill Gates recently commented that “eventually we will have some digital certificates to show who has recovered or been tested recently. Or when we have a vaccine who has received it.” Twitter was full of conspiracy theories about the Big Brother implications. But with SSI, it can be privacy-preserving.
“This isn’t your average self organization effort,” said Sovrin co-chair Drummond Reed in a Zoom meeting for the new credentials initiative. “We’re doing something here that can save lives. That can help ideally with the global economic recovery from what may be the deepest economic trough we hit in our lifetime.”
Reed continued: “So, it’s really important I ask everyone participating in this to check your egos, to check your company agendas, even in some cases check your country’s agendas and let’s work together to make this work in every one of these task forces.”
The task forces referred to include one for use cases, another for governance and rules, a third for tools and interoperability, and lastly for coordination.
While the COVID Credentials initiative may focus more on testing and vaccines, there are numerous other initiatives that have targeted tracking people.
Tracking initiatives
A big fear is that an emergency such as COVID-19 results in the side swiping of privacy protections. This weekend, UK newspaper The Guardian ran a story saying that US big data firm Palantir and others were processing large volumes of confidential UK patient information. However, it is claimed it will by anonymized despite include postcode information.
One of the early initiatives that sought to track contacts yet maintain privacy was the Singapore government’s TraceTogether initiative. It doesn’t rely on GPS location data, which isn’t always practical in cities with high rises. Instead, it uses Bluetooth, which pings people you don’t know as you move around. Those people’s true identities are not shared, but if you later test positive, those who passed close to you can be pinged to let them know.
However, this relies on the person who tests positive to provide the Bluetooth ping data voluntarily.
In the last couple of weeks, there has been a flurry of initiatives that sound somewhat similar.
The highest profile is a joint initiative between Google and Apple, which will also use Bluetooth. Additionally, there are projects from MIT and a large group of European academics.
We previously reported a project initiated by Hacera with IBM and Oracle to enable the blockchain platform MiPasa to help to aggregate data.
And at the end of last week, enterprise blockchain firm IntellectEU launched an initiative SpreadLoveNotCorona to enable and track donations to raise funds for the UN Foundation’s COVID-19 Solidarity Response Fund for the WHO.