Fatigued by the pandemic and lockdowns, we hope for traveling to become a part of our life again. And despite that some countries are still dealing with lots of new cases and the vaccine is rolled out terribly unevenly, governments try to ease the restrictions.

Tourism hotspots are especially eager to speed up this process — Greece and Spain, for example, have already lifted quarantine requirements for travelers with a negative Covid test. And some countries that rely on tourists — Turkey and Egypt, for instance — didn’t implement many restrictions at all.

The United Kingdom along with Europe and some other countries mull vaccination documents — so-called Green Passports. These documents are supposed to simplify traveling and in most cases eliminate the need for a quarantine upon arrival. The United States already sees lots of new bookings for flights and hotels.

So overall, the vibe is way more positive now than it was a year ago. Everything that was happening back then feels now like a horrible nightmare — countries closing their borders, rescuing citizens stuck in other locations, limiting the movement of people, and so on. The fear and uncertainty made everyone accept these restrictions and questionable practices such as movement-tracking apps. But now, as people got tired of this situation, and the fear went away, we can take a clearer look at what’s going on. And the view we get is quite unsettling because it seems that traveling became more invasive.

That’s something we could expect as everything is digitized and interconnected. While digitization takes away the hassle and makes some things easier, it also negatively affects our privacy in most cases.

Health documents are digital

Most countries still want travelers to have negative Covid tests on their hands, even if they’re vaccinated. In the beginning, those few countries that allowed tourists accepted paper copies of test results. But as many travelers faked these documents, governments largely began requesting either test copies with a QR code or a digital version of the results.

Some countries now require tourists to fill in a form online and attach Covid test results to it before traveling. The test needs to be performed by an approved lab. This is done to speed up the check-up on the border and eliminate the risk that a person has a fake result.

The next level would be an app that contains all the info about the person’s vaccination and test results. A few countries and airlines already have their own version of such an app, and the European government is working on a digital health passport that would be suitable and accepted worldwide.

The ultimate goal of governments is to create technology that would track the whole process from the moment of the vaccine production to the moment of inoculation itself. Thus, they would be able to confirm that a person truly is vaccinated by a recognized vaccine.

Why is this situation dangerous to our privacy?

Yes, these measures will allow us to travel. But the issue is that there is no global standard when it comes to privacy, especially in the case of health passports. Each country and company work on their own apps which means different protocols and frameworks. Researchers and developers don’t have any standard they need to follow, and it’s unclear how such a messy process will result in a centralized and secure app people all around the world can use.

Most likely, there won’t be a single app. Instead, travelers will need to install different apps for different countries sharing personal data with each of them. Let alone the fact that it’s inconvenient. Since each app has its vulnerabilities that will be sooner or later discovered by malefactors, the more apps we have installed, the more prone to attacks we become. And we’re not even talking about the way sensitive data will be stored — which is a crucial detail, especially considering that this sensitive information will be duplicated across several storages because of multiple apps.

These issues leave personal data vulnerable to theft and violation.

We are left with merely a hope for someone to create a global standard and convince the whole world into following it. But so far, there are no guidelines for developers to stick to.

It doesn’t stop at traveling

Now countries and even airlines have different apps. But the proof of immunization and negative test results will most likely be required in other situations, too. For example, countries that lift restrictions allow large gatherings only for those who are fully vaccinated. The same requirement exists for those who want to go to a restaurant.

So what is waiting for us in the future? Separate apps for cinemas, sports events, concerts, and so on? The vast majority of those apps will be developed by some private company and not approved by any government. And will there be a need for approval? It means that we can’t be sure we can trust those apps our sensitive data.

The desire to return to our routines and normal lives shouldn’t make us forget about the safety of our personal data. Apps that work with such sensitive information as our health details should at least be open-source so that they can be reviewed by independent professionals. But unfortunately, we don’t have any understanding of how it all will work.
The biggest problem is that even the best VPN app and rigorous adherence to privacy-oriented rules won’t protect our data once we share it with an unreliable service. And all we can do is to be very picky about those future health proof applications. Hopefully, at some point health passports become centralized, and we won’t need to deal with a fear of our data getting stolen or mistreated. But so far, many people refuse to travel solely because of privacy and, of course, health concerns as the virus didn’t go away yet.