The New York “Excelsior Pass” is a COVID-19 vaccine passport system. It proudly proclaims its use of “secure technologies, like blockchain and encryption.” [press release]
The Excelsior Pass is a deployment of IBM Digital Health Pass, a project of the IBM Watson Works vaporware project — now that the IBM Blockchain vaporware project has shut down as a separate unit, and been folded into Watson. [IBM]
An official promotional image for Excelsior Pass: a stock photo, with mockup screenshots pastede on yay. [EPass]
Tim Paydos, global general manager of government for IBM, spoke to GovTech, and was remarkably unclear on where the data is kept: [GovTech]
IBM purposefully didn’t build a centralized database for Excelsior Pass in order to avoid creating a giant target for hackers.
“All of the data stays distributed,” Paydos said. “We’re not creating a big intergalactic database in the sky. We wouldn’t want to do that, nor given the time urgency could we do that.”
This claim is factually incorrect, if the following is true:
The app was actually based on work IBM did with Maersk on shipping containers moving across the world, and Paydos said it should work for travelers moving between nations as well.
This means that IBM reworked the TradeLens system for the Digital Health Pass.
TradeLens was used for the Maersk supply chain blockchain project — one of the two systems the IBM Blockchain unit ever sold. (The other being the WalMart supply chain project, which apparently wasn’t TradeLens.)
TradeLens operated as a completely normal centralised system — administered by the company, with all servers living on the IBM Cloud. The “blockchain” bit is that the back end data store is Hyperledger.
TradeLens didn’t do so well — it turns out that nobody in business wants their competitors all up in their deals. [Supply Chain Movement, 2019] Even Maersk’s vendors couldn’t really see the point of TradeLens on a blockchain, and only signed up because Maersk, as central authority, required them to. “I believe the industry is quietly and politely saying they are not interested or at least not currently interested,” said one vendor; “Blockchain is the overly persistent salesperson.” [Journal of Commerce, 2018, archive]
If Digital Health Pass is based on TradeLens, then it would work similarly — and, functionally, it’ll be a completely centrally administered system.
Which is, of course, precisely what you want from a government function — “blockchain” will only mean “slow distributed database.” You’d have to be high on blockchain fumes to do it any other way than fully centralised.
The Hyperledger bit might make redacting erroneous data unduly difficult, which is what they’d get for putting incredibly sensitive personal data into a Merkle tree.
The ethics and medical validity of vaccine passports have been widely questioned — particularly when vaccines are in short supply, and there’s a black market on the darknet for fake vaccine documentation. [EFF; BBC]
More specifically, the Excelsior Pass app asks for data on vaccination, but also on antigen tests [NY Health] — which are much better than nothing, but have substantial rates of false negatives. And the Excelsior Pass system is slow to update and clunky to use — you have to show ID at the same time to use it. [Washington Post; Reddit]
I was also particularly impressed to see that NY, not being a health care provider, explicitly disclaims protection of this extremely sensitive medical data under HIPAA rules. But they absolutely won’t use your data for purposes other than the public health! Unless they do. [NY EPass, archive]
So what New York has paid IBM to do is to use a superfluous technology to implement a questionable idea, badly. So far, so blockchain.
Corona-chan looks forward to seeing you out and about!
Your subscriptions keep this site going. Sign up today!