Blockchain-Based Immunity Passports Don't Resolve Core Privacy Issues: Report

Existing decentralized digital identity standards are vulnerable to compromise and do not have privacy at their core: This is the central argument posed by a new paper presented by Harry Halpin, a visiting professor at research university KU Leuven, at the Mozilla-hosted Security Standardization Research Conference (SSR20).

Proposals for vaccine or immunity passports, which would tie a person's movements to their COVID-19 immunity status, have resurfaced with promising news about vaccines. The International Air Transport Association (IATA) announced it’s "in the final development phase" of a digital passport app that would receive and verify if someone has received a COVID-19 vaccine. The app would purportedly use blockchain technology to authenticate data without storing in a centralized manner. Meanwhile, the World Health Organization is looking at possible "e-vaccination certificates" for travel.

"Identity systems based on globally unique identifiers are by nature against privacy, and putting them on a blockchain does not change this fundamental dichotomy,” said Halpin, the author of the paper “Vision: A Critique of Immunity Passports and W3C Decentralized Identifiers” and the CEO of NYM, a privacy startup developing a mixnet. 

“In fact, putting this data on a blockchain tends to make privacy problems worse, and it's not clear that hand-waving about zero-knowledge proofs really changes the situation."

The idea of immunity passports has been around for months. The idea is that if someone had COVID-19, they would be immune for a period of time and could have their status verified digitally. The concerns with such proposals are numerous, including the ways such sensitive information is stored, how it’s verified and how it curtails or impacts upon people’s rights. 

Countries such as Chile and El Salvador have, in fact, pursued such measures. Chile’s passes, for example, exempt from quarantine those who have recovered from COVID-19 or tested positive for the presence of antibodies, letting them return to work, according to the Washington Post. Residents of Chile could apply for these passports if they haven’t shown symptoms for the disease and they’re willing to be tested.

The ID2020 Alliance, a public-private partnership with partners including Microsoft, Accenture and Hyperledger, has already begun to certify some ID proposals as a “good ID” to offer to governments. A certification means the technology complies with 41 technical requirements put forward by ID2020. 

Read more: Immunity Passes Explained: Should We Worry About Privacy?

The COVID-19 Credentials Initiative (CCI) is another group composed of more than 300 people from 100 organizations looking to “deploy and/or help to deploy privacy-preserving verifiable credential projects in order to mitigate the spread of COVID-19 and strengthen our societies and economies.” The project looks for instances where Verifiable Credentials (VCs), the digital equivalent of a driver's license, could be used to address the public health crisis. At their heart, VCs show the minimum amount of information an entity might need to allow them, say, access to a workspace amid a pandemic, while limiting which other kinds of information are shared. 

Vaccines present both a new opportunity as well as new questions regarding data privacy and sensitivity when it comes to any form of pass. But as Halpin notes in the paper, “the most prominent immunity passport schemes have involved a stack of little-known standards, such as Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) from the World Wide Web Consortium (W3C).”

Halpin argues that immunity credentials “are possibly dangerous as immunity credential holders could become an ‘immunity elite’ with increased social stratification from those without certificates, violating existing laws on discrimination in many countries.”

For example, it’s not hard to imagine wealthy populations being the first to access newly approved vaccines, receive immunity passports or certificates, and therefore gain access to the travel, work and other benefits it would incur. 

The World Wide Web Consortium (W3C), a membership-driven standards body, has laid out the standards for DIDs and VCs, upon which many of these privacy-preserving proposals are based. The body is also known for such standards as the early versions of HTML. Halpin contends these standards are flawed in claiming they preserve privacy.

Generally, a digital identity is seen as a unique identifier connected to a set of variables, like a person's name, citizenship or, in this case, immunity status. A goal of many companies in the blockchain space is the creation of a “self-sovereign identity,” which gives people the ability to control the way their identifiers can be accessed by others, without giving up their personal identity or information, as opposed to relying on a centralized government or company. 

Read more: From Australia to Norway, Contact Tracing Is Struggling to Meet Expectations

Think of it a bit as a bitcoin wallet address, which lets a user pay you without ever having to know your name, for example. Compare this transaction to sending money to someone’s bank account: The bank needs to know both who you are as well as the individual to whom you’re sending money. 

A core part of resolving this problem was that it seemed a central database was needed to resolve or verify these unique identifiers. Blockchain technology seemingly resolved this need by letting information be stored in a decentralized manner, and prompted a resurgence of interest, along with W3C to put forth standards for this idea. 

At the core of Halpin’s critique of VCs is that they are made for data integration rather than privacy. The standards can be based on the Semantic Web (an extension of the internet based on standards set by the W3C), with the goal of making data readable by machines. 

The details of the argument are quite technical but hit on a couple of key points. One is that W3C VCs are basically just signed digital documents. They use a serialization, or the process by which code and data is converted into a form where it can be transmitted, whose only use case is data fusion. Data fusion is the process of integrating data from multiple sources. 

In other words, on a technical level, the standards data model isn’t built with privacy at its core. Instead, it’s an optional add-on. 

“The Semantic Web is useful for data fusion across databases, which is useful for open public data,” said Halpin. “When you combine the Semantic Web with personal data and globally unique identifiers like DIDs, it conceivably could be used in use cases like tracking down immigrants by the [U.S.] Department of Homeland Security. I honestly can't see any reason why corona test results would be attached to a DID, and the only answer that seems plausible is dangerous data fusion with other sensitive data by governments." 

Read more: COVID-19 ‘Immunity Passport’ Unites 60 Firms on Self-Sovereign ID Project

DHS has awarded a contract to Digital Bazaar to work on the W3C digital identity standards.

Halpin writes that this model based on data integration can be exploited by signature exclusion and signature replacement attacks. In such an attack, a bad actor removes the signature of a signed message or digital document, and replaces it with another signature, thereby tricking a verifier into accepting the invalid message as valid. 

What this means is VCs could be tricked into showing they’ve been verified when they are not. In the case of an immunity passport or certificate, this means someone could have such a document verified as accurate when it could be incorrect or even completely fabricated. 

Elizabeth Renieris is a data privacy lawyer and a Technology & Human Rights Fellow at the Carr Center for Human Rights Policy at the Harvard Kennedy School in Cambridge, Mass. She previously co-authored a paper around the ethical, social and technical concerns around COVID-19 immunity passports and resigned from the technical advisory board of ID2020 over concerns about the organization's direction. 

According to Renieris, the biggest problem with the DID specifications is they are just a data format, something that’s poorly understood by the community and for profit companies pushing this narrative. 

“It does not embed any security protocols or access controls and there is no way to prove that the holder of a credential is even the subject of that credential,” she said in an email. “This opens the door to massive fraud.”

Halpin argues that DIDs are also, by nature, contradictory to privacy. At the heart of arguments about privacy is how to link one entity to an action. If the goal of an adversary is to identify you, then assigning you a globally unique identifier that is reused makes uncovering your identity much easier. 

Read more: ‘Decentralized ID at All Costs’: Adviser Quits ID2020 Over Blockchain Fixation

“If you don't use a 'Globally Unique Identifier’ (GUID), you can still get connected to your actions online, it's just a GUID makes it easier,” said Halpin in a message. “A cookie in a browser like Google is a unique identifier that Google assigns to you to link your actions across web pages. With DIDs, you just gave a cookie any company can use. That's fine for some use cases but probably not for sensitive medical data.”

The arguments for decentralization and the benefits of blockchain also start to come apart at the seams when considering the permissioned ledgers and centralized servers involved, according to Renieris.  

The appeal of blockchain technology is its decentralized nature, immutability and pseudonymous hashes. 

But in practical use cases, argues Halpin, it doesn’t fix flaws with the underlying DID and VC standards. Instead, it introduces additional complexities and vulnerabilities. 

For example, a paper published in June 2020 laid out a concrete proposal for immunity passports, titled “COVID-19 Antibody Test/Vaccination Certification: There's an app for that.” It describes a distributed ledger called OpenEthereum, a fork of Ethereum by the Open University and run by a consortium. 

“In contrast to Ethereum but similar to other DID-based chains like Sovrin, it is based on “proof-of-authority” (i.e., a permissioned blockchain where any validator or quorum of validators may write to the chain, but not other actors like users),” writes Halpin. 

Users of the proposed app could choose where to store their data, allegedly revoke their data and delete it if they chose, and store personal information in a hash. 

Halpin lays out a number of ways in which these claims leave much to be desired. Letting people choose where to store their data means they could put it on insecure devices such as their smartphones. There is no guarantee data won’t be copied by other systems. And, finally, the system’s data structure creates problems for scaling it, according to Halpin. 

“The most concrete immunity passport proposal dangerously puts the hash of personal data on the blockchain. Even the use of blockchain technology by specifying resolution of an on-chain mapping of an identifier to a key in systems like Sovrin ends up being a redirect to centralized servers, undermining a claim of the blockchain promoting decentralization,” wrote Halpin. 

“As the use of blockchain technology does not seem necessary for the goals of the immunity passports and likely hinders rather than helps privacy, immunity passports – and more widely both W3C DIDs and VCs – use blockchain for blockchain’s sake."

Privacy needs to be at the core of such systems, not an optional afterthought, he said.