EDIT 2020-06-09: This analysis was originally drafted before the publication of the French TousAntiCovid solution. Further investigations into this solution have reinforced the structural privacy concerns I outlined here.

In the pursuit of public health, the end does not always justify the means, especially when the means are ineffective. As governments seek to facilitate "free movement" through digital documentation, they often introduce new, systemic layers of discrimination and surveillance.

The 2021 proposal for a Digital Green Certificate (or "Health Pass") provides a critical case study in the tension between perceived security and sovereign privacy.

The problem of duplication

One must ask: why create a regional digital solution when a global standard already exists? The WHO International Certificate of Vaccination is a paper-based document recognized by 195 countries. It is portable, autonomous, and respects the discretion of the individual in that sense that the data is not stored in a centralized database.

To duplicate this globally accepted system with a regional digital one is not merely redundant; it is an act of centralization that shifts the control of medical data from the individual to the state.

The signature fallacy

The European Commission presents the certificate as "digital proof." However, one must distinguish between digital evidence and scientific proof.

  • Digital evidence: A digital signature ensures that the data has not been altered since it was signed. It authenticates the author, not the content.
  • Scientific proof: A verifiable medical truth (immunity or vaccination status) that relies on replicable demonstration.

A digital signature does not prevent fraud; it merely confirms that the fraud was signed by an authorized key. If a scrupulous entity signs a false declaration, the "digital seal" remains intact. To conflate a cryptographic signature with a medical reality is a fundamental error in logic. Some could even argue that it is a form of forgery.

How does one verify the link between the data and the individual's biological reality? By an immune test? And does that test differentiate between a vaccine and a prior infection? Cryptography cannot solve a problem of medical verification.

The entrapment of mobility

"Free movement" is, by definition, unhindered. To "facilitate" it by requiring a specific digital document is to introduce a new barrier. The proposal is a form of digital apartheid.

By creating a framework that favors those with the certificate, the solution introduces systemic discrimination. This is a structural violation of proportionality and necessity. Some EU member states already envision using these certificates to gate access to restaurants, cultural venues, and social life—effectively transforming a temporary health measure into a permanent tool for social partitioning.

Digital profiling

Under the GDPR, health data is strictly private. The request for such data outside of a direct medical context is a violation of privacy.

When an individual's identity is tied to their health status in a centralized national database, the risk becomes toxic. Centralization allows for uncontrolled consultation by third parties. It is a target for interception by hackers and by governments seeking to refine their methods of digital profiling.

The use of a QR Code further threatens privacy. Unlike a paper document read by a human, a QR code requires a digital interface. This interface can — and often does — create a silent copy of the sensitive data it interprets. By facilitating the duplication of medical records, the digital system makes their violation inevitable.

Conclusion: The urgency of caution

Taking decisions in a state of emergency often leads to long-term catastrophes. One does not solve a medical crisis through digital surveillance.

The European Commission argues that the interest of the majority outweighs individual concerns. However, the "interest" of the majority is not served by a system that introduces discrimination, centralization, and the potential for a wide-scale leak of medical data.

The best way to avoid a digital leak is to not harvest the data in the first place.

Sovereignty is the ability to move without being tracked, to exist without being profiled, and to be healthy without being documented. Nuance is the infrastructure of freedom. Any system that sacrifices either for the sake of "immediacy" is a system built on a false promise of security.