The UK government is facing pushback from politicians and rights groups over its award of a £250,000 (approximately $345,000) vaccine passport contract to a global IT firm that has previously suggested vaccine passport infrastructure be redeployed into a “national citizen ID program” and used to facilitate valuable data collection.
The IT firm Entrust was awarded the contract by the Department of Health and Social Care (DHSC) last month and tasked with providing cloud computing software for the COVID-status certification scheme that’s run by the UK government’s digital health and social care unit – NHSX.
The contract is due to expire in March 2022 but it can be extended for one year, meaning Entrust could potentially work on vaccine passport schemes until early 2023.
But critics are sounding the alarm over Entrust’s past statements on vaccine passports and its previous work on national ID systems in Albania, Ghana, and Malaysia.
In a February blog post, the company’s Product Marketing Director, Jenn Markey, wrote: “Vaccine credentials can become part of the infrastructure of the new normal.”
The post also recommended that “any immunity passport or vaccine credential program” should “consider a national ID strategy” where the vaccine passport infrastructure is redeployed as part of a national ID program:
“With the infrastructure and investment necessary to ensure a viable vaccine passport, why not redeploy this effort into a national citizen ID program that can be used for multiple purposes including the secure delivery of government services, secure cross-border travel, and documentation of vaccination.”
And iNews reports that in a January webinar, Entrust’s Senior Product Manager, John Beijjani, discussed how vaccine passports could be used by governments “to collect valuable data” about citizens.
“You’ll understand why it’s not just for travel, you can take it and repurpose it to do such things as national IDs and permits,” Beijjani said during the webinar. “Deploying something like a mobile travel credential also enables governments to collect valuable data. It can provide governments a quick and standard mechanism for securing their citizens. It also doesn’t hurt that this information can be used to identify criminals and other bad actors as they move around the same system trying to hide anonymously in the crowds.”
David Davis, a former Cabinet minister and member of the Covid Recovery Group (CRG) of Conservative Members of Parliament (MPs) slammed the the UK health department for signing this contract.
“The health department is able to go around signing these contracts without explicit Parliamentary permission,” Davis said. “But it is doubly extraordinary that they sign one with a company with this sinister attitude to surveillance of citizens.”
Baroness Shami Chakrabarti, former director of civil liberties group Liberty, said the contract suggested ministers were trying to add vaccine passports to legislation without a proper Parliamentary debate.
“This isn’t a mere question of competence but far more sinister,” Chakrabarti said. “This is studied chaos. We need to be explicitly reassured that the Government has not already decided in favour of some kind of national ID system.”
Jake Hurfurt, head of research at privacy and civil liberties group Big Brother Watch, warned that “Covid certificates would introduce ID cards in the UK by the backdoor” and branded them a “serious threat” to privacy and civil liberties:
“The fact that the government has done a deal with Entrust, a company which is openly plotting a route from vaccine passports to digital identity cards, only underlines what a serious threat Covid passes would be to our civil liberties and our privacy.”
The UK government claims that it’s currently reviewing vaccine passports for entry to large-scale events with the UK. It also introduced vaccine passports for Euro 2020 at Wembley as part of what it claims to be a trial.
However, the multi-year length of vaccine passport contracts and their associated privacy policies have raised concerns that they’re going to become a permanent fixture in the UK.
For example, a previous version of the privacy policy for the National Health Service (NHS) app’s “Covid Status Certificate” program stated that data from this program would be used after lockdowns end for “attendance at domestic events.”
These concerns have been compounded by other stories including UK vaccine recipients being secretly surveilled and a retweet from UK Health Secretary Matt Hancock referring to COVID passport skeptics as “crazies.”
Despite the mounting apprehension and criticism of the UK’s vaccine passport contracts, the government insists the NHS app (which is currently used to demonstrate proof of vaccination) will not be used to implement national ID.
“The NHS App is not and will not be used as a national ID system,” a DHSC spokesperson said. “The COVID-19 vaccine status service provides a simple and secure means of verifying users’ vaccination status for international travel. The service shows only a very small part of an individual’s medical record and this information is held securely by the NHS.”