Tourists in Hungary

The CDC card is very basic. It's not numbered, has no QR code, and there's no central registry. It's also printed on ordinary card stock, with no watermark or other security measures. So it's not really a Big Brother device.

Vaccinations are in fact officially registered in the U.S., but they're registered at the state level. The states though use different computer systems and have different methods for getting a copy of your official vaccination record.

Point is, when you flash your CDC card alone it's impossible to verify it. But if you come under suspicion it is possible to determine whether you in fact received the vaccine.

https://covidresponse.wisc.edu/content/ … e-card.jpg

zif wrote:

The CDC card is very basic. It's not numbered, has no QR code, and there's no central registry. It's also printed on ordinary card stock, with no watermark or other security measures. So it's not really a Big Brother device.

Vaccinations are in fact officially registered in the U.S., but they're registered at the state level. The states though use different computer systems and have different methods for getting a copy of your official vaccination record.

Point is, when you flash your CDC card alone it's impossible to verify it. But if you come under suspicion it is possible to determine whether you in fact received the vaccine.

The different IT systems are not a big problem.  It's a legal framework which could stop it.  In HU of course, different legal system, anything which is not forbidden is allowed.  Not sure about the USA legal framework.

For sure it's not Big Brother with COVID cards but as with all things government, there will be an element of scope creep.

I mean you can see how easy it would be for some smarty pants to think about linking say a driving license or a passport or something else with a photo ID or even an SSN and IRS record to a COVID status record.   

Or even get people to sign up to Facebook COVID records voluntarily.  Then there's a basis for a surveillance society in private hands.  Oy vay caramba!

Government IT systems in the US are a morass. It can take a decade to modernize the systems of agencies like the IRS and FBI. And they still don't work well.

So I'd be exceptionally pessimistic 50 state vaccination registries could be quickly linked.

And my sense is that it's Europe, Germany in particular, that's got strong privacy laws.

zif wrote:

Government IT systems in the US are a morass. It can take a decade to modernize the systems of agencies like the IRS and FBI. And they still don't work well.

So I'd be exceptionally pessimistic 50 state vaccination registries could be quickly linked.

And my sense is that it's Europe, Germany in particular, that's got strong privacy laws.

The privacy laws are strong but they also exist at the EU level but of course, the EU is not federal state.

Technologically it should not be a problem to link up the databases.  It's the legal framework to go with it.  It's not like there isn't a precedent.

USA is somewhat of an enigma regarding the State vs Federal relationship.  My experience is that States protect their data but obviously there is some commonality - like the FBI and other law enforcement databases which must have access to some local State identity records.

IRS and the SSA as federal agencies have everyone's data anyway (well most) with the SSN used as a common index.  Add the CDC into it issuing indexed cards and  it wouldn't take much to link that into a a marker on a SSN record with verification on identity at the IRS.

In my own country, many  things are now linked to the DL, the SSN (NI number) and Passport number.   There are no ID cards, but scope creep means more and more is being linked together.   

Even worse, private ID providers are getting more into it, particularly Facebook.

The CDC card isn't linked to your SSN. And neither are the state vaccination registries.

People can do evil if they know your SSN, so Americans tend to be quite protective of it. For day-to-day ID people use their driving licenses. These are issued by the states and don't bear a SSN.

zif wrote:

The CDC card isn't linked to your SSN. And neither are the state vaccination registries.

People can do evil if they know your SSN, so Americans tend to be quite protective of it. For day-to-day ID people use their driving licenses. These are issued by the states and don't bear a SSN.

Yes, I know but maybe it's missing the point. 

But scope creep could make linkage a reality on vaccination status.   

Government controls SSNs so it's their data to do internally whatever they want. 

It wouldn't be a problem to mashup data sources with CDC vaccine card data, the IRS/SSA records and  capture DL info at point of enquiry and therefore produce a vaccine status for say, travel or otherwise. 

As a technology problem, it's really trivial.