What is the ‘Digital Green Certificate’, why you should not call it a ‘vaccine passport’ and why should you care?

A new blog series on the Digital Green Certificate

By Fulvia Ristuccia (Bocconi University) and Alina Trapova (Bocconi University)

As vaccination campaigns roll out across the EU with different paces and effectiveness and amidst fierce discussion over contentious approaches to vaccine procurement and supplies, the European Commission – prompted by the European Council – has put forward a proposal for a Regulation on the ‘Digital Green Certificate’, otherwise known as the ‘vaccine passport’. Its aim is to facilitate the restoration of free movement within the EU, which has been greatly limited (quarantine, test reporting, etc.) in the last troubled year.

We are starting a new blog series to trace the various issues entangled in the discussion on the Digital Green Certificate. This first blogpost aims at briefly summarizing the Commission’s proposal, which is now following the ordinary legislative procedure pending approval by the Council and the European Parliament. We will give you the overall panorama and point out some general misconceptions, i.e. what the ‘Digital Green Certificate’ is not. Our next posts in this series will treat specific issues such as free movement of persons and discrimination, data protection and the implications of the Digital Green Certificate beyond the EU.

One aspect that needs stressing from the outset is that the proposal is neither a ‘passport’, nor does it concern only vaccines. The term ‘vaccine passports’ is misleading. It has enhanced public anxiety as the idea of a passport reminds of times where frontiers for EU citizens between Member States were much more tangible than they have been in the last twenty years. Instead, the proposed Regulation does not mention the word ‘passport’ at all; neither does the Commission’s dedicated webpage.

With this in mind, let us understand what is the proposal about, namely the ‘Digital Green Certificate’ (and not a ‘vaccine passport’).

What is the ‘Digital Green Certificate’?

In the EU, free movement of Union citizens is a fundamental right protected by Article 21 of the Treaty of the Functioning of the European Union (TFEU), but also Article 45 of the Charter of Fundamental Rights of the European Union. And of course, Article 21 TFEU is the legal basis of the proposed Regulation, aimed at restoring the exercise of this right after a year of significant restrictions. Hence, only EU citizens and their family members – those who enjoy free movement rights under the Treaty and Directive 2004/38 – are covered by the proposed Regulation and may be ‘certificate holders’ (Recital (16) and Article 2).

The proposal puts in place a system of mutual recognition of certificates across Member States allowing travellers to avoid bureaucratic hurdles when crossing a border, by facilitating the provision and recognition of documentary evidence concerning immunity to Covid-19 or, in the alternative, a negative Covid-19 test result. It provides for a ‘Digital Green Certificate’, which is a framework of ‘interoperable certificates containing information about the vaccination, testing and/or recovery status of the holder issued in the context of the COVID-19 pandemic’ (Article 2). Member States authorities will be obliged to issue free of charge these certificates to those who fulfil the conditions set by the proposal. The national health authorities must sign digitally the certificate to avoid forgery and the system will allow for the cross-border verification of the truthfulness of the certified facts and the digital signatures.

There are three types of certificates covered by the proposal. Member States must or may, depending on the circumstances, recognise certificates issued by other Member States’ authorities, when presented by travellers crossing an intra-EU border.

First, there is the vaccination certificate (Article 5). Member States must issue vaccination certificates, which, in order to be recognized across the EU under the Regulation, have to contain some information such as the name of the vaccinated person and the type of the specific vaccine. Member States must recognize vaccination certificates when the administered vaccine has an EU-wide marketing authorisation granted centrally by the Commission on the basis of the European Medicines Agency’s assessment (based on Regulation 726/2004). At the time of writing, four vaccines have been approved by EMA and three are undergoing review. Member States may also recognise vaccination certificates when the administered vaccine has been authorised only nationally, on the basis of Directive 2001/83/EC, or has received temporary national authorisation (Article 5(2) of Directive 2001/83/EC). This means that persons vaccinated with vaccines authorised only nationally may see their certificates refused, subject to each Member State’s individual evaluation. Member States shall also issue a vaccination certificate when Union citizens and their family members have been vaccinated in third countries, if the administered vaccine is among those authorised nationally by some Member States or at Union level and if the person provides reliable proof of vaccination (Article 5(6)).

Second, the proposal envisages mutual recognition of COVID-19 test certificates (Article 6). The certificate shall contain information about the administered test and, again, identification of the certificate holder. The test may be either a rapid antigenic test or a Polymerase Chain Reaction (PCR) one, but it has to be a test listed in the common and updated list of Covid-19 tests established by Council Recommendation 2021/C 24/01. The proposed Regulation does not contain information on the period of validity of the test certificate, leaving it to the Member States’ discretion to determine the timeframe within which the test has to occur (e.g. two days before crossing the border) and the validity of the certificate in time. It is unlikely (and unwise) that a negative test result will have long-term validity.

Finally – there is a certificate of ‘recovery’ (Article 7). If someone has tested positive for COVID, Member States will issue a certificate of recovery after minimum eleven days from the first positive test upon request of that person. Through a delegated act, the Commission can modify the minimum number of days. At the same time, since there is only a lower time limit to issue the certificate (it cannot be issued before eleven days have passed from the first positive test), issuing Member States are still free to set the threshold for certifiable recovery at a longer period. Those who have tested positive and have ‘recovered’, within the meaning of the Regulation (i.e. at least eleven days have passed from the first positive test) will not have to show a negative COVID-19 test in addition. In this respect, across Member States,  practices differ as to the so called ‘negative exit tests’ (the necessity to have a negative PCR test result to end the period of self-isolation after a person has tested positive). Since the Regulation does not require a negative exit test, it may be concluded that Member States should issue the recovery certificate under Article 7 even in the absence of a such exit test. In turn, Member States should not require negative exit tests to those with a recovery certificate. This means that a person may still be COVID-19 positive, but, according to the Commission’s proposal, scientific evidence has shown that after ten days of infection with the virus, one ceases to be contagious in most cases. As for the validity of the certificate of recovery, Recital (32) of the proposal specifies that the certificate is valid for 180 days. This time-limit is then repeated in Annex I on the data to be included in the certificate, but not in the text of the Regulation.

What the vaccine passport is not?

First of all, the EU Digital Green Certificate is not a condition to travel, neither a barrier to receive services, nor another limitation or condition to EU Treaty rights or national constitutional rights. It is an obligation on the Member States to issue and recognise certificates to facilitate free movement rights within the EU and EEA (and possibly, also outside, but this aspect is still to be clarified [1]). If Member States decide to require a certificate to access  services or places within their national territory, as some Member States intend to, then this will be subject to scrutiny under the free movement provisions and principles.

Second, it is not an obligation to introduce restrictions, nor to require certificates of vaccination, testing or other forms of immunity such as recovery. If, and only if, Member States require testing, vaccination or recovery proof, then the Digital Green Certificate provisions kick in and the Member State requiring such evidence is obliged to follow the provisions in the proposed Regulation. In other words, if a Member State grants free and unrestricted access to its territory, without requiring prior testing or proof of vaccination, then the Regulation is not an obligation to introduce such requirements.

Third, the proposal does not limit per se the possibility for Member States to introduce restrictions such as quarantine obligations. Member States retain the competence to limit free movement as per the general rules under the relevant Treaty Articles (21, 45, 49 and 56 TFEU), subject, of course, to compliance with EU law, the principle of proportionality and fundamental rights. Yet, when Member States wish to reintroduce quarantine, self-isolation or test requirements for Digital Green Certificates holders, they have to notify the Commission, specifying the reasons that justify such restrictions (Article 10).

Finally, the proposal for the Digital Green Certificate is not a legal basis to create a database of health-related data. It is only a legal basis for processing such data to the extent necessary for the operation and verification of truthfulness of the certified health status.

Conclusion

Against this background, of the three types of proof explained above, the recovery certificate attracts immediately severe criticism. Virologists keep underlining the importance of getting vaccinated even when the person has already been infected with COVID-19 in the past. Nonetheless, the World Health Organisation has warned that there is no conclusive evidence that individuals who have been infected with Covid-19 are fully immune and do not transmit if reinfected. Each individual immune system has different strength and duration of protection post-infection may vary. Then, there is the issue of new variants – we still have no data regarding the immunity against these (both post-infection and post-vaccination). And yet, from the point of view of the proposed Regulation, it appears that proving that you have had the virus is an alternative to being vaccinated or to having tested negative for the purposes of free movement. This may encourage excessive trust in immunity post-infection and may indeed increase the risks of transmission.

The Digital Green Certificate has been highly supported by countries strongly reliant on tourism (such as Greece, which in fact has started working on its own national ‘vaccine passport’). There is a strong push to have the EU system operational by June – a rather unrealistic timeframe, despite the fact that the European Parliament will shortly vote on the Commission’s proposal using an urgent procedure, without parliamentary committee written report (thus, skipping entirely or reducing to an oral debate the committee-level process and streamlining the proposal directly to the plenary). Some MEPs have pointed out that such ‘bypassing’ is yet another aspect that may raise further mistrust in the proposed framework.

Nevertheless, things are moving fast. The Council has already approved the mandate for negotiation with the European Parliament specifying the suggested amendments to the Commission’s proposal. The Parliament has scheduled discussion on its 1st reading position on the proposal for its plenary session on the 26-29 April.

In this post, we presented the proposal as it is very important to have the basic picture clear. In our next post, we will focus on the specific issues for free movement. Facilitating this right is purportedly the objective of the Regulation, but does the proposal address it adequately?

Watch this space!

Fulvia Ristuccia is a PhD Student at Bocconi University. Her research focusses on free movement of persons in the EU. She graduated from Università degli Studi Roma Tre in Rome and holds an LLM in European law from the College of Europe in Bruges.

Alina Trapova is a PhD Candidate at Bocconi University. She researches EU copyright law and currently coordinates Bocconi’s LLM in European Business and Social Law.


[1] Under Recital (18) and Article 3(5), the Commission will have implementing powers to adopt a decision of equivalence, under conditions of reciprocity, for certificates issued by third countries that have a free movement agreement with the EU and do not have automatic EU law incorporation mechanisms, e.g. Switzerland. Article 4(3) empowers the Commission to adopt an implementing act concerning the recognition of certificates issued by third countries to Union citizens and their family members, as long as they are interoperable with the Regulation’s trust framework.
For third country nationals who are not covered by the proposed Regulation, the Commission also put forward a complementary proposal based on Article 77(2)(c) TFEU.
The Council’s mandate for negotiation proposes the introduction of an article on this aspect, in order to clarify the treatment concerning certificates issued to Union citizens and their family members and legally staying third-country nationals vaccinated in third countries. See more here.

Photo by Lukas on Unsplash

2 thoughts on “What is the ‘Digital Green Certificate’, why you should not call it a ‘vaccine passport’ and why should you care?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s