That's so strange, and almost suggests that the people implementing these apps don't understand the security model behind these codes.
Any information on the users phone can 100% not be trusted. It should just show the QR code. On the other hand the scanning App has to validate the signature, check if the dates are correct and display a big info that the QR is only valid if the name is the same as the one on a presented ID.
Maybe this should have been a design requirement from the EU spec.
> the people implementing these apps don't understand the security model behind these codes
I'm not entirely sure that the people implementing the policies understand the 'herd immunity' model, nor the by now fairly comprehensive statistical data on who is and isn't at significant risk from Covid19.[0]
Q: If a healthy 18 year-old chooses to attempt to go to a nightclub unvaccinated, who exactly is put at risk from this?
Public health bodies will struggle to convince healthy young people to take a vaccine that gives them very little direct benefit.
"Children's risk of severe disease from Covid is tiny, deaths are extremely rare and have only occurred in UK children with profound underlying and life-limiting conditions. The direct benefits to them of vaccination would be low."[0]
> Q: If a healthy 18 year-old chooses to attempt to go to a nightclub unvaccinated, who exactly is put at risk from this?
That person, plus every person they come in contact with.
Oh, you can compute the total "risk" of course. Assuming the person is contaminated and you put their personal "risk" treshold at an arbitrary 2% (which I just pulled out of thin air: chance of getting unacceptable side-effects: p(side_effect|contaminated)). You then have to sum that up for every person they come in contact with.
The real contribution might be even greater than that, as the contaminated will go on carry the virus to other people.
In theory if the number of people is large enough, you should be able to replace the values with average ones, but it's likely that 18 yo will spend more time with 18 yo than 70 yo.
To sum it up, herd immunity only works if enough people are immune (vaccinated). Everyone should feel responsible for it, even 18 years-olds (unless you take a very individualist view of life, which seems like a dominant feeling in the US: it works a lot like the prisoner's dilemna). Anyway, I'm just proud of performing my civic duty, I won't be a carrier for that virus.
That’s not how vaccine effectiveness works. There’s already a probability less than one of getting Covid if unvaccinated, and the effectiveness of the vaccine is the reduction from that.
So if over the course of their study period, 100 unvaccinated people got covid out of a thousand tracked, with a 98% effectiveness, only 2 people in the 1000 people vaccinated group would have gotten it.
So vaccines are really effective. Even more so for preventing serious complications.
There are a considerable number of people out there - some of whom are young and healthy and at vanishingly small personal risk from Covid19 - who if you mention the phrase "unacceptable side-effects" their first thought would be of side effects from vaccination, not the virus.
The boss at my daughter's kindergarten had Covid19 last summer. She had to quarantine for two weeks, then came back to work. She told me (unprompted) that sitting out the quarantine was way worse than the virus.
Telling these people they are stupid or anti-social - or simply downvoting them :) - may not be the most effective strategy to make them change their mind.
Any information on the users phone can 100% not be trusted. It should just show the QR code. On the other hand the scanning App has to validate the signature, check if the dates are correct and display a big info that the QR is only valid if the name is the same as the one on a presented ID.
Maybe this should have been a design requirement from the EU spec.