This paper analyses the requirements of a blockchain-based data governance model for COVID-19 digital health certificates. Recognizing a gap in the existing literature, this paper aims to answer the research question "To what extent does a blockchain-based governance model for COVID-19 digital health certificates in the EU meet the relevant legal, technical, ethical and security requirements?" This paper identifies the required standards and develops a novel framework to determine the viability of blockchain as a governance model. The results of our evaluation indicate that while a private permissioned blockchain can meet the requirements to some degree, the governance element is key to legal compliance; legal risks and ethical implications remain unresolved with the use of blockchain. The paper also found that this model comes with the loss of the main advantages of blockchain - decentralization and anonymity. This evaluation framework may be used in other contexts and for assessing other technologies.
Keywords: COVID-19; GDPR; blockchain; governance; health certificate; legal analysis.
© 2021 The Author(s). Published by Elsevier B.V.