A text-messaging program to monitor any side effects from the COVID-19 vaccine may be open to manipulation, The Washington Post reports. Experts worry that the newly-developed system focuses more on ease of use than security.
The program, called v-safe, is being developed by the Centers for Disease Control and Prevention (CDC) to check in with people after they’ve received a COVID-19 vaccine. After getting a shot, they’ll be given a piece of paper with a QR code, which lets them sign up to receive texts. The texts will direct them to online surveys that ask questions about any symptoms someone experienced after receiving the vaccine.
Other vaccine safety monitoring systems that have been in place for decades, including the Vaccine Adverse Events Reporting System (VAERS), will also be used to follow COVID-19 vaccine recipients. Those are passive systems, and rely on patients or doctors reaching out to make a report. V-safe is intended as an early, active way to understand people’s experience with the vaccine.
“It’s going to start collecting data immediately on day zero, and collects data out to 12 months after the second vaccination,” said Tom Shimabukuro, a member of the Vaccine Safety Team on the CDC’s COVID-19 Vaccine Task Force, during the Advisory Committee on Immunization Practices meeting last week. Any serious side effects reported through v-safe could trigger a follow-up call from experts in the call center at VAERS.
Asking people to access the system through a QR code, though, may leave it vulnerable. Fliers with the codes could be misplaced or left at a vaccination site, and QR codes could be posted online. Anyone picking up that sheet of paper or finding the code could register and submit false responses to the system, unnamed officials told The Washington Post. The anti-vaccine movement organizes online, and officials worry those groups could flood the system. Verification of concerning reports would be time consuming.
In a statement to the Post, the CDC said the system, “is in the final stage of development, which includes security testing.”
The simplicity of the program has benefits, and unlike other vaccine safety reporting systems, could collect information from people who don’t directly seek medical care.
“With any widely available technology, there’s an opportunity for people to use spoofing and other nefarious techniques,” said Ed Simcox, former chief technology officer at the Department of Health and Human Services, according to The Washington Post. “That would undermine what is so potentially valuable about this system — going directly to patients, or citizens, to get their feedback about multiple vaccines administered in diverse settings.”