Immunization compliance, vaccine passport control, and campus surveillance

Some universities in Ontario are implementing systems of pretty egregious levels of digital surveillance in the name of immunization compliance.

Immunization compliance, vaccine passport control, and campus surveillance
Page content


The default for compliance systems currently in operation on campuses in Canada is to continue full-time tracking of students brought in during the lock-down. These systems were used as a way to keep track of those on campus for distanced test and trace when few students and faculty were actually on campus. The argument was that this kind of surveillance was necessary to keep people safe during lock-downs by keeping people off campus.

That was debatable then, but keeping these systems during the full return to being on campus seems completely unwarranted.

Discussions up to now have focused on the need for immunization mandates and so-called vaccine "passports", but it is the system that supports compliance of these that is what may be much more problematic in the long run. Employers are going to be trying to implement immunization (and in this case also testing) compliance on the cheap. This means automated surveillance and tracking of all student, staff, and faculty movement on campus.

Whatever we feel we should, can, (or cannot do) in terms of mandatory immunization and/or vaccine passports, we should be as concerned about the implementation of these compliance systems. It is easy to pass a law requiring something of everyone, it is quite another thing to then enforce that law equitably without over-riding other rights that are unrelated. This is doubly the case when you cannot tell if someone is following the law just by physical appearance.

The administrations implementing these systems says that they are "anonymous", but that is quite likely not the case and should not simply take their word for it. Open, transparent, and clear processes of legal compliance systems open to criticism are necessary for both security of data, minimum intrusion, and ultimately acceptance.

Violation of privacy, security, and data integrity is not the first issue people pay attention to when it comes to the implementation of these systems. Instead, the focus tends to be on whether it should be implemented – even when these technologies are already active on our campuses. In addition, most people do not understand how surveillance technology works and can be abused until they are on the receiving end of it.

History shows that it will inevitably be abused by employers and administrations against our members and activists. The current compliance and surveillance systems extends to web use, work times, socialization, movement, and when/where you are sleeping if you are a student in residence. This is a clear over-reach of even the stated desires of implementing the compliance technology.

In addition to the money going into poorly constructed compliance systems, there is a concern on the over-reliance on immunization to make these spaces safe. There is no doubt about the closer to universal vaccine uptake we achieve, the safer people will be, but it cannot be the only policy that is implemented as there is no guarantee (almost the opposite) that current or future variants will be contained in this way.

The lack of student, faculty, staff, and community engagement and discussion about the implementation of these systems means the university is not being held to account on investment in safe spaces. Responsibility must extend to both sides of the table.

Any push-back will have to be from the coalitions on campus and across the province/country. There is some division between universities on the way they are implementing these systems currently, but I have a feeling that these policies will merge.


Immunization compliance measures are also a prime target for outsourcing companies currently targeting payment and security systems.

One such outsourcing of this is at the University of New Brunswick:

A direct outsourcing of maintenance work along the promise of "security" and digital ease of payments should not be the result of (lazy) administrators solving problems that do not exist. It is not technically difficult for a university that does meal plan cards to fully digitize the meal plan card on a phone. It takes no tech wizardry to do this. However, these companies are very good at selling cheap "solutions" to administrators with no tech understanding who do not know the correct questions to ask.

One step farther is likely to be the notion that immunization should also be held on the same system as the build access card, student ID, and meal card. This will result in numerous additional privacy issues.

Unions can push back a bit around this surveillance and its abuse through our collective agreements. But, students are going to have to push back against the policy in other ways if they do not want to be tracked every minute of every day (those living in residence, for example). It will also be an even larger issue for faculty who are doing sensitive research and are the target for intelligence services.

The idea that this data is quasi-anonymous is beside the point. The data will be stored, it will be hacked, and it will be abused.