Maybe I'm missing something here, but wouldn't hackers just allow for these scans in the trojans they write? Pretty sure it would be easy enough for them to conceal their creations from the system scan required to pass the so-called health certificate. And then you're back to square one. So if I understand what he's suggesting properly, the whole issue of privacy is moot. The method used to check simply won't work in the first place.