RFID Tags Tracking Everything (Including You)?
April 18, 2008
What do graduate students, faculty and staff in the University of Washington’s computer-science and engineering department have in common with cases of air freshener at Wal-Mart? All are being tracked continuously, everywhere they go in the building, by Radio Frequency Identification tags.
In case you’ve been living in a cabin in a remote part of Montana for the past few years, RFID tags are electronic devices that store information and then transmit it whenever they pass within range of one of the receivers in a network. (That’s the simplistic explanation; for all the nuances, check out this RFID primer from HowStuffWorks.com.) RFID has been around for a while; the basic concept, in fact, dates to the “identification friend or foe” transponders developed to protect Allied airplanes from being shot down by their comrades on the ground during World War II. But RFID has mushroomed in recent years, as the devices have become progressively tinier — Japanese electronics manufacturer Hitachi has created “super micro” tags that measure just one-twentieth of a millimeter in length and width — and their applications have become increasingly sophisticated.
Considering how easily we all misplace our stuff, and how much government and corporate bureaucracies relish the ability to verify who people are and access data on them with instantaneous ease, it’s probably not that surprising that RFID technology is rapidly becoming the 21st-century electronic equivalent of kudzu. RFID tags are showing up on everything from Levi's blue jeans on clothing store shelves to surgical sponges, in an effort to thwart their alarming tendency to remain inside operating-room patients. Retailers and banks clearly are enthralled with the notion of a cash-free future in which consumers pay for purchases via RFID credit or debit cards, without even having to sign their names to a credit card slip (or even open their wallets, perhaps). The State Department puts them inside U.S. passports. RFID system maker Verichip markets a device that can be attached to newborn babies’ legs in maternity wards, to avoid accidentally giving a mother the wrong infant. And here’s a YouTube clip in which former Bush administration Health and Human Services secretary and failed presidential aspirant Tommy Thompson, who for a time served on the board of Verichip’s parent company, even touts the advantages of having one of the company’s identification chips imbedded under your skin, in order to make it possible for emergency room doctors anywhere to access your medical records online.
But participants in the University of Washington’s RFID Ecosystem Project are taking the technology even further. They’re voluntarily carrying personal RFID devices that allow them to be tracked by 200 receivers scattered throughout the school’s computer-science building (with the exception of a few off-limits spots, such as the restrooms), and to receive and exchange information as well. The system can track who goes where in the building and who meets with whom, data that the study participants themselves can access and use in a variety of ways. As this video illustrates, it’s possible for an impatient participant to see whether a colleague actually is on the way to a scheduled meeting, or to amass a precise log of all the casual hallway encounters that he or she has in the course of a week. It’s even possible to walk into a room, overhear music that another participant is listening to, and automatically capture a Weblink to the same MP3 file so you can download it later. Here’s a pretty good ZDNet article on the experiment.
Though the project demonstrates innovative uses of RFID, its real purpose is to predict and measure the impact of a future RFID-wired society upon the humans who’ll live in it. As the study’s FAQ explains:
Our hope is that the qualitative and quantitative data we collect in our user studies will help us to: 1) Acquire an in-depth understanding of the blaring privacy issues; 2) Uncover and study more subtle privacy issues; 3) Evaluate and iteratively improve the effectiveness of our feedback and control mechanisms, data privacy techniques, and methods for detection and prevention; and 4) Finally, to inform the wider community (including businesses and policy makers) of the privacy-utility trade-offs inherent in emerging RFID systems before such systems become commonplace.
But we may find out a lot sooner what an RFID culture looks like in reality. In China — which spends $5 billion a year on RFID technology, the most of any nation on the planet — the government is creating what in effect will be the world’s largest RFID network, a milieu in which a projected 900 million Chinese citizens will carry RFID-equipped, personal identity cards by the end of 2008. As the New York Times reported last year, scanning a card would give police officials access to an extensive amount of information on an individual:
… work history, educational background, religion, ethnicity, police record, medical insurance status and landlord’s phone number. Even personal reproductive history will be included, for enforcement of China’s controversial “one child” policy. Plans are being studied to add credit histories, subway travel payments and small purchases charged to the card.
It’s not too hard to imagine how the Chinese government might also utilize RFID to keep a billion people under what would amount to pervasive 24/7 scrutiny, especially if RFID data is synched with the massive video-surveillance networks being built in the high-tech metropolis of Shenzhen and other Chinese cities. But privacy advocates warn that our own government — or the private sector, for that matter — could someday be nearly as invasive. As the Electronic Privacy Center warns:
… the ability to track people, products, vehicles, and even currency would create an Orwellian world where law enforcement officials and nosy retailers could read the contents of a handbag — perhaps without a person's knowledge — simply by installing RFID readers nearby. Such a fear is not unfounded. Currently, some RFID readers have the capacity to read data transmitted by many different RFID tags. This means that if a person enters a store carrying several RFID tags — for example, in articles of clothing or cards carried in a wallet — one RFID reader can read the data emitted by all of the tags, and not simply the signal relayed by in-store products.
In the state of Washington, legislators were so aghast at the prospect of corporate RFID spying on consumers that they recently enacted a law barring the remote collection of personal data without prior consent. Other states are considering similar legislation, though it would take nationwide restrictions to really make a difference. So far, Congress seems a bit slow on the uptake.
But there are other, potentially devastating, RFID-related problems that might arise. Security experts have demonstrated how easy it would be for RFID identity hackers to clone the passports and other documents of unwitting travelers, or for terrorists to program a RFID-enabled explosive device that would wait for an American citizen to walk by before it went off.
And finally, there are those Biblically-minded naysayers who suggest that RFID tags may actually be the mark of the beast prophesied in the Book of Revelation.
No wonder that some people are so nervous about having the various RFID tags they carry around with them hacked that they’re resorting to wrapping them in signal-blocking aluminum foil, though those with more fashion sense are opting for metal-lined designer wallets. Dutch computer-science assistant professor Melanie Rieback, has come up with an even more technologically sophisticated countermeasure — the RFID Guardian, a portable battery-powered personal firewall with the ability to selectively block RFID receivers.
So, what do you think? Should we put aside our skepticism and privacy fears and eagerly embrace the ease and convenience of an RFID-enabled global culture? Or should we all stock up on aluminum foil? Express your opinion below.
This is way more warped than the telepathic ray gun, I think. The government could track you everyplace you go!
Posted by: Astroboy | April 19, 2008 at 08:32 PM
It would only be helpful to me to find myself!
Posted by: Mothra | April 19, 2008 at 08:48 PM
What you don't mention is that the government doesn't need to make you carry an RFID-enabled ID card or even to implant a chip in you to track your movements. They now can use a technology called "RFID ink" to give you a tiny tattoo that functions as a tracking device. (http://www.computerweekly.com/Articles/2007/01/11/221122/rfid-ink-product-could-track-humans.htm)
This technology will enable the government to tag individuals permanently, perhaps starting in childhood, and eventually will facilitate 24/7 surveillance of the entire U.S. population.
Posted by: Emmanuel Goldstein | April 20, 2008 at 01:20 PM
"And he had power to give life unto the image of the beast, that the image of the beast should both speak, and cause that as many as would not worship the image of the beast should be killed.
"And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
"And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name" (Revelation 13:15-17)
Posted by: Big Ben | April 20, 2008 at 01:45 PM
Hitler marked the Jews in the camps with tatoos, and now the corrupt governments will mark us with electronic numbers. I, for one, will not be treated like an animal, and marked with a tracking device. We put these chips in dogs and cattle. Are you cattle?
Posted by: Mark Dice | April 20, 2008 at 02:02 PM
First of all, you have to take into account the positive aspects of such an RFID tag. Cashless, cardless payment would be a great convenience. Being able to find oft-lost items is another convenience.
As soon as the privacy issues are resolved, I think this would be a great idea. The only problem people might have with it is if their moral code doesn't coincide with our current laws. If the places a person travel would be grounds for conviction of a crime, for instance; an RFID tag is shown to be one of two in a house where a murder takes place, that's grounds for conviction. This is after issues like the terrorism- RFID tag bomb gets solved, of course.
Posted by: Tyler Blind | April 20, 2008 at 03:02 PM
The real disgrace is that U.S. companies are helping the Chinese build their RFID surveillance system. Look it up.
Posted by: Clewiston | April 21, 2008 at 12:26 AM
It shows your western bias that you are assuming that China will violate human rights with RFID identity cards. Where is your proof of this? These government technology measures are to protect peoples rights, not infringe on them. If anyone should arouse suspicion, it is the US government, which is the one spying on its citizens phone calls and internet use. Most of the RFID technology is being developed in the US anyway.
Posted by: Wong | April 21, 2008 at 06:12 PM
The Chinese government habitually violates human rights, so its to be expected that they will use this new tool to control people and crush dissent. It is immoral for the US or any other western democracy to allow companies to sell technology to the Chinese government that will be used for oppression.
Posted by: Justice for Tibet | April 21, 2008 at 09:49 PM
ARE THERE ANY POTENTIAL HEALTH RISKS FROM HAVING AN RFID CHIP IMPLANTED OR CARRYING ONE AROUND NEXT TO YOUR BODY ALL DAY EVERY DAY?
Posted by: RayRay | April 22, 2008 at 11:36 AM
Don't be surprised if your undergarments are sending out radio signals.
http://www.aimglobal.org/members/news/templates/template.aspx?articleid=841&zoneid=24
RFID: Invading Women's Underwear?
Thursday, March 09, 2006 - AIM Global
Bert Moore, Editor
It may seem that privacy advocates' worst fears have come true. Marks & Spencer, a major UK retailer, has announced that it is extending its RFID item marking trials to additional stores and to several types of multiple-sized items -- including women’s underwear.
Privacy advocates fear that the tagging of clothing items -- and of particular concern to some, women's underwear -- will lead to covert snooping by perverts and governmental agencies...
Posted by: Caffeine Driven Stress Magnet | April 22, 2008 at 03:16 PM
It's not just women's underwear...
http://www.toytowngermany.com/lofi/index.php/t79569.html
The Galeria Kaufhof in Essen is apparently using RFID technology in a new way. For those who don't know, RFID tags are basically ID tags that can be scanned and stuff using techy things.
As well as the standard use of the tags to track items from suppliers to stores to checkouts to you, Kaufhof will track what clothes men take into the dressing room, and a so-called "smart mirror" will make some suggestions about other clothes you may wish to puchase. Buying a new shirt? Perhaps this tie will go well with it sir.
Now, this all sounds quite interesting for me from a techy point of view, but what kind of advice is this super mirror really gonna give? Especially in Germany, a country hardly well known for its position as world leader of fashion.
"Ah Birkenstocks, yes wonderful choice of footwear. Would sir be wishing to have some terry-towelling white socks with those? Some jeans that are not quite long enough in the leg maybe?"
Posted by: Joey | April 22, 2008 at 04:11 PM
RFIDs on everything could be a big help in the war on terrorism, I think. We've got to look at the big picture.
Posted by: Mac is Back | April 22, 2008 at 10:24 PM
Four years ago I watched a broadcast of a University of Washington Symposium on RFID and how it would affect the future (of everything). The speaker was one of the co-founders of a company called Imping, located in Seattle and a University of Washington Professor.
During the symposium he addressed many of the privacy issues people are concerned about.
1) Garments: Chips are not currently washable. He did not believe that they would be anytime soon. The pracitcality in a cost sense is not there for the industry itself. RFID chips do not survive traditional washing or chemical cleaning
2) Distance: Chips can be set for a radius of no more than a few feet or yards. Wallmart (just the largest of many retailers) currently uses RFID to track all of its palletized shipping. Chips are set to a specific distance in order for the pallet to not be recieved by the reader any sooner than pre set by the system.
3) On/Off : Chips can be set by the consumer (the company purchasing and utilitizing) to turn off after passing through or over a designated reader. Turns off once it's scanned by the register. Only want to purchase from a company that "kills" its chips? It's one more way to specialize to consumers.
4) Benefit to leaving a chip on - how about all the manufacture warrenty information you could ever need? No reciept needed for any return ever. Scanned for a return and the chip could provide all the necessary details. Nice extra for those high end purchases.
I was robbed a number of years ago and the idea of some creep walking into a pawn shop with items that had my purchase information.... awesome.
RFID is already widely in use. It has been for the last seven years. There are two versions. One for general use and one for Pharmasutical and Governmental use. The one for general use is the one currently discussed the most. It has the widest application possibilities, the largest area for public concern. But why is it that I see few posts here on the concern of the Federal Government placing an RFID chip in your passport? OR that pharmasutical companies now have an even more reliable way to track your medications, prevent fraud and counterfeiting.
Is RFID perfect? Absolutely not. Does it have some very concerning Orewellian features to it? Absolutely. But please, every "woman's underware" post is simply a distraction from the true privacy concerns at hand.
Are we just numbers in the machine?
Posted by: AliciaLouise | April 23, 2008 at 01:41 AM
I for one am very concerned about the RFID-enabled U.S. passport cards which the government will issue for travel to Canada, Mexico and the Caribbean. (http://www.cr80news.com/library/2008/03/26/pass-another-travel-document/) Because the cards transmit an identification number rather than a name and other personal data, the government stupidly decided that it didn't need to build in any security features. As a result, any RFID receiver within 20 feet of travelers will be able to capture their identification numbers, which of course can be cloned.
Since border crossing guards will scan the cards from a distance rather than physically examining them, it's going to be even easier for people with phony IDs--including, potentially, terrorists--to sneak into the U.S.
Posted by: Traveller | April 23, 2008 at 12:01 PM
Actually, a German company has come out with a washable RFID tag for use in clothing.
http://www.news.com/2010-1069-980325.html
Posted by: Chico | April 23, 2008 at 02:18 PM
Is there a way to disable RFID scanners?
Posted by: Todd Michaels | April 24, 2008 at 11:35 PM
RFID tags are increasingly making their way into consumer electronics and goods, sometimes without our consent or knowledge. As security and privacy concerns increase about this "leaky" technology, some states have taken some initiative to set boundaries around the technology. California made some progress last year, and a new law just passed in Washington will offer some more protections to residents of the Evergreen State.
The Washington legislation outlaws the use of RFID "spy technologies" to collect consumer information without the owner's consent. The only problem is, heavy corporate lobbying narrowed the scope of the law (before Governor Gregoire signed it) to cover only criminal acts such as fraud, identity theft, or "some other illegal purpose" (making it a Class C felony to do so). Collecting information from consumer RFID chips for marketing purposes in Washington—with or without the owner's consent or even knowledge—is still fair game...
http://arstechnica.com/news.ars/post/20080328-washington-state-passes-rfid-privacy-law-wheres-uncle-sam.html
Posted by: Gilbert | April 25, 2008 at 09:46 AM
It seems the majority of posters here know that the worst aspects of human nature will eventually show there colors, and we will, if not already, be tracked and reported by this technology to people who will most likely take action to fulfill THEIR interests and priorities over ours.
Posted by: lochlan | May 27, 2008 at 11:04 PM
Thanks for the information on the VeriChip.
We recently wrote an article (http://brainblogger.com/2008/06/09/the-implications-of-implanted-chips/) on the VeriChip on (http://brainblogger.com/). What kind of medical concerns does this chip bring up? What about privacy issues?
We would like to read your comments on our article. Thank you.
Sincerely,
Kelly
Posted by: Kelly | June 10, 2008 at 06:11 PM
Kelly:
I think that whenever RFID tags are used for transmitting information about people, there are going to be security and privacy concerns. Even if the implantable RFID tag only transmits an identification code for a database, there's a potential for misuse if someone who intercepts that info also successfully hacks the database that actually contains a person's medical data. Additionally, whenever an ID system is created, there's no guarantee that it won't someday be used for other purposes besides the one for which it was created. If a private sector RFID personal identification system became ubiquitous, it's conceivable that the government ultimately could compel the company who owns the system to provide access, so that it can use the chips for identifying individuals and/or gain access to their personal information.
Posted by: Patrick J. Kiger | June 11, 2008 at 05:37 PM
To Joey who made the comment:
RFIDs on everything could be a big help in the war on terrorism, I think. We've got to look at the big picture.
The big picture is that it is not worth losing all of our privacy and freedoms to ensure a little bit of safety.
Posted by: Casey | August 05, 2008 at 01:40 AM
Good evening. They are ill discoverers that think there is no land, when they can see nothing but sea. Help me! I can not find sites on the: Modern bathroom vanity cabinets. I found only this - bathroom Cabinets st petersburg fl. The biggest mistake is thinking that wrought iron is for accents only. And while many craftsmen imitated their works, they never made carbon copies. Waiting for a reply :confused:, Adeline from Norway.
Posted by: Adeline | August 12, 2009 at 03:21 AM