Privacy issues in RFID

Before RFID becomes ubiquitous, consumer resistance due to concerns over privacy must be addressed. These concerns are based on ignorance of how RFID works. The resistance is fueled by articles written by journalists who don't understand how RFID works, either.

Tags carried by consumers for the purpose of making purchases will generally simply have a unique ID code that can be used by a reader to access data residing in a remote database. For the reader to access the database, it must meet security criteria that are much the same as for already existing technologies we use every day.

What doesn't seem to occur to people is that this is no different in principle than a credit card or ATM card number, which is nothing but a unique identifier that allows the credit card reader or ATM machine to look up data in a remote database. That is, we already carry cards with this kind of access to our personal information.

Yes, but what about the nature of the data that is stored? Our buying habits, our medical records, our arrest records? And what about personal identification tags? Can we be required to carry them? Won't Big Brother be able to track us down wherever we are? What if we want to be anonymous?

These concerns are partly legitimate and must be addressed by new laws appropriate to the technology, but mostly the threat is greatly exaggerated, based on the delusion that we now enjoy much more privacy than we actually do.

If you have health insurance, your most private concerns may be available to anyone the insurance company deems entitled to it. I know a person who was wrongly diagnosed with a personality disorder by a psychiatrist who saw her for only one visit of 50 minutes. The doctor had an injured back and was on such heavy pain-killer medication that he was literally foaming at the mouth, and behaved so strangely that the woman left, furious, and never went back. But this diagnosis went into her health records, where it turned up later in the insurance records of her husband, where it was read by two doctors he consulted!

Have you ever applied for a loan or a mortgage? A job with a major corporation? A driver's license? Admission to a college or university? Every detail you provided resides in a database somewhere, vulnerable to hacking. Have you ever been sued or have you sued somebody else? Every detail is in the court records and in lawyers' offices where any nosy secretary can read every word of it. Every job you ever had is in your Social Security records.

I know a woman who was convicted of a felony in her 20s. When she tried to purchase a hand gun 50 years later, her prison record turned up in a matter of seconds. Every significant detail of your life is recorded in at least a hundred places, and each of those hundred-plus records is accessible to individuals who may or may not be honest.

Perhaps the most vulnerable records of all are in our personal computers, because the average consumer doesn't know how to adequately protect himself from invasion by hackers sneaking in via a communications port. All our financial records, business transactions, and our most personal letters and e-mails are at continuous risk.

As for Big Brother knowing where we are every minute, what makes you think he doesn't know now? The last time you got pulled over for running a stop sign, the cop knew everything he needed to know about you within two minutes by entering your driver's license number and/or your vehicle license in his onboard computer. And you're registered to vote, aren't you? And do you really believe that just because you have an unlisted phone number, you can't be found by anyone determined to find you?

With personal ID tags, at least lost, abducted, and runaway children will be found. Murder victims stripped of their clothing and papers will be identified and their family notified. POWs and MIAs will be located and rescued. Tracked parolees may prove they were NOT at the scene of the crime as well as being confirmed as there. In the latter case, faced with positive identification they might not commit the crime in the first place.

Taken together, all this makes it seem a bit ridiculous to worry about RFID tags, except to make sure that adequate laws are on the books, as we need to do with any new technology.

Abuses will happen. But the fact that automobiles kill, cripple and maim hundreds of thousands of people a year has not convinced many people to buy a bicycle instead.

The fact that our counselors keep notes on the most humiliating details of our lives in a file cabinet that might not even be locked doesn't seem to discourage us from paying him far too much money to do so.

That RFID tags may be misused by some is not sufficient reason to reject the immense convenience and security they will bring to our lives.--Toni McConnel