[LINK] Re: So, you're worried about RFID?

rchirgwin at ozemail.com.au rchirgwin at ozemail.com.au
Fri Aug 20 09:38:39 EST 2004 

Guy,

I think the key starting point you've raised is the best place to begin:

> I believe one of the most underestimated aspects of such concepts as 
> RFID is not purely to look at it's benefits or even just it's face 
> value privacy concerns but it's potential for abuse and in turn the 
> implications which could result from, and the level it could happen on 
> in the case of such abuse. 

"Look at capabilities, not at intentions" is valid and conservative, 
because you cannot guarantee future intentions.

> While it would be irrational to reject technological progress and the 
> process of bringing certain existing concepts into new forms, and 
> whilst there is undeniable advantages with technologies such as RFID, 
> the potential privacy issues possible with such concepts are more in 
> the realm of science fiction than reality, as such our experiences and 
> knowledge with it is limited.

One reason I harp so much on obscurata like Shannon's Law is that while 
we can't see inside the research labs, we can assume that boundary 
conditions exist. In the case of RFID the boundary condition is 
available power, because "more power" is the only way to get either (a) 
greater distance, or (b) increased channel capacity (ie, transmit more 
data, or communicate faster with more tags). Hence my repeated 
conviction that the tags themselves are self-limiting (and hence the 
industry's wish to have 4W readers instead of the current 1W that the 
ACA allows).

>
> Because the potential privacy concerns are far greater than with 
> existing technologies (due in part to the common process of 
> centralization of digital information), the seemingly inevitable 
> widespread use of RFID ( as will be driven like most technologies by 
> the needs of business ) makes it far easier for both governments and 
> organizations to profile/build up information on an individual. Whilst 
> in the short term the use of RFID going from the manufacturing plant 
> to say the Point Of Sale in Coles is unlikely to have any negative 
> implications for individuals, and does ultimately increase 
> accountability, looking at it alone in this concept I believe to be naive.

At point of sale, the limit is whether Coles is associating 
purchase-individual. Later, the privacy invasion would occur if Coles 
were able to associate that data with a return visit. Worse for the 
individual is if that data is read by "non-Coles", or if an inadequate 
system can't differentiate between "bought somewhere else" and 
"shoplifted", etc.

We also overlook potential anti-competitive practises arising out of 
RFID. For example, if I buy a shoe from a small indy shoe-store, Target 
can't associate "the shoe" with me. But it CAN say "tag #x", and query 
the naming service "which brand, which item" and possibly "which 
retailer", and put the squeeze on.

So it's neither far-fetched nor inappropriate to say "what are the 
capabilities" and "how may they be misused?"

Welcome as an "active" poster!

RC

>   One merely needs to look at the implementation of RFID in the UK to 
> see an attempt already at a broader ranging system, the same country 
> which seems to ultimately want to tie daily transactions and all 
> health/social/financial information to a single national ID card, a 
> technology in itself which utilizes RFID.
>
> The practice of 'on-selling' and the sharing of information, 
> particularly 'in times of great danger' for the latter, often results 
> in even legislations and other such things being by-passed, with often 
> special clauses making government bodies exempt (as has already 
> happened here in australia with existing privacy laws in recent 
> times), and with businesses, much like with SPAM, the integrity of 
> less than ethical organizations (quite possible through the use of 
> legal clauses often over looked by people unaware of the implications) 
> can result in losses of privacy. All you need to do is take a look at 
> the level of profiling already in place in the US to see how any and 
> all data the government is able to collect on individuals helps to 
> classify them via a computerized system as potential threats or not. 
> There's examples of it here in Australia, at the Olympics currently, 
> and more. But the distinction is the acceptance and wide spread 
> implementation of such technology in such an un-discriminatory manner 
> leads to a largely Orwellian society. The examples I provide is NOT 
> science fiction, they are things which are already happening today, as 
> such the probability and believability of such notions i am suggesting 
> I don't believe to be far fetched, and RFID is a (/an already 
> exploitable) tool which can help streamline this process.
>
> I believe the solution lies in discretion regarding the implementation 
> and limitations of such technologies, but as stated previously here, 
> with business driving it, and business ultimately being self-serving 
> there is no reason why such concerns will even be taken into much 
> account (with the 'noise' from civl liberty groups making for little 
> impact), and as both the media and the masses fail to have a proper 
> understanding of these technologies, and for the masses, until it 
> affects them in any negative way (at which point it is too late for 
> them to cry wolf), why they should even have any reason for concern, 
> when the economic benefits/economic rationalism's and the conveniences 
> it creates will often be the only aspect of such technologies pushed.
>
> Sorry for the length of this post. :)
>
> Guy
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>

More information about the Link mailing list