[LINK] The Ultimate Privacy Argument Against RFID

Howard Lowndes lannet at lannet.com.au
Fri Nov 4 15:36:30 EST 2005 

Slightly off this track, but maybe related.

Our local BigW has had a major refit and has had some self help check 
outs installed.  I used one the other day, having bought two identical 
products.  I scanned one, then went to scan it again, but wasn't allowed 
to until I had placed the first item on the "packing shelf".  I have 
also had situations were I have placed items on the packing shelf then 
removed them before paying, only to be told to replace them before paying.

You tell me how it knows which items are where - my money is on RFID 
somewhere.

Bernard Robertson-Dunn wrote:
> The Ultimate Privacy Argument Against RFID
> October 21, 2005
> By Evan Schuman
> CIO Insight
> http://www.cioinsight.com/print_article2/0,1217,a=163218,00.asp
> 
> Privacy arguments tend to be emotional, often expressed in terms of "security
> versus privacy."
> 
> A new book out about the future of RFID goes far beyond that. The authors of
> Spychips do not hesitate to go for the emotional jugular frequently, using
> references and examples from the Bible, the Nazis, the Russian government and
> the George Orwell classic 1984.
> 
> But they also make a stunningly powerful argument against plans for RFID being
> mapped out by government agencies, retail and manufacturing companies. Sources
> and evidence for their arguments come from patent applications, interviews and
> confidential documents carelessly left on vendors' Web sites.
> 
> This won't be comfortable reading in the IT departments of major retailers and
> manufacturers, but it is essential. IT is the group charged with being creative
> and making the technology do the magic that marketing needs it to do.
> 
> But who is charged with being the corporate conscience? Whose job is it to make
> sure that the corporation, in its pursuit for greater profits and market share,
> doesn't go too far in exploiting information on their customers? Far too often,
> that decision falls on marketing executives who, the book eloquently argues,
> are stunningly ill-suited to the task.
> 
> A favorite anti-marketing passage: "Researchers have found that marketing
> students score lower on measures of ethics and academic integrity than any
> other university majors."
> 
> The passage said business majors cheated more than their peers and that
> "marketing majors cheat significantly more than their peers in other business
> disciplines."
> 
> The book's thrust, though, is a detailed analysis of RFID trends. It
> effectively debunks many of the top arguments about why RFID is not a privacy
> worry.
> 
> Consider the use of RFID in hospitals and the frequently-cited media comment
> that the leading cause of death due to medical errors in caused by patient or
> drug misidentification. The book talks about that comment on the Web site for
> Precision Dynamics Corp., which is attributed to The Institute of Medicine
> Report, written by two doctors from the Harvard Medical School of Public
> Health.
> 
> There's just one problem with that reference, the book says: That report makes
> no reference whatsoever to patient or drug misidentification having any impact
> on patient deaths.
> 
> The book quotes one of the report authors as saying the attribution as "a
> complete misrepresentation" and adds that, in reality, misidentification
> accounts for fewer than five percent of medical errors.
> 
> When Ziff Davis contacted PDC, the claim was still on their Web site and they
> promised to get back to us with an explanation. No one ever did but the claim
> has magically vanished from their site.
> 
> The biggest RFID argument that the authors attacked was the industry's claim
> that retailers and manufacturers have no interest nor intention in tracking
> products once they leave the stores and certainly no intent to track consumers.
> 
> The authors—Katherine Albrecht and Liz McIntyre—use vendors' own patent filings
> to show their thinking, such as an IBM filing titled "Identification and
> Tracking of Persons Using RFID-Tagged Items." A Phillips Electronics 2003
> patent application talks about placing RFID tags in shoes so that they can be
> detected by RFID scanners embedded in floors.
> 
> Note to vendors: A little subtlety is probably not a bad idea when trying to
> patent ideas that your PR people are denying you're thinking about.
> 
> Consider Procter & Gamble's August 2001 RFID patent filing dubbed "Systems and
> Methods For Tracking Consumers In A Store Environment." The book then quotes
> Sandy Hughes, P&G's "global privacy executive" as assuring that P&G has "never
> even considered tracking consumers with RFID."
> 
> It then quotes Gillette's Dick Cantwell, the manufacturer's VP of global
> business management, saying the company wants to use RFID "to track consumer
> use of its products at home."
> 
> The authors had the most fun with a promotional RFID piece produced by NCR,
> including using RFID to price-discriminate against customers, especially those
> trying to bargain hunt.
> 
> "With RFIDs on loyalty cards to identify the customer and a customer shopping
> history database, items could be priced differently depending on
> characteristics of the person who was buying them." One appalling possibility:
> A consumer known to be hungry or who just got a raise could get charged more
> for groceries.
> 
> The book methodically debunks the argument that RFID chips can only be read
> from very short distances, making the idea of tracking consumers outside of
> stores difficult.
> 
> The authors argue that strategically placed readers—such as at highway
> exits—could track consumers quite effectively, particularly as RFIDs get
> themselves into the home (refrigerators that alert the retailers when certain
> groceries run low), the car (for repairs or intelligent navigation systems) and
> cell phones (for payment).
> 
> The retail and manufacturing tracking capabilities are spooky, but the book
> gets downright freaky as it discusses government plans for embedding RFID chips
> into the flesh of people (military, prison inmates, sensitive government
> employees, etc.).
> 
> The book talks of the implants and casually debunks the frequently-cited claim
> that the glass-encased insert is "about the size of a grain of rice." The chip
> "actually measures 12 mm (.47 inches) long, making it a bit shorter than the
> diameter of a dime.
> 
> That's a lot larger than any rice we've ever seen—and we both eat long grain
> rice." That one hurt as Ziff-Davis has used the "grain of rice" comment often
> enough, but we won't anymore.
> 
> The books talks about former Mexican attorney general Rafael Macedo de la
> Concha having an RFID chip inserted into himself and some of his employees "as
> a way to secure access to a sensitive records room." It then makes the case
> that, far from being secure, it encourages those employees to be kidnapped and
> have the chip removed by force.
> 
> The authors found a patent application from an RFID company called Persephone
> Inc. that proposes installing RFIDs deep within the body and it discusses ways
> for the implanted chip to "electroshock the implantee."
> 
> There's no question that the books pushes the anti-RFID a bit far—citing
> biblical passages and asking how a Hitler would use RFID—but those arguments
> are still something that RFID developers and retail/manufacturing execs need to
> hear.
> 
> If you need to hear a worst-case scenario and know the perception—and possibly
> reality—challenges of RFID, reading SpyChips is the ideal first step.
> 

-- 
Howard.
LANNet Computing Associates - Your Linux people <http://lannet.com.au>
-- 
When you just want a system that works, you choose Linux;
When you want a system that works, just, you choose Microsoft.
-- 
Flatter government, not fatter government;
Get rid of the Australian states.

More information about the Link mailing list