[LINK] Re: RFID in Govt, and in People

Roger Clarke Roger.Clarke at xamax.com.au
Thu Oct 5 11:18:38 AEST 2006 

At 0:18 +1000 5/10/06, Geoffrey Ramadan wrote:
>Can someone please explain what the "additional" privacy issues are 
>that relate to RFID in library applications. i.e. what are the 
>additional privacy concerns that are not already covered with in a 
>library system?
>
>As far as I am aware, the RFID label on a book is simply a book ID 
>number. There is no personal information attached to it, and is 
>simply replacing the existing barcode that is used.

[Geoffrey, don't be disingenuous.  No-one's suggesting that RFID tags 
are in themselves 'the work of the devil'.  The concerns are about 
the use of RFID tags within applications, which in many cases are 
considerably more than "simply replacing the existing barcode".]


>The key point I got from the URL is:
>"It can be extremely difficult for Australian libraries to 
>accurately gauge the risks to the privacy of their borrowers in the 
>context of rhetoric which at times borders on the hysterical and is 
>often misinformed."

[That last clause was probably intended to refer to people other than 
librarians;  and in any case appears to me to be "hysterical and 
misinformed" - Katherine Albrecht of CASPIAN may be a tad shrill 
because of the intransigence of the RFID suppliers, but is neither of 
those two]


Helen (who you didn't cc. in on your email, Geoffrey) suggests as follows:

>Some of the concerns about the application of RFID to libraries are
outlined in the following presentations to the American Library
Association by the Privacy Rights Clearinghouse and the Electronic
Frontiers Foundation:
>
>"RFID Implementation in Libraries"
>http://www.privacyrights.org/ar/RFID-ALA.htm

[I'm supposed to be doing something today, and haven't read the 
references;  but I know both Beth Givens in San Diego and Lee Tien in 
EFF SFO, and neither is hysterical or misinformed.]

>Also the following article casts doubt on reassurances by RFID vendors
that there is nothing to worry about with this application:
>
>David Molnar and David Wagner.  "Privacy and Security in Library RFID:
issues, practices, and architecture"
>http://www.cs.berkeley.edu/~dmolnar/library.pdf#search=%22rfid%20libraries%20privacy%22

[David Wagner at Berkeley is a well-known name in the security field.]

-- 
Roger Clarke                  http://www.anu.edu.au/people/Roger.Clarke/

Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in Info Science & Eng  Australian National University
Visiting Professor in the eCommerce Program      University of Hong Kong
Visiting Professor in the Cyberspace Law & Policy Centre      Uni of NSW

More information about the Link mailing list