[LINK] Re: RFID in Govt, and in People

Geoff Ramadan gramadan at umd.com.au
Thu Oct 5 19:12:51 AEST 2006 

Roger Clarke wrote:
> At 0:18 +1000 5/10/06, Geoffrey Ramadan wrote:
>> Can someone please explain what the "additional" privacy issues are 
>> that relate to RFID in library applications. i.e. what are the 
>> additional privacy concerns that are not already covered with in a 
>> library system?
>>
>> As far as I am aware, the RFID label on a book is simply a book ID 
>> number. There is no personal information attached to it, and is simply 
>> replacing the existing barcode that is used.
> 
> [Geoffrey, don't be disingenuous.  No-one's suggesting that RFID tags 
> are in themselves 'the work of the devil'.  The concerns are about the 
> use of RFID tags within applications, which in many cases are 
> considerably more than "simply replacing the existing barcode".]

Roger

This is the issue I am trying to get my head around.

Question:
What is the difference in privacy concerns in a barcoding based library system,
compared to a RFID based library system.

My sense so far, is that it is to do with eavesdropping, but not by the library 
system itself but surreptitiously by others (see below)


> 
> 
>> The key point I got from the URL is:
>> "It can be extremely difficult for Australian libraries to accurately 
>> gauge the risks to the privacy of their borrowers in the context of 
>> rhetoric which at times borders on the hysterical and is often 
>> misinformed."
> 
> [That last clause was probably intended to refer to people other than 
> librarians;  and in any case appears to me to be "hysterical and 
> misinformed" - Katherine Albrecht of CASPIAN may be a tad shrill because 
> of the intransigence of the RFID suppliers, but is neither of those two]
> 
> 
> Helen (who you didn't cc. in on your email, Geoffrey) suggests as follows:
> 
>> Some of the concerns about the application of RFID to libraries are
> outlined in the following presentations to the American Library
> Association by the Privacy Rights Clearinghouse and the Electronic
> Frontiers Foundation:
>>
>> "RFID Implementation in Libraries"
>> http://www.privacyrights.org/ar/RFID-ALA.htm


Agree with most of theses points. Key issue being that there will most likely be
a global standard for RFID labels on books and libraries should consider using
this, rather than putting in some closed system.

My take is provided they pick the correct frequency (HF or UHF), with correct
selection of equipment, they will be able to migrate with little or no modification.

Given the adoption of UHF Gen2 EPC tag technology, UHF may be preferred on a
cost" basis (currently is cost wise).



> 
> [I'm supposed to be doing something today, and haven't read the 
> references;  but I know both Beth Givens in San Diego and Lee Tien in 
> EFF SFO, and neither is hysterical or misinformed.]
> 
>> Also the following article casts doubt on reassurances by RFID vendors
> that there is nothing to worry about with this application:
>>
>> David Molnar and David Wagner.  "Privacy and Security in Library RFID:
> issues, practices, and architecture"
>> http://www.cs.berkeley.edu/~dmolnar/library.pdf#search=%22rfid%20libraries%20privacy%22 
>>
> 
> [David Wagner at Berkeley is a well-known name in the security field.]
> 

After reading this I am dumbfounded!

It goes into great lengths technically on how hard it is to make a industry 
standard tag, based on open standards that is designed to be readable... only 
readable when you want it!

It then concludes that you cannot do it.

There is some discussion about extreme ways on how you use "video surveillance 
or other mechanisms, this may allow an adversary to link different people 
reading the same book. In this way, an adversary can begin profiling 
individuals’ associations and make inferences about a particular individual’s 
views."

It also advises that "Under the USA PATRIOT act, however, patron records may be 
accessed by order of the Foreign Intelligence Surveillance Court, or via a 
National Security Letter, as well as by a regular court order."

So in this case, you don't need RFID, just access to the database.

I also liked this paragraph:
"Learning origin data can be a privacy problem. For example, police at a 
roadblock may scan for patrons from specific city libraries in predominantly 
minority areas and search them more carefully; this would raise issues of racial
profiling."

1) You would could probably have a good guess just by looking at people and 
their cloths as to their racial profile.
2) You could also work out were they come from by looking up their vehicle 
registration details.

Anyway, putting my dumfoundness to one side. The key issue appears to be in the 
use of RFID in library system, that the RFID book can be surreptitiously be read.

I will concede that technically this can be done, but there are some very simple 
remedies if you are concerned about this:

1) reduce the size of the antenna on the RFID tag. Less antenna area, the 
shorter the read range.

2) Use HF instead of UHF tags (also to ensure reduced read range)

3) For the paranoid, provide as standard or an option, aluminum foil insert, to 
be placed in the book once it is scanned.

4) Finally, in the library itself, install RFID detectors to see if anyone is 
"sniffing" with in the library. Or if this is too expensive, have "RFID Sniffer 
Police" randomly check out various libraries.

Regards

Geoffrey Ramadan, B.E.(Elec)
Chairman, Automatic Data Capture Australia (www.adca.com.au)
and
Managing Director, Unique Micro Design (www.umd.com.au)

More information about the Link mailing list