Curated by: Luigi Canali De Rossi

Tuesday, December 16, 2003

Are RFID Tags A Privacy Threat We Should be Concerned About?

As some of you may have been able to read from the news of the last few days officials participating at the World Information Society Forum in Geneva were provided with RFID badges (radio-frequency identification chips) having the ability to monitor the wondering and detailed position of each participant within the convention center.

While most participants didn't even pay attention to this detail, a few of them were there to actually uncover detailed information about this illegal practice which has been banned through several international laws and treaties.

The badges were handed out to more than 50 prime ministers, presidents and other high-level officials from 174 countries, including the United States. Researchers questioned summit officials about the use of the chips and how long information would be stored but were not given answers.

It is a dramatic irony of sorts that the WSIS Summit was focused on Internet governance and access, security, intellectual-property rights and privacy.

What they were able to uncover reveals the lack of cultural understanding of the issues at stake on this front and the rapidly raising threats that this may pose to us in the near future.

Even more interesting is what the three researchers reported:

...during the course of our investigation, we were able to register for the summit and obtain an official pass by just showing a fake plastic identity card and being photographed via a Web cam with no other document or registration number required to obtain the pass,...".
The researchers chose names for the fake identification cards from a list printed on the summit's Web site of attendees.



Such security procedures violate the Swiss Federal Law on Data Protection of June 1992, the European Union Data Protection Directive, and United Nations' guidelines concerning computerized personal-data files adopted by the General Assembly in 1990, as indicated by the reporters from the researchers said.

"The big problem is that system also fails to guarantee the promised high levels of security while introducing the possibility of constant surveillance of the representatives of civil society, many of whom are critical of certain governments and regimes," the report said.

It is important to understand what the consequences and risks of living in a highly controlled and monitored society may involve, and while many may tout that cellphones and credit cards have already very high penetration rates and do provide a powerful ability to monitor and track many of our activities, both of them can be easily turned off at will.

An important statement about such issues and their immediate relevance to us is the one given by Olivier Piou, CEO of Axalto at the WSIS conference attendees:

Wireless technologies also present a similar threat to privacy: while it is relatively easy to turn off a cellular phone (because all of them have an ON/OFF button!), radio-frequency identification systems - also known as RFID or contactless systems - are activated from a distance. It becomes so very easy to install a reading antenna, in the subway or in any place like in this conference room, to detect who is there without awareness and consent.

Numerous books and movies have predicted that our civil society would not be wise enough to protect its basic universal human rights in this digital age. However, the more we have powerful tools available to us, the more we have the duty to use them for the best of humanity. This is why I wanted to raise your awareness today.

This is why also, we at Axalto believe that it is essential that digital identity be designed to ensure trust and confidence in modern digital systems, and that it be combined with conventional physical identity into a secure portable object that citizens can voluntarily present to be identified, to authorities in the physical world and to on-line services in the virtual world.

I deeply share the above vision and am eagerly awaiting some prophets and international organizations, to popularize and bring about the essence of what is stated above without creating another business monopoly.

Use and management of our identity is too important not to be given out to anyone company.

The management and control of our identities should be placed in the hands of the individual through use of dedicated commons (international non-profit orgs) and certified authorities/systems which would guarantee that the interest of each one of us is not being forcedly matched with the interest a corporation.

Original sources:

  • Are Privacy Fears About RFID Tags Just Hype?

  • Bug devices track officials at summit

    I must thank Dow Jones columnist Jeremy Wagstaff for providing much of the inspiration and "soul£ for this short essay. His blog is a recommended stop:
    LOOSE wire
    musings, snippets, grievances and links on personal technology by dow jones columnist jeremy wagstaff.

    Readers' Comments    
    blog comments powered by Disqus
    posted by Robin Good on Tuesday, December 16 2003, updated on Tuesday, May 5 2015

    Creative Commons License
    This work is licensed under a Creative Commons License.




    Real Time Web Analytics