Accommodating RFID Technology and Expectations of Privacy: An Examination and Proposed Guidelines[1]
By Greg Plichta for the Electronic Privacy Information Center*
June 2004
Radio Frequency Identification (RFID) is a rather old technology that has raised new issues in the area of privacy. The main risk to privacy is the ability of the technology to track individuals. Such tracking can be accomplished by monitoring objects with attached transponders ("tags") to them, whether it be in a store, a warehouse, or beyond these premises. By tracking objects, it is possible to track individuals who have substantial contact with such objects. Such tracking includes monitoring what individuals are purchasing and where individuals are moving about. However, tracking can also be accomplished directly by embedding individuals with tags. Thus, a need has arisen to examine how the use of RFID technology can be accommodated with an individual's expectation of privacy.
In examining the tension between RFID technology and privacy, this paper is divided into five parts. In part I, a brief history of RFID technology is given. In part II, the current state of the technology is examined. Part III, which analyzes privacy issues concerning RFID technology, is divided into four subparts. First, the tracking of objects is considered, which is the typical scenario. This scenario considers various uses of RFID technology, from the garden variety retail use to the more exotic embedding of RFID tags in money and tires. Second, the direct tracking of people is considered, in contrast to tracking of objects (and the tracking of people via objects). Third, tracking by the private sector is examined, which is mainly done for economic streamlining reasons. And fourth, tracking by the government is examined, and to what extent the government is engaged in the RFID and privacy struggle. In part IV, conclusions are drawn regarding the state of the RFID and privacy developments. Finally, in part V of this paper, general recommendations are made as to how RFID technology can continue to create new efficiencies while accommodating individuals' privacy rights. The main concern of this paper is to survey how each side, whether industry groups or privacy advocates, is trying to push forward its agenda while trying to assess the current state of the debate. Thus, this paper attempts to gain an objective understanding (to the extent one individual can be "objective") of the RFID/privacy debate, without advocating for either side.
At the end of this paper, proposed guidelines are offered that attempt to strike a balance between the legitimate use of RFID technology to advance the state of technology and increase economic efficiency and an individual's expectation of privacy. This balance is struck based on the assumption that RFID technology is here to stay and that it will only expand in its applications, and that an individual's expectation to privacy cannot be compromised for the sake gaining the most efficient or most cost effective means to employ the tracking of everyday objects.
I. The History of RFID[2]
The history of RFID goes back 14 billion years to the "Big Bang." It is with the Big Bang, as current scientific theory tells us, that electromagnetic energy was created, which now serves as the source of RFID technology. Fundamental understanding of electromagnetic energy was not developed until the beginning of the 1800's, where scientists like Faraday, Maxwell, and Hertz laid the groundwork for the concept of electromagnetic energy as electromagnetic waves, or radio waves. Only towards the end of the 19th century, Marconi was able to successfully transmit radio waves across the Atlantic.
Then, approximately in 1922, radar technology was born. Radar sends out radio waves to detect and locate an object by reflecting these waves off of the object. Such reflection can determine the position and speed of an object by using simple trigonometry. This fundamental idea underlies RFID technology. However, probably the first work exploring RFID technology as it is understood today, was Harry Stockman's landmark paper "Communication by Means of Reflected Power," in October of 1948. It is interesting to note that it would take another thirty years after Stockman's paper for RFID technology to fully realize its potential. The problem was that other developments in technology were needed first, namely, the development of the transistor, the integrated circuit, the microprocessor, communication networks, and the like. Thus, the development of RFID technology was anything but linear and logicalit depended to a large extent on the vagaries of surrounding technology.
The 1950's ushered in an era of exploration and laboratory experimentation of RFID technology, which was still based on the developments in radio and radar in the 1930's and 1940's. Related technologies such as the long-range transponder system for aircraft further assisted in the development of RFID. The 1960's saw commercial activity and companies like Checkpoint and Sensomatic were formed. These companies developed electronic article surveillance (EAS) equipment to counter theft. This equipment was rather primitive by today's standards since it could only detect the presence or absence of a tag attached to an object. However, EAS technology was arguably the first and most widespread commercial use of RFID.
The 1960's in many ways were a prelude to the explosion of RFID technology in the 1970's.In the 1970's both the private and the public sectors were intimately involved in RFID technology. Applications for animal tracking, vehicle tracking, and factory automation burgeoned. A 1973 conference sponsored by the International Bridge Turnpike and Tunnel Association (IBTTA) and the United States Federal Highway Administration concluded that there was no national interest in developing a standard for electronic vehicle identification, and this was "an important decision since it would permit a variety of systems to develop, which was good, because RFID technology was in its infancy."[3]
The 1980's were a decade of RFID implementation. But, different parts of the world emphasized different aspects of RFID technology. For example, in the United States, transportation, personnel access, and to a lesser extent, animal tracking were of interest. In Europe, on the other hand, the greatest interest was in short-range systems for animals and industrial and business applications. Moreover, in the Americas, some associations were active in RFID initiatives dealing with railroads and container handling.
The 1990's saw wide scale deployment of electronic toll collection technology in the United States. In 1991, in Oklahoma, the world's first open highway electronic tolling system opened. Under this system, vehicles could pass toll collection points at highway speeds without having to stop at toll booths. On the Kansas turnpike, a system was installed with readers that could read tags of an Oklahoma system, thus RFID technology had spread across state boundaries. Furthermore, in Georgia an improved system could read not only its own tags but also those of the system installed in Kansas. This meant that RFID technology could cope with multiple protocols of toll collection systems. However, tolling applications were not limited to the United States. Such applications appeared in Argentina, Australia, Canada, Brazil, China, Europe, Hong, Japan, Kong, Malaysia, Mexico, Philippines, Singapore, South Africa, South Korea, and Thailand.
RFID technology spread not only across different countries but also across different business segments. A single tag could now be used for toll collection, parking lot access and fare collection, and gated community access and campus access. The significant expansion of the functionality of RFID technology was in part due to technological developments. Schottky diodes fabricated on CMOS integrated circuits permitted for construction of microwave RFID tags that contained only a single integrated circuit. At the same time, many new companies entered the marketplace to take advantage of the increasing capability of RFID technology.
At the beginning of the 21st Century, the future of RFID technology looks bright. Now that the cost of RFID technology is rapidly decreasing, its spread across numerous sectors of the economy[4] and national borders[5] looks more and more inevitable.[6] At present, RFID is in the midst of being deployed on a wide scale in the retail sector.[7] From 1999 until 2003, the Massachusetts Institute of Technology was working with industry partners, in a research group called Auto-ID Center, to develop and field test a new breed of computer network that can track the location of everyday objects, through an elaborate system of RFID microchips and readers.[8] This partnership has now resulted in a new joint venture, called EPCglobal, which is made up of the Uniform Code Council and EAN International, which oversee global barcode standards. EPCglobal will develop the coordination of technical standards and specifications for RFID technology.[9]
In short, what these above listed developments suggest is that RFID technology has matured over decades and it is so well established that reasonable privacy legislation will not end the development of RFID.[10] Whatever difficulties RFID will encounter may be due to its own internal struggles as much as external forces.[11] Legislation dealing with RFID privacy issues is just beginning to be introduced, and it will determine to what extent RFID technology will impinge on an individual's expectation of privacy.[12]
II. The Technology of RFID[13]
As one writer put it, RFID technology is "essentially a new and vastly improved barcode."[14] The barcode has become ubiquitous and familiar, with its field of bars and gaps arranged in parallel configuration. But, whereas the barcode has had success[15] over the past twenty years, its shortcoming has been its low storage capacity and the fact that it cannot be reprogrammed.[16] Only with recent the technological developments discussed above, has RFID technology been considered a replacement for barcodes. However, as it becomes apparent from the discussion below, RFID technology is much more than an "improved barcode," not only because it does have high storage capacity and ability for reprogramming, but also because of its miniature size and the accompanying tracking ability.
Any RFID system is always made up of two components: (1) a transponder (i.e., a "tag") and (2) an interrogator (i.e., a "reader").[17] The tag is located on the object to be identified, and the reader is the device that reads and/or writes unto the tag. See Figure 1 below.[18] The reader typically contains a transmitter and a receiver to send and receive data, respectively, a control unit to manipulate the data, and a coupling element to communicate with a tag. Moreover, the reader can forward the data it receives to another system such as a computer where the data can be analyzed by a user.[19]
Figure 1. The reader and transponder/tag are the main components of every RFID system
The tag typically contains a coupling element to communicate with the reader, and an integrated circuit to manipulate and store the data. The reader first sends energy to the tag. The reason for sending energy is to provide "power" to the tag so it can operate and send data back. Some tags already have a battery, in which case such energy is not needed. Depending on the kind of RFID system, the reader can also read and/or write data to the tag. It is this reading and/or writing ability of the reader and the data storing and sending ability of the tag that constitute the heart of any RFID system. Such a setup allows the reader to communicate with a tag and thus obtain information about the object to which the tag is attached. Since the tag can only store the data that the reader writes unto it (or the data that was originally stored unto it in a factory), such information is rather limited to the most basic aspects of the object to which the tag is attachedthe kind of object it is, its price, etc. But importantly, the reader can track an object by tracking the tag. Tracking is based on the reader having the ability to read a tag in its vicinity.
Typically, such tracking occurs up to distances of five meters,[20] although optimal tracking is on the order of tens of centimeters.[21] The reader can read the tag's data in about half a second and the tag can store anywhere from 16 to 64 kilobytes of data. The readability of the data is considered good and it is not greatly affected by dirt, covering, direction or position.[22] The frequency range of most RFID systems is between 100kHz to around 30 MHz.[23] Moreover, readability of such data by people and unauthorized copying or modification is considered very difficult.[24] Of course, these specifications are true as of today's state of technology, and it is not clear that unauthorized copying or modification will not be feasible in the future, where rogue readers might corrupt targeted tags.
However, to prevent any such corruption, secure RFID systems employ authentication protocols. Such protocols work by checking knowledge of a secret (cryptographic) key. Appropriate algorithms can be used to prevent the secret key from being cracked.[25] Thus, secure RFID systems can provide defenses against such practices as the unauthorized reading of a tag in order to duplicate and/or modify data, or the eavesdropping on radio communications between a reader and a tag.[26] And yet, it is worth noting that even if a transmission is encrypted, the transmission may be commercially valuable as it could be used to uniquely identify people and things.[27]
These are just the basic features of a typical RFID system. High-end RFID systems have more sophisticated features that are beyond the scope of this paper. However, the basic features discussed above are the key to understanding the debate RFID technology has initiated with respect to privacy concerns.
Lastly, today a typical RFID tag costs about $0.50,[28] but prices vary depending on the sophistication of the tagfor example, whether the tag can be reprogrammed or whether it can only be read. Towards the end of this decade, RFID tags are expected to cost a fraction of this price.[29] The market for RFID technology has been estimated at one to two billion dollars at the beginning of this decade and is expected to surpass ten billion dollars at the close of the decade.[30]
III. Analysis of Privacy Issues Concerning RFID
Privacy is one of the hottest issues surrounding RFID technology today.[31] The main concern is the technology's ability to track the objects that tags are attached to.[32] By tracking objects, RFID readers can also track people who have contact with these objects, for example, the shirts or shoes people wear, the wallets they carry, and so on. Of course, such trackable tags are not limited to being attached to objects, because they can also be implanted in people. The small size of RFID tagssome on the order of a grain of sand [33]makes their intrusion in the human body minimal. Based on these facts, privacy advocates have expressed legitimate concerns regarding the threat to privacy that RFID technology presents.
A. Tracking Objects: The Typical Scenario
RFID is typically used to track objects. Tracking permits retailers to slim inventory levels and reduce theft, which by some estimates reaches $50 billion per year.[34] Thus, tracking is performed out of economic considerations and not the invasion of privacy. Yet, the potential abuse in tracking objects, and thus people, has given rise to spirited debate regarding RFID technology.
A seemingly innocuous example of involves tracking books in a library. Some libraries have already, and some are only in the planning stages, of introducing RFID technology to track books and other library items. The advantages of such an implementation are easy to recognize: helping staff to track library items, whether missing or misplaced, deterring theft and helping patrons check out books faster.[35]
However, a concern that arises is what happens when the tagged items leave the library? Theoretically, tags can be deactivated once they leave a library, but, as critics point out, if such devices can be turned off, they can also be turned on. This means that anybody from small-time computer hackers to law-enforcement could track the whereabouts of patrons who just checked out the "The Communist Manifesto," or "Mein Kampf," or a book on bomb-making.[36] As Lee Tien, an attorney with the Electronic Frontier Foundation points out, "what one reads is often something that society in general will make judgments on."[37] On the heels of such judgments could follow greater surveillance of library patrons thus threatening the privacy of such patrons.[38]
Tracking through books might be considered only a mild threat to privacy, since people typically don't carry their books everywhere with them. But money is a different issue. People typically carry their wallets everywhere with them. Money now poses a risk to privacy because governments are considering embedding RFID tags in currency. The main reason for embedding tags in currency would be to combat counterfeiting and money laundering, but it could also be used in other situations such as kidnappings and ransoms, or to help out blind people.[39]
The European Central Bank is interested in such currency-cum-tags because such tags could contain a note's serial number and date and place of origin, not to mention have the ability to be tracked as a note travels around Europe.[40] The applications of such money are seemingly boundless. For example, there is speculative talk of GPS-enabled Euros which vibrate discreetly when a taxi driver is taking a customer for ride, or self-destructing currency for compulsive gamblers, or stress-sensitive currency when a note has been rolled tighter than a pre-determined radius indicating drug use.[41]
US currency could also be embedded with such RFID tags, according to a Federal Reserve official.[42] Tracking technology would allow the government to tax possession of dollar bills. Thus, the longer a person would hold currency without depositing it in a bank account, the less cash value the note would have. Put another way, dollars would have automatic expiration dates. Such possession taxation would arguably discourage "hoarding" currency, deter black market and criminal activities, and boost economic stability during deflationary periods when interest rates approach zero.[43] Yet, despite the economic efficiencies of these creative[44] uses of money, the loss of anonymity in using cash raises troubling privacy issues.
A person can always leave his wallet behind if he does not want to be tracked through his currency. However, by embedding RFID tags in tires, avoidance of tracking is made a lot more difficult. In wake of the Firestone/Ford Explorer debacle, US Congress passed the Transportation, Recall, Enhancement, Accountability and Documentation Act (TREAD). This act mandates that car makers track closely tires from the 2004 model year onward. As a result of this act, Michelin decided to embed RFID tags in tires to make tracking easier. The tags store the tire's unique ID, which can be associated with the vehicle's identification number. But the tag can also store information about when and where a tire was made, its maximum inflation pressure, size, and so on.[45]
People who spend a significant amount of their time in the car could easily be tracked through their tiresnot to mention other car parts that will also probably posses their own individual tags. Of course, the tag by itself will not be able to tell who is driving the car, but by cross referencing other tags that a driver possess, say, her currency or the books she just checked out from the library, even driver identification would seem possible. Yet, for all these wonderful possibilities, such tracking remains years if not decades in the futureassuming it will happen at all. As of today, it does not appear technologically nor economically feasible to track people through objects they are near to.[46] However, this does not mean that individuals interested in protecting their privacy should not take a preemptory approach before such RFID uses become entrenched.
B. Tracking People: A Controversial Proposition
It one thing to track objects, and through those objects to track people, but tracking people directly raises more serious privacy risks. Tracking people directly is already happening in hospitals and in the work place. In Singapore, in wake of the SARS scare, hospitals began tracking visitors, patients, and staff in order to determine with whom a suspected SARS patient had contact.[47] This kind of tracking uses cards with embedded RFID tags. Readers are placed around the hospitals, which is divided into several interrogation zones. When a card carrying individual walks around the hospital, his every movement is tracked. However, in this particular case, since the incubation period for SARS is 10 days, the RFID system stores information on visitors up to 21 days, after which time the tracking information is deleted.
Carrying an RFID card may can be invasive with respect to privacy to the extent that a person decides to carry such a card (or is required to do so for employment reasons or for practical reasons such as entering government buildings, patronizing bars and restaurants, or traveling in rented cars, trains, or airplanes). But, going a step further, one RFID company wants to tag people directly.[48] VeriChip makes subdermal tags that are usually implanted in the tricep. One VeriChip spokesman praised the potential benefits of the technology, revealing that he himself had been "chipped""It's a simple, painless procedure, like getting a shot."[49] Moreover, the spokesman noted that RFID technology is "not like a GPS device, you need close proximity to a scanner to read the chip."[50] This, however, is exactly the point of contention between privacy activists and the RFID technologists. It is the potential fear that RFID tags could function like GPS devices, either by having multiple readers track them as they move aboutas in the hospital example discussed aboveor by the tags themselves having the potential to relay their position from anywhere. Thus, this kind of RFID use becomes especially worrisome since subdermal tags are difficult, if not impossible, for tagged individuals to remove in order to prevent tracking.
Another related example is tracking people at work, specifically, at law firms. In order to increase efficiency, one New York law firm, Akin & Smith, LLC, installed an RFID analogous finger sensing device that is kept at a secretary's desk to track attorney and staff comings and goings. One managing partner at the firm concluded that "It keeps everyone honest," and that it has been "very successful" in increasing productivity.[51] Perhaps betraying a voyeuristic aspect to the system, the partner admitted that he "like[s] to see how long they [lawyers and staff] take for lunch."[52] This system's tracking ability is analogous to RFID technology and raises the same concerns regarding privacy, namely, being monitored constantly, even if it is during working hours. A boss might want to know why an employee spends so much time in a restroom, or why that employee is not in his office working? Or, it might interest the boss to know the individuals with whom the employee is associating or possibly organizing.
C. Tracking by the Private Sector: Economic Streamlining
From the private sector point of view, the purpose of tracking is to increase economic efficiency. Wal-Mart, a retailing giant, is pushing its top 100 suppliers to adopt RFID technology by the end of 2004 and the rest of its suppliers to do so by 2005.[53] This is part of Wal-Mart's drive to have every carton and palette it receives carry an RFID tag. The savings to Wal-Mart could be huge, given its economies of scale. Precise tracking of supplies could cut down on the needed inventory storage by 5%, and reduce the corresponding labor costs anywhere from 7.5% to 20%, which translates to millions of dollars in savings.[54] With these economic potentials in sight, some maintain that the private sector has maintained a rather casual attitude towards privacy risks.[55] Yet, recently, recognizing consumer concern about privacy, Linda Dillman, Wal-Mart's chief information officer, said in a statement that "we want our customers to know that RFID tags will not contain nor collect any additional data about consumers. In fact, in the foreseeable future, there won't even by any RFID readers on our stores' main sale floors."[56] Thus, RFID proponents have responded to pressures from consumer advocacy groups.
In the United Kingdom, the retailer Marks & Spencer conducted a four week trial run of RFID tags contained within throwaway paper labels, but not embedded in, a selection of men's suits, shirts, and ties.[57] The RFID tags hold only the number unique to each garment and respond only to a Marks & Spencer secure reader. A Marks & Spencer spokeswoman commented that "[w]ith the ability to read product details on the RFID tags at different points in the supply chain, the information can be used to ensure that the right goods are delivered to the right store at the right time," whereby customers can benefit from better availability of the goods they want when they shop.[58] Perhaps the most significant point regarding privacy is that "[i]rrespective of the method of payment, no association is made between the information on the [tags] … and the purchaser."[59] Thus, Marks & Spencer has found a way to balance economic efficiency and privacy concerns.
As mentioned above in Part I, the private sector has also enlisted the help of academia to develop RFID technology. The Auto-ID Center at MIT embarked on a four year collaboration with dozens of blue-chip companies to develop and field test a new breed of computer networks that can track the location of everyday objects, such as razors and shoes.[60] Thus, in addition to expanding across borders, RFID technology has extended across disciplines to make the technology more standardized and efficient in tracking objects. Now that RFID technology is garnering more attention for its economic potential, the private sector is beginning to cope with privacy issues that are being constantly raised. Certain retailers and manufacturers like Tesco and Gillette have attracted criticism regarding tracking, while others like Wal-Mart have somewhat backed-off from their initial ambitious projects to push RFID technology to the forefront of implementation.[61] Although the private sector has responded to privacy advocate pressures, it appears that an increase in RFID technology use will be proportional to the number of privacy concerns that surface.
D. Tracking by Government: Big Brother
Tracking by the private sector is scary enough for some, but even more troubling is the potential tracking by the government. The U.S. Department of Defense recently announced a new policy of requiring its suppliers to use RFID tags.[62] The new policy requires that by January of 2005, all suppliers embed passive RFID chips in each individual product, or at least at the level of cases or pallets.[63] This policy applies to everything except bulk commodities like sand, gravel, or liquids.[64] The purpose behind the policy is supply-chain and business process streamlining. Specifically, the goal is to stop critical shortages of ammunition, fuel, and water, which plagued American troops during and after the current Iraqi war. [65] While the DOD's policy will affect soldiers and not non-military personnel, the government is giving RFID technology a big push.
The approach taken by the DOD differs from the private sector in that it requires suppliers to embed tags in each product as opposed to merely attaching a tag to a product, in which case, the tag can be easily removed. Embedding leads to mandatory tracking since a lot of the time a person cannot remove a tag from an embedded product, either because its not physically possible to do so without destroying the product itself or because the tags are so small and so prevalent that they cannot, practically speaking, be removed. Thus, the DOD's policy might give rise to more troubling privacy issues than it otherwise would have, had it allowed for RFID tags to be removable.[66]Some state legislatures have preemptively joined the RFID/privacy debate. For example, California's Senate Subcommittee on New Technology has held hearings[67] to inquire whether embedding RFID tags could invade a consumer's privacy.[68] According to an industry study conducted by A.T. Kearney, an estimated $40 billion, or 3.5 percent of total sales, are lost each year due to supply chain information inefficiencies.[69] Among the parties testifying at the hearing were representatives from the Association for Automatic Identification and Data Capture Technologies (AIM). In contrast to such privacy groups as Consumers Against Supermarket Privacy Invasion and Numbering (CASPIAN), which stress the tracking ability and hence invasion of privacy by RFID technology, AIM has pointed out that the infrastructure costs for a government entity to track all its citizens would be astronomical and technologically infeasible.[70]
The government's involvement is not just limited to the United States. In the United Kingdom, the Parliament is expected to debate the use of RFID technology in the upcoming Parliamentary session.[71] One Labour MP, Tom Watson, posed the following question: "How can we regulate the information collected? For example, do I pick up product ‘A' and ‘B' before choosing ‘C'? Why should they know all our musings?"[72] Moreover, Watson stated that "[t]hey [the ‘unscrupulous retailers'] push our current data protection laws to the limit and therefore require a review by government."[73] Moreover, at least in Europe, RFID technology is also in tension with Section 8 of the Human Rights Act, which states that every individual has a right to privacy.
The problems associated with governmental invasion of privacy are poignantly addressed in such literature as George Orwell's 1984, where the government controls individual thought by "tracking" every aspect of its citizens' lives. Although 1984 issues are far away from today's concerns regarding RFID technology in 2004, governmental abuse of information about its citizens in not that incredible. For example, unless sectoral privacy legislation prohibits it, a business owner can voluntarily provide customers' personal information to police, whether or not a crime has occurred.[74] Yet, such scenarios remain today largely unaddressed, but they are coming to the forefront of the RFID/privacy debate.[75] Perhaps more importantly, governments on both sides of the Atlantic are taking preemptive measures to address privacy issues before they become intractable.
E. The Complexity of RFID Tracking in Different Contexts
One conclusion that can be drawn from the above examples is that the idea of "tracking" is a complex one and that it is context dependent. For example, focusing just on tracking within one context, a retail store (and putting aside the more exotic[76] examples of tracking through tires, currency, clothes,[77] or embedding chips in people), numerous issues arise. Ari Schwarz, the associate director of the Center for Democracy and Technology, points out that "[t]he question is really what's it's [RFID technology] used for and how it's done, rather than the technology itself."[78] Schwarz adds that "[m]ost of the benefits out there comes on the back end, in the stock room, and most of the privacy concerns come when it [RFID] leaves the stock room." Thus, one must ask whether privacy concerns should pertain to stock rooms to a lesser extent than the store premises where consumers are shopping, or if they should pertain at all to areas where consumers are not present?
In the same vein, tagging individual items cannot be conflated with tagging crates or palettes. As Simon Garfinkel, author of Database Nation and a former[79] member of Auto-ID Center's privacy advisory council points out, "RFID tags are currently being used in the supply chain for asset management and warehouse automation, not to track individual items."[80] And yet, Garfinkel observes that as "the price of the tags drops to five cents or less, companies will use them on consumer items."[81] This raises the issue to what extent is consumer privacy at risk today versus what it could be in the future? And is it fair to treat those companies that only use such tags in the supply chain in the same manner as those that tag individual items or use smart-shelves?[82]
Furthermore, aside from where tracking is done, there's the question of what type of tracking is being done. For example, are RFID tags used as a barcode substitute or do they go further and act as loyalty cards? In the former case, RFID should not raise substantially new privacy concerns, since some barcode proprietors can already[83] associate item purchase with a particular consumer if the consumer is not paying in cash.[84] In the latter case, RFID technology could be subject to the same restrictions a loyalty cards. There are already protections in place set out to guard data collected via loyalty cards.[85] However, some legislators believe that RFID technology is different in kind from anything that has come before, and thus the states of California, Missouri, and Utah have introduced legislation that deals with RFID technology specifically.[86] Similar legislation may also appear on the federal level.[87]
These are just some of the issues that come up in a single context of RFID tracking, namely, retail tracking. Similar and distinct issues will come up in different contexts, like tracking books, money, tires, medical patients, and employees. Unfortunately, many of these latter tracking scenarios that impinge on privacy are speculative, because they are either (as of today) technologically very difficult to realize or economically infeasible. Retail tracking provides perhaps the most concrete scenario, and yet even retail tracking is in its infancy. The most sound approach to addressing privacy concerns will have to examine each kind of tracking within a specific context, and a context that is developed enough to provide concrete, substantive solutions to burgeoning privacy risks.
For now, general guidelines, like the ones enumerated at the end of this paper, provide an approach that is at the same time not over-inclusive, because it does not brush over the unique issues within each context, and not under-inclusive, because it deals, on a general level, with issues that come up (to some extent) within each context. As RFID technology becomes more prevalent in use, more specific guidelines, and perhaps even rules, will have to be developed to cope, on a context-by-context basis, with privacy risks. The guidelines presented at the end of this paper, attempt to address legitimate risks raised by privacy advocates, but in such a way as to allow a potentially beneficial technology to develop while respecting the right to privacy that every one of us shares.
IV. Conclusion
In some respects, the potential abuses of RFID's technology and the accompanying threats to privacy have become overstated. The most heated issues raised presently have to do with the potential abuse of RFID technology.[88] On the one hand this is beneficial because the debate anticipates potential issues that will have to be addressed eventually. On the other hand, some of the risks raised about continuous consumer or citizen tracking may have a deleterious effect on the further development of this nascent technology. The danger is that potential fears might negatively impact actual developments of this technology.
In other respects, privacy advocates have so far made headway in dispelling private sector complacency about the inevitability of troublesome (mis)uses of RFID technology. Perhaps the most fundamental progress made by such advocates is the acknowledgement by RFID users that privacy is a legitimate concern.[89] However, further advocate success will have to take a more nuanced approach to addressing privacy concerns. For example, is the RFID technology used on individual items or is it used on crates or palettes? Is RFID technology used in places where customers have substantial contact with RFID tags, such as a store, or in places where no contact is made, such a warehouse? Are RFID tags used merely as barcode substitutes, or is data collected a la a loyalty card? And so on. The danger is in demanding too much of RFID users, such as when tags are only used in warehouses, or not enough, such as when tags are used for post-sale purposes.[90] Employment of RFID technology is complex and varied, and the response to protecting expectations of privacy shouldn't be any less so.
V. General Recommendations
There are several general guidelines that balance the economic potentials of RFID tags against the accompanying privacy concerns discussed in the examples above. One writer, Declan McCullagh, has made four such suggestions: (1) Consumers should be notified when RFID tags are present in what they're buying; (2) RFID tags should be disabled by default at the checkout counter; (3) RFID tags should be placed on the product's packaging instead of on the product when possible; and (4) RFID tags should be readily visible and easily removable.[91] The first and third suggestions serve to give a consumer notice of potential RFID tracking. As such, these suggestions are not inconsistent with what RFID technology users are trying to accomplish, namely, tracking objects as they move through the supply chain. Moreover, they provide a way for consumers to become aware of potential privacy risks and provide a means to protect their privacy. The second and fourth suggestions give the consumer the ability to prevent tracking outside of its intended area, namely, beyond the point of purchase. Again, this is not inconsistent with the intended RFID use; furthermore it provides a way for consumers to make sure that any purchased items will not be subject to misuse by RFID users or other parties.
Another suggestion is that RFID technology users respect the confidentiality of consumers.[92] For example, a store should notify a consumer if it wants to share consumer data with another vendor or possibly the government, whether for profit or for non-profit reasons. On a related note, data collectors should tell consumers when, where and how and for what purpose data was collected.[93] And finally, the ability of data collectors to manipulate such collected information should be limited if not outright prohibited.
These are but preliminary suggestions to take into consideration. The key is to balance the enormous economic ability of RFID technology to streamline the supply-chain side of business against the potential abuses of data tracking of consumers. This balance must be measured against the broader issue of regulation. As of now, the industry is fairly self-regulated,[94] but it does appear that the government is starting to get more involved.[95] Again, here a balance must be struck between a laissez-faire approach that might let tracking information abuse run amuck and a governmental regulation approach that might stifle this economically and technologically beneficial technology. Guidelines that attempt to strike this balance are provided below.
Proposed Guidelines For Use of RFID Technology: Enumerating the Rights and Duties of Consumers and Private Enterprises
Introduction
These Guidelines were prepared for EPIC (Electronic Privacy Information Center). Thus, they strive to coincide with EPIC's mission statement, which is "to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values."[96]
The guidelines are proposed to guide the use of RFID (Radio Frequency Identification) technology in order to balance private enterprise interests against consumer privacy interests. This means that these guidelines do not address protection of consumer privacy from any governmental action. Rather these guidelines seek to protect consumer privacy from private, namely, business enterprises. Protection against government invasion of privacy is assumed to be protected by the 4th Amendment and other Constitutional and statutory provisions, such as The Privacy Act of 1974, The Electronic Communications Privacy Act of 1986 (ECPA), The Foreign Intelligence Surveillance Act of 1978 (FISA), and the like.In the balancing of consumer privacy interests and private enterprise interests, the latter are assumed to include but are not limited to efficiency gains in supply-chain improvements, transportation and logistics, manufacturing and processing, and security. Specifically, the following are examples where RFID technology may be employed:
- Electronic article surveillance in clothing retail outlets
- Protection of valuable equipment against theft
- Controlled access to vehicles, parking areas and fuel facilities
- Automated toll collection for roads and bridges
- Controlled access of personnel to secure or hazardous locations
- Time and attendance to replace conventional "slot card" time keeping systems
- Animal husbandry in supporting individualized feeding programs
- Automatic identification of tools in numerically controlled machines in order to facilitate condition monitoring of tools, for use in managing tool usage and minimizing waste due to excessive machine tool wear
- Identification of product variants and process control in flexible manufacture systems
- Electronic monitoring of offenders at home Vehicle and anti-theft systems and car immobilizer[97]
Consumer interests in protecting privacy vary widely. Generally speaking, they include but are not limited to such practices as tracking of consumers through RFID tags, using information gathered by RFID systems without the knowledge and choice of consumers, and sharing of that information with third parties. Specifically, the following are examples, from a privacy perspective, when RFID technology may be misused:
- Tracking individuals via the tagged items they carry, posses, own, etc.
- Profiling individuals by associating personal information with tag data
- Reading of individual's tags by third parties
- Hidden use of RFID technology, whether tags or readers, without the knowledge or consent of individuals
- Unique Identifiers for just about any object that can allow tracking, profiling, and other privacy invasive practice
- Massive data aggregation allowing profiling
These guidelines are divided into three parts. Part I addresses the duties of private enterprises that use RFID technology in an analogous way to barcodes. Hence, it imposes the minimum and least burdensome requirements on such RFID users, recognizing the above listed advantages that RFID technology can provide while at the same time addressing privacy concerns. Part II, addresses the duties of private enterprises who go a step further and use RFID technology in an analogous way to loyalty cards, where personal information is associated with data stored on RFID tags to potentially obtain a profile of a consumer. For example, in this part written consent is required from a consumerunlike when a private enterprise in Part I is merely collecting information that is aggregate in nature and does not personally identify an individual. Finally, Part III states the rights of consumers who are exposed to RFID technology and incorporates the duties stated in Parts I and II.
One important observation must be made regarding the use of the words "right" and "duty" throughout these guidelines. These are words with legal overtones, meant to define the relationship of private enterprises to consumers, but they are also used in such a way as to most clearly convey their ordinary plain English usage. The word "right" is correlative of the word "duty." That is, both words exist together as a pair. Thus, if one person has a "right," another person necessarily has a "duty," otherwise a "right" without a "duty" is meaninglessand vice versa. One word expresses the relationship of person A to person B, while the other word expresses the relationship of person B to person A. The guidelines are structured in such a way as to highlight such relationships.
For example, the guidelines impose a "duty" on private enterprises to give consumers notice of RFID tag presence. With this "duty" comes the correlative "right" of consumers to have notice of RFID tag presence. The guidelines express notice as a "duty" to emphasize the obligation a private enterprise has towards a consumer. Thus, the focus here is on the private enterprise and what it must do for the consumer. Conversely, the "right" of a consumer to access information gathered by an RFID system is expressed as such to emphasize what a consumer can do given the correlative "duty" of a private enterprise. Thus, the focus here is on the consumer.
Definitions
"RFID" means Radio Frequency Identification.
"Tag" means a portable device, capable of receiving data from or transmitting data to a Reader.
"Reader" means a device, capable of reading data from a tag or transmitting data to a RFID tag.
"Individual" means any human that comes in contact with a product that has attached to it or contains an RFID tag.
"User" means an RFID operator, such as a store, warehouse, hospital, and the like, who employs RFID technology, including RFID readers and tags.
"Premises" means a store, a warehouse, a hospital, or any other such equivalent space that encompass RFID tags and the readers that communicate with them.
Guidelines
I. Duties of A User Employing RFID Systems That Do Not Gather Data About Individuals
A. A user employing an RFID system shall:
1. Give notice to an individual of tag presence, whether through labels, logos, or equivalent means, or through display, either at the place where a tagged item is stored, such as a shelf or counter, or at point of sale, such as a cash register. The notice shall be reasonably conspicuous to the individual.
2. Turn off tags before the completion of sale of a tagged item, where turning off a tag means disabling it permanently, unless an individual chooses to leave it active for such benefits as warranty tracking, loss recovery, or compliance with smart appliances. If the choice of an individual is not known, by default, a tag shall be turned off. Once a tag is turned off it cannot be turned on again without the consent of an individual.
3. Attach tags to items in such a way as to allow for the easiest possible removal of tags.
4. Designate at least one person who is accountable for the user's compliance with these guidelines.
B. A user employing an RFID system shall not:
1. Track the movement of individuals via tagged items on the premises or outside the premises where an RFID system is employed to obtain individual shopping habits or any other such information obtainable through tracking, even upon suspicion of such activities as fraud or shoplifting.
2. Record or store tag data from tags that do not belong to the user, or from tags that have been already purchased.
3. Coerce individuals to keep tags turned on after purchase for such benefits as warranty tracking, loss recovery, or compliance with smart appliances.
II. Duties of A User Employing RFID Systems That Can Gather Personal Data About Individuals
A. A user employing RFID tags in such a way as to gather data about individuals, in addition to the duties listed above in section I, shall:
1. Obtain written consent from an individual before any personally identifiable information of the individual, including name, address, telephone number, credit number, and the like, is attached to, stored with, or otherwise associated with data collected via the RFID System and at least:
a. Inform individuals about the purpose of associating gathered data with personal information and specify that purpose before such attaching, storing, or association.
b. Inform individuals about the scope of use of gathered data, whether the use is limited to the user's own interests or whether it extends to third parties.
2. Obtain separate written consent from an individual before any personally identifiable information about the individual collected by an RFID system is shared with a third party.
3. At least not require individuals to provide unnecessary personal information as a precondition of a transaction and allow individuals who so desire to enroll anonymously in any RFID data gathering project.
4. Take reasonable measures to ensure that any individual data collected via an RFID system is transmitted and stored in a secure manner, and that access to the data is limited to those individuals needed to operate and maintain the RFID system
5. Keep gathered data accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.
6. Keep data only as long as it is necessary for the purpose for which the data was associated with personal information
7. Make readily available to individuals, through the internet or other equivalent means, specific information about its policies and practices relating to its handling of personal information. Any personally identifiable information itself shall be provided to an individual upon written request of the individual in a secure manner.
III. Rights of An Individual When RFID Systems Are Used
A. An individual shall have the following rights in addition to duties of the user listed above in sections I and II:
1. To access data containing personally identifiable information collected through an RFID system and the opportunity to make corrections to that information
2. To have tags removed from tagged items when it is reasonably practical to do so without compromising or destroying the item itself.
3. To challenge the compliance of users employing RFID systems with the person who is accountable under Section I when any of the above listed duties are not fulfilled or rights are violated.
Web Sites
The following are some useful web sites to further refine RFID and privacy guidelines.Electronic Privacy Information Center (EPIC)
Consumers Against Supermarket Privacy Invasion and Numbering (CASPIAN)
Privacy Rights Clearinghouse (containing links to numerous privacy organizations)
Canadian Standards Association (CSA). 1995. "Model Code for the Protection of Personal Information". CAN/CSA-Q830-1995 Rexdale: CSA.
Organization of Economic Cooperation and Development, 1980
RFID Privacy Workshop @ MIT: November 15, 2003 (containing numerous RFID/privacy sources)
Association for Automatic Identification and Mobility (AIM) (industry trade group)
EPC Global (standards setting organization)
Electronic Frontier Foundation
Lexis.com (containing CA, MO, and UT RFID bills introduced in the 2004 session)
FTC (upcoming RFID workshop)
* Greg Plichta is a student at the University of Washington School of Law.
[1] I would like to thank Chris Hoofnagle, Associate Director of the Electronic Privacy Information Center (EPIC), for his insightful comments on this paper. See http://www.epic.org/epic/staff/hoofnagle/.
[2] The history of RFID in this section is based on a publication by Dr. Jeremy Landt, Shrouds of Time: The history of RFID, The Association for Automatic Identification and Data Capture Technologies (AIM), at http://www.aimglobal.org/technologies/rfid/resources/shrouds_of_time.pdf. Landt was one of the original five scientists at Los Alamos National Laboratories who developed RFID technology for the federal government.
[3] Id.
[4] Numerous leading technology companies are starting to apply RFID technology to various uses. Generally, see CNET News.com Staff, Survey: IT managers say they'll increase spending, CNET News.com (May 10, 2004), at http://news.com.com/2100-1022_3-5209435.html (reporting that "[t]hirty-one percent of companies, mostly manufacturing and retail and wholesale companies, said they would increase RFID … deployment through the year"); Specifically, see Alorie Gilbert, Oracle update gets tailored to industries, CNET News.com (Jan. 28, 2004), at http://zdnet.com.com/2100-1104_2-5149550.html; Alorie Gilbert, PeopleSoft gussies up inventory tools, CNET News.com (Feb. 23, 2004), at http://zdnet.com.com/2100-1104_2-5163677.html; News, Gillette Confirms RFID Purchase, RFID Journal (Jan. 7, 2003), at http://www.rfidjournal.com/article/articleview/258/1/1/; Matt Hines, HP debuts RFID services, CNET News.com (May 10, 2004), at http://news.com.com/2100-1011_3-5209394.html; Matt Hines, RSA polishes RFID shield, CNET News.com (Feb. 24, 2004), at http://news.com.com/RSA+polishes+RFID+shield/2100-1029_3-5164014.html; Adam Zawel, IBM, Sun put RFID to the test, ZD Net News (Apr. 29, 2004), at http://zdnet.com.com/2110-1103_2-5202069.html; Marguerite Reardon, Microsoft hops on the RFID bandwagon, ZD Net News (Jan. 26, 2004), at http://news.com.com/2100-7343-5147145.html; Alorie Gilbert, VeriSign chosen to run RFID tag network, CNET News.com (Jan. 13, 2004), at http://news.com.com/2100-1011_3-5140552.html; News, Sony, Philips to Test RFID Platform, RFID Journal (May 8, 2003), at http://www.rfidjournal.com/article/articleview/404/1/1/.
[5] Numerous countries are also starting to apply RFID technology: E.g., see News Software, China gears up for RFID, CNET News.com, Feb. 6, 2004, at http://news.com.com/2100-1008_3-5154776.html; Alorie Gilbert, RFID tags get a push in Germany, CNET News.com, Jan. 12, 2004, at http://zdnet.com.com/2100-1104_2-5139627.html;
[6] Brad Stone, In Your Cereal?, Newsweek (Sept. 29 issue), available at http://msnbc.msn.com/id/3068859/ (reporting that RFID firms say they've already manufactured several hundred million chips over the past decade).
[7] Jo Best, Retailers make waves for RFID, Silicon.com (April 29, 2004), at http://zdnet.com.com/2100-1103_2-5201866.html; Alorie Gilbert, Major retailers to test ‘smart shelves', CNET News.com (Jan. 8, 2003), at http://news.com.com/2100-1017-979710.html; Barnaby J. Feder, Wal-Mart Plan Cost Suppliers Millions, The New York Times Online, available at http://www.nytimes.com/2003/11/10/technology/10radio.html; Andy McCue, U.K. retailer tests radio ID tags, CNET News.com (Oct. 16, 2003), at http://news.com.com/2100-1039_3-5092460.html.
[8] Alorie Gilbert, MIT winds down radio tag activity, CNET News.com (Oct. 23, 2003), at http://news.com.com/2100-1008-5095957.html.
[9] Id.
[10] See footnotes 4 and 5. Cf. Thomas Claburn, Privacy Fears May Slow RFID Progress, InformationWeek (Mar. 8, 2004), at http://informationweek.securitypipeline.com/news/18311264 ("Without a comprehensive understanding and approach to the legislation of such technologies [as RFID] ... legislators risk ineffective and perhaps detrimentally reactionary legislation.").
[11] Matt Hines, Roadblocks could slow RFID, CNET News.com (Feb. 19, 2004), at http://news.com.com/2100-1008-5161278.html (reporting that companies may need to rethink their software infrastructure in order for RFID to work properly; one example is making sure that back-end databases and business applications can handle the massive amounts of information generated by RFID-enabled systems); Ron Coates, Setback for Wal-Mart's RFID project, Silicon.com (Mar. 29, 2004), at http://zdnet.com.com/2100-1103_2-5181244.html; Matt Hines, Companies' RFID plans fuzzy so far, CNET News.com (Apr. 15, 2004), at http://news.com.com/2100-1012_3-5192080.html?type=pt&part=inv&tag=feed&subj=news.
[12] As discussed later on in this paper, states like California, Missouri, and Utah have introduced RFID legislation. See Mark Roberti, The Law of the Land, RFID Journal (Mar. 1, 2004), at http://www.rfidjournal.com/article/articleview/811/1/2/. Federal legislation protecting consumer privacy may also be on the way. See Grant Gross, RFID and privacy: Debate heating up in Washington, InfoWorld (Mar. 28, 2004), at http://www.infoworld.com/article/04/05/28/HNrfidprivacy_1.html.
[13] This section (II) is generally based on Klaus Finkenzeller's introductory text to RFID technology: Klaus Finkenzeller, RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification (Rachel Waddington trans., John Wiley & Son, Ltd. 1999).
[14] Munir Kotadia, Government may regulate RFID use, ZD Net News, at http://news.zdnet.co.uk/business/legal/0,39020651,39115376,00.htm. Cf. EPIC's observation that the RFID technology represents a "fundamental increase in the complexity of cyberspace or as an extension of the Internet and electronic computer networks, rather than as an improvement over bar codes. Although the use of RFID to overcome the logistical limitations of the bar code system has been a major driver of commercial implementation, RFID applications clearly go far beyond anything ever envisioned in supply chain and inventory management."
[15] Brad Stone, In Your Cereal?, Newsweek (Sept. 29 issue), available at http://msnbc.msn.com/id/3068859/ (reporting that barcodes save the food industry $17 billion per year, or 50 times the savings initially forecast).
[16] Finkenzeller, at 1.
[17] For a quick introduction to RFID technology, see Raghu Das, RFID Explained, Free IDTechEx White Paper, at http://www.idii.com/wp/IDTechExRFID.pdf.
[18] The "Energy" arrow in Fig. 1, represents energy that is being supplied to a passive tag. Tags with batteries may not need this, or at least need not rely solely on the Reader to provide energy. For an introduction to the distinction between passive and active RFID technology, see Part 1: Active and Passive RFID: Two Distinct, But Complementary, Technologies for Real-Time Supply Chain Visibility, at http://www.autoid.org/2002_Documents/sc31_wg4/docs_501-520/520_18000-7_WhitePaper.pdf (Active RFIDs can have a range of 100 meters or more, while passive RFIDs typically have a range of 3 meters or less); Alorie Gilbert, RFID goes to war, CNET News.com (Mar. 22, 2004), at http://news.com.com/2008-1006_3-5176246.html ("On the passive side, the reader read best at about 30 feet …. On the active side, it is already reading at 300 yards").
[19] Finkenzeller, at 8.
[20] Cf. footnote 18 (citing articles that give ranges of 100 meter and 300 yards for active tags, and anywhere from 3 meters to 30 feet » 10 meters for passive tags).
[21] Id. at 7 and 276.
[22] Although, RFID technology doesn't work well around metals and liquids. Alorie Gilbert, RFID goes to war, CNET News.com (Mar. 22, 2004), at http://news.com.com/2008-1006_3-5176246.html.
[23] FINKENZELLER, at 7. But, according to Part 1: Active and Passive RFID… in footnote 18, active RFID readers operate up to the range of 2400 MHz.
[24] Id. at 7. Finkenzeller actually considers unauthorized access to data "impossible" in Table 1.1., but that may be overstating it.
[25] Id. at 151.
[26] Id. at 151.
[27] I would like to thank Chris Hoofnagle for making this suggestion.
[28] Tom Krazit, Despite cost pressures, RFID tags gaining, InfoWorld (Jun. 8, 2004), at http://www.infoworld.com/article/04/06/08/HNrfidtagsgain_1.html.
[29] John Carroll, The Wonders of RFID, ZD Net News (Jan. 12, 2004), at http://zdnet.com.com/2100-1107_2-5139151.html (reporting that the current price of $0.20 cents per tag, which doesn't include the cost of the antenna and packaging for the chip, will go down to $0.05 cents per tag); Matt Hines, Wall-Mart Turns on Radio Tags, Apr. 30, 2004, CNET News.com (Apr. 30, 2004), at http://news.com.com/2100-1012_3-5202240.html (reporting that "tags have dropped from an average of 60 cents per unit to roughly 20 cents per tag over the last year, and … [the] EPC standards adoption [is expected] to drive that price down even further").
[30] Jack M. Germain, RFID Tags and the Question of Personal Privacy, TechNewsWorld, at http://www.technewsworld.com/story/32161.html; Finkenzeller, at 1; Jay Cline, RFID Privacy Scare is Overblown, Computerworld (Mar. 15, 2004), at http://www.computerworld.com/securitytopics/security/story/0,10801,91125,00.html; Cf. Matt Hines, HP debuts RFID services, CNET News.com (May 10, 2004), at http://news.com.com/2100-1011_3-5209394.html (HP estimates that the RFID market will grow to more than $3 billion by 2008).
[31] It certainly seems that way, in large part to the efforts of many privacy advocate groups. There are, of course, other issues that are just as important on the technological side of RFID, but which don't capture the public imagination to the same extent. See Mark Palmer, Overcoming the challenges of RFID, ZD Net News (Feb. 27, 2004), at http://zdnet.com.com/2100-1107_2-5165705.html (arguing that realizing the benefits of RFID technology requires addressing three key issues: 1) The need to change business processes that RFID deployments will prompt, 2) software architectures require an overhaul to deal with the influx of RFID generated data, and 3) RFID standards, both industry and de facto, have to mature).
[32] For an sound analysis of privacy issues surrounding location-tracking technology, see James C. White, People, Not Places: A Policy Framework for Analyzing Location Privacy Issues, Masters Memo Prepared for the Electronic Privacy Information Center, 2003.
[33] In numerous articles, the size of an RFID tag is described as being on the order of a "grain of sand," but this is somewhat misleading. While the integrated circuit of an RFID tag can be on the order of a grain of sand, its coupling element, namely, the antenna, is typically a lot bigger. See Future RFID technology - Real Soon Now in RFID tag Privacy Concerns, at http://www.spy.org.uk/cgi-bin/rfid.pl (showing pictures of RFID integrated circuits, the relative size of the circuits to their antennas, and pointing out that "The RFID chips, although physically ‘like grains of sand' need much larger antennas to grab enough electrical energy to power them up and to transmit their serial ID information."). And yet, as Chris Hoofnagle points out, tags may shrink even further, despite antenna limitations, because the product itself could become an antenna.
[34] Declan McCullagh, RFID tags: Big Brother in small packages, CNET News.com (Jan. 13, 2003), at http://news.com.com/2010-1069-980325.html.
[35] Joe Garofoli and Pamela J. Podger, Ethics of library tag plan doubted, The San Francisco Chronicle (Oct. 6, 2003), available at http://www.worthingtonlibraries.org/Trends/TrendTrackingDetails.cfm?id=50
[36] Id.
[37] Id.
[38] Obviously, anytime a patron checks out any library items, such a transactions is stored somewhere in a database and thus this information is subject to misuse by the same hackers and law enforcement officials as when RFID technology is involved. However, the difference is that RFID technology allows for those interested to follow patrons after they have left the library and not merely at the point of check-out. Furthermore, laws or opinions of attorneys general in all 50 states provide some protection for library circulation records from police inspection. See Chris Jay Hoofnagle, Digital Rights Management: Many Technical Controls on Digital Content Distribution Can Create A Surveillance Society, 5 Colum. Sci. & Tech. L. Rev. (Forthcoming Spring 2004).
[39] Lester Haines, EC moots trackable cyber euro, The Register (May 23, 2003), at http://www.theregister.co.uk/2003/05/23/ec_moots_trackable_cyber_euro/. As the article points out, such tagged money could be further enhanced to talk to blind people and confused octogenarians: "No dear, I'm a fifty. Put me back in your purse and look for a five."
[40] Id.
[41] Id.
[42] Declan McCullagh, Cash and the 'Carry Tax', Wired News (Oct. 27, 1999), at http://www.wired.com/news/politics/0%2C1283%2C32121-1%2C00.html.
[43] Id.
[44] These uses are "creative" in the sense that they may not be practicable. As one author observes that "[t]he technical problems presented in trying to discriminate each individual RFID tag in a stack of banknotes are formidable. How do you stop the RFID antennas from interfering with each other when hundreds of them might be stacked one on top of the other ? Random placement of RFID tags in a banknote would surely cause lots of counterfeit false alerts, they will have to be in a standard position, only separated by the two halves of the thickness of adjacent pieces of banknote paper i.e. much less than the wave length of the radio signals." RFID in banknotes unlikely to work as feared in RFID TAG PRIVACY CONCERNS, at http://www.spy.org.uk/cgi-bin/rfid.pl.
[45] News, Michelin Embeds RFID Tags in Tires, RFID Journal (Jan. 17, 2003), at http://www.rfidjournal.com/article/articleview/269/1/1/
[46] Mocking the privacy concern of some activists, one author noted the following: "In this report [submitted by privacy groups], RFID readers on freeways read tags embedded in shoes and transmit the information to satellites. Yes, shoe-tracking satellites circling the globe." Jim Harper, Privacilla Criticizes Anti-Commercial Screed Against RFID Tags, Privacilla Organization (Nov. 14, 2003), at http://www.privacilla.org/releases/press027.html.
[47] News, Singapore Fights SARS with RFID, RFID Journal, available at
http://www.rfidjournal.com/article/articleview/446/1/1/
[48] Demir Barlas, Let's Get Chipped, Line 56 (Apr. 25, 2003), at http://www.line56.com/articles/default.asp?NewsID=4609
[49] Id.
[50] Id.
[51] Kris Maher, Companies Monitor Workers With New Tracking Systems, RFID Privacy Organization, at http://www.rfidprivacy.org/papers/smith/index.htm
[52] Id.
[53] Barnaby J. Feder, Wal-Mart Plan Cost Suppliers Millions, The New York Times Online (Nov. 10, 2003), available at http://www.nytimes.com/2003/11/10/technology/10radio.html (Although the plan will cost millions, Wal-Mart said it would confine the initial rollout of the technology to three distribution centers and 150 stores in Texas). Moreover, Wal-Mart has suffered some setbacks regarding this ambitious plan. Ron Coates, Setback for Wal-Mart's RFID project, Silicon.com (Mar. 29, 2004), at http://zdnet.com.com/2100-1103_2-5181244.html.
[54] Feder, at http://www.nytimes.com/2003/11/10/technology/10radio.html. Such efficiency will also probably result in a loss of jobs, but that is another issue.
[55] Andy McCue, U.K. retailer tests radio ID tags, CNET News.com (Oct. 16, 2003), at
http://news.com.com/2100-1039-5092460.html. A rather passionate privacy advocate, Katharine Albrecht, has stated that: "retailers have simply chosen to ignore the serious privacy and health concerns of their customers." Marks & Spencer Moves Forward with RFID Trials CASPIAN says, "M & S responsible, but setting a dangerous precedent", CASPIAN web site (Oct. 15, 2003), at http://www.spychips.com/marks_and_spencer.htm.
[56] Matt Hines, Wal-Mart Turns On Radio Tags, CNET News.com (April 30, 2004), at http://news.com.com/Wal-Mart+turns+on+radio+tags/2100-1012_3-5202240.html.
[57] Id.
[58] Id.
[59] Id.
[60] Alorie Gilbert, MIT winds down radio tag activity, CNET News.com (Oct. 23, 2003), at http://news.com.com/2100-1008-5095957.html.
[61] Id.
[62] Matthew Broersma, Defense Department drafts RFID policy, CNET News.com (Oct. 24, 2003), at http://news.com.com/2100-1008-5097050.html. According to Alan Estevez, interviewed by Alorie Gilbert, RFID goes to war, CNET News.com (Mar. 22, 2004), at http://news.com.com/2008-1006_3-5176246.html, the Department of Defense has 46,000 suppliers, and this RFID policy touches all of them.
[63] According to Alan Estevez, the Department of Defense has probably spent $100 million over the last 10 years on active RFID implementation. Gilbert, RFID goes to war, CNET News.com (Mar. 22, 2004), at http://news.com.com/2008-1006_3-5176246.html.
[64] The FDA is also becoming involved with RFID technology: "The Food and Drug Administration recently encouraged the pharmaceutical industry to use the technology to help curb the counterfeit drug trade," Alorie Gilbert, Tracking Tags May Get Congressional Scrutiny, CNET News.com (Mar. 24, 2004), at http://news.com.com/2100-1008_3-5178859.html; Alorie Gilbert, FDA endorses ID tags for drugmakers, CNET News.com (Feb. 18, 2004), at http://att.com.com/2100-1008-5161220.html.
[65] Alorie Gilbert, RFID goes to war, CNET News.com (Mar. 22, 2004), at http://news.com.com/2008-1006_3-5176246.html.
[66] But then again, there's no real reason why soldiers would need to remove RFID tags, since privacy in the context of the military is not as troubling as it is in the private sector.
[67] On April 29, 2004, the California state Senate voted to approve a measure (SB 1834) that sets privacy standards for use of RFID technology in stores and libraries. It passed the measure by a vote of 22 to 8. The bill now goes on to the Assembly where it will be head in June. Richard Shim, Calif. Senate passes RFID measure, CNET News.com (April 30, 2004), at http://news.com.com/2110-1008_3-5203428.html.
[68] Susan Kuchinskas, California Scrutinizes RFID Privacy, siliconvalley.internet.com (Aug. 15, 2003), at http://siliconvalley.internet.com/news/article.php/3064511; Alorie Gilbert, Privacy Advocates Call For RFID Regulation (Aug. 18, 2003), at http://zdnet.com.com/2100-1105_2-5065388.html.
[69] Id.
[70] Id.
[71] Munir Kotadia, Government may regulate RFID use, ZD Net News, at http://news.zdnet.co.uk/business/legal/0,39020651,39115376,00.htm
[72] Id.
[73] Id. Watson noted that RFID tags "offer profound challenges to the civil liberties of people… [that's why] I'm going to try and secure a debate in parliament about them."
[74] Id.
[75] Although, the FTC is currently seeking comments and requests to join a June 21 workshop looking at consumer uses and impacts of RFID technology. Richard Shim, FTC to explore RFID consumer implications, CNET News.com (Apr. 12, 2004), at http://news.com.com/2110-7343_3-5190155.html?part=rss&tag=feed&subj=news
[76] For some more "exotic" examples of RFID use, see Ephraim Schwartz, Reality Check, InfoWorld (Feb. 13, 2004), http://home.netcom.com/~hal55/id55.html.
[77] Matthew Broersma, RFID Chips Sent to the Dry Cleaners, ZD Net News (UK) (Aug. 12, 2003), at http://zdnet.com.com/2100-1103_2-5062542.html (reporting that chipmaker Texas Instruments announced a wireless identity chip for clothing which can survive the dry cleaning process).
[78] Grant Gross, RFID And Privacy: Debate Heating Up in Washington, InfoWorld (May 28, 2004), http://www.infoworld.com/article/04/05/28/HNrfidprivacy_1.html.
[79] As mentioned, the Auto-ID Center disbanded in late 2003, having fulfilled its mission. Alorie Gilbert, MIT winds down radio tag activity, CNET News.com (Oct. 23, 2003), at http://news.com.com/2100-1008-5095957.html.
[80] Jennifer Maselli, Privacy Group Focuses on RFID, RFID Journal (Aug. 26, 2003), available at http://www.rfidjournal.com/article/articleview/547/1/1/. See Also Alorie Gilbert, Tracking Tags May Get Congressional Scrutiny, CNET News.com (Mar. 24, 2004), at http://news.com.com/2100-1008_3-5178859.html
[81] Jennifer Maselli, at http://www.rfidjournal.com/article/articleview/547/1/1/.
[82] Alorie Gilbert, ‘Smart shelf' test triggers fresh criticism, CNET News.com (Nov. 14, 2003), at http://news.com.com/2100-1017-5107918.html.
[83] John Carroll, The wonders of RFID, ZD Net News (Jan. 12, 2004), at http://zdnet.com.com/2100-1107_2-5139151.html
[84] Although RFID tags can act as barcodes, they can be read by readers, intended or not, from a distance, thus their use does not exactly raise the same privacy concerns.
[85] Mary Deibel, Some Shoppers Just Aren't Buying Grocery Discount Cards, SimplyFamily, at http://www.simplyfamily.com/display.cfm?articleID=grocery_discount.cfm
[86] Alorie Gilbert, Tracking Tags May Get Congressional Scrutiny, CNET News.com (Mar. 24, 2004), at http://news.com.com/2100-1008_3-5178859.html. See Also Jaikumar Vijayan, Use of RFID Raises Privacy Concerns, Computerworld (Sept. 1, 2003), available at http://www.computerworld.com/securitytopics/security/privacy/story/0,10801,84515,00.html.
[87] Id. (noting that "A Democratic senator [Sen. Patrick Leahy, D-Vt] has called for a congressional hearing on [RFID] … tracking technology that has alarmed consumer privacy advocates." And yet, a "hearing at the federal level is not likely before the end of the year, a Leahy representative said.").
[88] See e.g. Scott McNealy, Scott McNealy on RFID and Privacy, at http://www.sun.com/aboutsun/media/presskits/nrf2004/BMscottmcnealyrfid.pdf (arguing that privacy concern is no greater than conventional mail, where "[w]e write our innermost thoughts, unencrypted, on a piece of paper, which we seal inside a thin paper envelope … [t]hen we write our name and address, and those of the recipient … [t]hen we put the whole thing in a tin box … [t]hen we trust a government worker to take that letter and somehow get it to another tin box somewhere else in the world … and you don't hear folks complaining about it [the potential privacy invasion]." Cf. Harry A. Valetk, Mastering the Dark Arts of Cyberspace: A Quest for Sound Internet Safety Policies, 2004 Stan. Tech. L. Rev. 2 (2004) (pointing out that "critics fear RFID system would expose consumers to needless risk by allowing tech-savvy burglars to inventory a victim's house from a distance. In some instances, RFID systems could also pose a fatal threat, if stalkers manage to adapt the technology to monitor a victim's belongings, embedded with RFID microchips, and track their whereabouts."); Helen Nissenbaum, Symposium: Technology, Values, and The Justice System: Privacy As Contextual Integrity, 79 Wash. L. Rev. 119 (2004) (noting that "[u]less RFID tags are designed specifically to allow for easy detection and disabling, discretion is removed from the customer and placed into the hand of information gatherers.").
[89] Matt Hines, Wal-Mart Turns On Radio Tags, CNET News.com (April 30, 2004), at http://news.com.com/Wal-Mart+turns+on+radio+tags/2100-1012_3-5202240.html ("‘We can certainly understand and appreciate consumer concern about privacy,' Linda Dillman, Wal-Mart's chief information officer, said in a statement."); See Also News, EPC Privacy Principles to Evolve, RFID Journal (Dec. 8, 2003), at http://www.rfidjournal.com/article/articleview/678/1/1/.
[90] The use of RFID tags in post-sale use may be done for warranty purposes.
[91] Declan McCullagh, RFID tags: Big Brother in small packages, CNET News.com (Jan. 13, 2003), at http://news.com.com/2010-1069-980325.html.
[92] Rakesh Kumar, Interaction of RFID Technology and Public Policy, RFID Privacy Workshop @ MIT: November 15, 2003 (Nov. 15, 2003), at http://www.rfidprivacy.org/papers/kumar-interaction.pdf.
[93] Simon Garfinkel, An RFID Bill of Rights, Technology Review, Oct. 2002, at http://www.simson.net/clips/2002.TR.10.RFID_Bill_Of_Rights.htm. See Also Catherine Albrecht, RFID Right to Know Act of 2003, CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering) web site, at http://www.nocards.org/rfid/rfidbill.shtml; Beth Givens, Testimony to Joint Committee on Preparing California for the 21st Century, California Legislature, Privacy Rights Clearinghouse (Aug. 18, 2003), at http://www.privacyrights.org/ar/RFIDHearing.htm.
[94] See Mark Roberti, New Rules of the Game, RFID Journal, available at http://www.rfidjournal.com/article/articleview/820/1/2/ arguing for self-regulation since "[i]n the end, no businessperson wants to lose a customer [and] … [n]o CEO wants to see the company's brand tarnished or its stock price take a hit over bad publicity … companies are not going to go around surreptitiously spying on their customers because if they do, the only revenue they will increase will be that of their competitors." Cf. John Wehr of RFIDnews.org, commenting that "corporations regularly commit appalling abuses of consumer privacy to little or no resistence"; and Peter Winer commenting that Mark Roberti's "argument works well for companies, but not for governments who can deploy RFID at will without fear of alienating the public," on RFIDbuzz.com (Mar. 12, 2004), at http://www.rfidbuzz.com/news/2004/rfid_and_privacy_market_or_legal_regulation.html
[95] Claire Swedberg, Sen. Leahy Voices RFID Concerns, RFID Journal (Mar. 24, 2004), at http://www.rfidjournal.com/article/articleview/843/1/1/.
[96] EPIC mission statement: http://www.epic.org/epic/about.html.
[97] Kumar, Rakesh, Interaction of RFID Technology And Public Policy, Paper presentation at RFID Privacy Workshop @ MIT, Massachusetts (Nov. 15, 2003), available at www.rfidprivacy.org/papers/kumar-interaction.pdf.
EPIC Privacy Page | EPIC Home Page Last Updated: June 16, 2004
Page URL: http://www.epic.org/privacy/rfid/rfidplichta.html