Slashdot Mirror
Utah Leads the Way Toward RFID Privacy Legislation
An anonymous reader writes "Wired News reports that Utah's House of Representatives passed the first-ever RFID privacy bill this week, 47-23. Utah state Rep. David Hogue said that without laws to ensure consumer privacy, retailers will be tempted to match the data gathered by RFID readers with consumers' personal information. 'The RFID industry will carry the technology as far as they can,' said Hogue, sponsor of the Radio Frequency Identification Right to Know Act. 'Marketing people especially are going to love this kind of stuff.'"
Has RFID users formed their own lobby yet? Retailers have their own. Notice how powerful Walmart is in that respect. They will just lobby the US Congress to create an over-riding law allowing RFIDs to be used as the retailers see fit. Vote smarter next time around and everyone vote!
A tech law in advance of the tech.
That's the way it should be, rather than trying to throw together a hack job after the tech has been around for a while.
hi. I'm Troy McClure. You might remember me from such RFID-paranoia movies as "1984 mhz" and "My Radio Receiver Knows what you Did Last Summer"
I mean who wants your retailer to know when you buy condoms or somethng equally personal. Really, technologically speaking, we are not far from the thought police at all.
Can I bum a sig?
Thanx for listening,
Consumer 0556672GXX89F2
Roving Web-Teleoperated Robot
Nice for them... Now if they can control what thier senator wants to do on a national level then we can talk...
I wrote a letter to NewEgg, asking them to stop using HTTP Referrer on their site, because I thought it a privacy concern. Their response: "Unfortunately the HTTP Referrer Header cannot be eliminated because it is an essential tool for our Marketing Department used to monitor where we are getting our web traffic from so that we can improve future campaigns to focus on more specific demographics. Please accept our humblest apologies for any inconvenience." I have tried not to shop at NewEgg ever since, because the idea of gathering information on my web viewing habits WITHOUT informing me, and without my consent, really does bother me.
My main point here though is that this is just one example of how marketing people will do ANYTHING to gather information about people. Without a privacy policy, I think the folks in Utah are right, things like RFID will be used to gather personal information about consumers.
"I mean who wants your retailer to know when you buy condoms ...."
If you believe anyone is going to track condom usage with RFID, I suggest you wrap your willie in tin foil the next time you have sex. Since that is likely to be sometime around 2015, you have plenty of time to prepare.
Complain all you want, but when voters care, issues happen.
My uninformed opinion of Utah is that there attitude is kinda like.
"We protect our own, you outsiders go away"
Note that there is interest from California, and Massachusetts.
They point out the Senator from Massachusetts sponsored an antispam bill. Even if the bill wasn't perfect, it did pass, and at least he is trying to do something. Perhaps with the right help he can do better with RFID?
Is there such a thing as an RFID tag locator? Could someone electronically-savvy pitch in on this? Can I have a little device that beeps louder as it gets closer to a tag?
Why come out with a new law each time there is a new form of technology? Just make it illegal to use ANY electronic database to surreptitiously track people. This can include facial recognition, RFID, gait recognition, electronic nose systems, cell phone triangulation, licence plate OCR, or any possible unforseen technological advances.
but unless others follow suit, I now have a reason to move to...
Utah...
*shudders*
"This is Zombo Com, and welcome to you who have come to Zombo Com" - www.zombo.com
We've already seen Budweiser push for all the info they can get without these tags... I'm sure RFID is soon to follow.
At least they won't be able to invade your spending habits this way, and I'm sure legislation will come to dissallow their current manner of tracking if it deeply affects consumer rights.
Technology like this is beginning to infringe on our privacy though... I wouldn't want everyone to know I bought four pairs of handcuffs and a lether whip around my girlfriend's birth... I mean candy and flowers... yeah
The original generic sig.
Marketing people especially are going to love this kind of stuff
Is there anything wrong with that so long as somewhere in our future we make sure that information isn't accessed 'inappropriately'?
An example of such abuse it as marketer looking up information an a prospective date, or a baristor using racel profiling digs up information about you that would prejedice a jury.
That's what we all fear...
But if this leads to cheaper and more acurate (and less bothersome) appraisal of market fashions, then that's as appropriate as asking surveying people.
RFID's provide that ability to collect data never before possible. This won't go away because it's just simple too useful.
We of the tinfoil hats must use our energies to combat inappropriate use of information.
Like all pain, suffering is a signal that something isn't right
In some ways this is the ultamate offshoring of a service job. The labor of checkout clerk is moved to the chip factory where the tage is made and the shoe factory where the tag is inserted.
mozilla and other browsers allow you to control the referrer sent to sites.
you can make it lie and say you were referred by h0t-chixx0r-sex.com
that will get them wondering 8)
or you can just enter the site manually into your location bar, in which case there is no referrer...
"None of the retail tests of RFID tags invaded the privacy of shoppers in the Wal-Mart stores, Roberti [editor of RFID Journal] said. He also said that RFID chips in building security passes and toll-booth tags have never been used to invade a citizen's privacy."
New Yorkers were conned into installing EZPass toll ID systems around our entire infrastructure by a lying Mayor Giuliani who promised that the logs would be tightly protected, available only by court order and subpoena after due process, evidence discovery, legal confidentiality, all the rights by which we protect ourselves from our governments. Once up and running, it turned out that $50 through any low-rent lawyer could buy the logs from the cops, at first used in divorce cases, and now surely used for whatever pretext is convenient to invade our privacy.
Now the industry continues the lies to propagate their bugs throughout our consumer society. The deployment of the tech is inevitable, their lies as well. But our privacy rights can win, if we maintain zero tolerance for these invasions, and the liars who would have us pay for our own illegal surveillance. Join or promote the Electronic Privacy Information Center (EPIC), or the Electronic Frontier Foundation (EFF), or the American Civil Liberties Union (ACLU). The freedom you save will be your own.
--
make install -not war
They will absolutely pair the RFID info with personal data. Most retailers will probably do this even if there are laws against it and just hope to not get caught.
"I'm just here to regulate funkiness."
I for one welcome our RFID tag abusing overlords.
"I'm just here to regulate funkiness."
This might keep the marketing dogs at bay but politicians must be having wet dreams at what this could acheave - imaging linking all this data, you basically have a distributed array of people sensors and an extensive log of where any one person has been on tap 24/7. How about installing RFID readers _everywhere_ - put them in airport check-ins, public transport, traffic lights, libraries, schools, the pavement, and you have amazing coverage. You could see what people were buying, reading, eating, wearing, even what underwear they had on and the best thing is it would happen automatically - the computer would build up profiles of people based on what tags were moving around, it would be able to fill in blanks from other databases - eg get on a plane and that set of RFID takes belongs to the name on your passport. Shops would be only too happy to give their database to the government in return for a few favours.
This comment does not represent the views or opinions of the user.
Now how am I supposed to keep track of all my wives?
You have to understand... companies do not want business from nutjobs like you because you take more time than you're worth. A http_referrer? Are you nuts? Oh wait. You are. That's not your history... it's just the site that you came from. Virtually every single website does this so they can see where their advertising money is spent the best. I don't think that an http_referrer qualifies as doing "anything" to gather info. It's equivalent to walking into a small store and the owner asking where you heard about them. But, like I said, people like you are very few and far between, so anybody with an online business really would be smart to tell you to take a flying leap. Satisfing a handful of paranoid nutjobs at the expense of knowing where their customers come from is a very bad tradeoff. BTW, have you ever thought of defeating their evil schemes by opening a browser and typing "newegg.com"??
What would happen if you just walked around with hundreds of RFID tags all over your body?
RFID detectors could be used on sidewalks to monitor pedestrians and the things they are carrying. And it wouldn't necessarily be government. Anyone could buy a detector and just start compiling data.
In order to work correctly, those tags do some kind of handshake with the base station and demand a timeslot for communication.
There is work on jammers that just simulate a really high number of different recievers, thus preventing any timeslot from actual use.
HI O WISE PRINCE. WHT TOOK U SO DAM LONG?
Oh right, not when it's your information, only when it's a record label's information.
Want to guarantee passage of this law? Want to guarantee similar laws get passed elsewhere?
Subject the (senators|congresscritters|Members of Parliment|...) to the effects of life without it.
"Well, Senator Bedfellow, let's see. You bought condoms, yet your wife is out of town. You bought wine. You bought SuuperCalais (large economy bottle). You drove your car through the Expressway to a little hotel."
www.eFax.com are spammers
Can you really believe this since this is the very same state that wanted to send information about every citizen in the state to a company in Florida called Matrix. See http://deseretnews.com/dn/view/0,1249,590041052,00 .html
Starting from this, building a RFID reader detector should be easy -- know when someone is scanning for tags. After that, if some reader is looking for tags with data, why not give the poor thing some? LOUDLY. Reading the data off of some existing tags should give you an idea of what format data the reader is looking for, especially if they use any CRCs or such to stop someone from feeding the reader arbitrary data. Then feed them arbitrary data. The best part is that you really aren't transmitting with passive RFID, you're just "echoing" the reader's transmission.
The gizmo used in the project is an Atmel e5551. Google for that and you'll find lots of things to read.
One line blog. I hear that they're called Twitters now.
As a Mormon in Utah, it is frustrating that so much attention is given to the "bad karma", and so little attention is paid to the great things about Utah.
Polygamy is practiced by groups in many states, but Utah gets all of the focus because of the concentration in certain communities (half in Utah, half across the border in Arizona). Additionally, most of that is attributed to the "Mormon church", which hasn't practiced polygamy since it became a state about 120 years ago (at which time it joined the U.S. and polygamy became illegal in Utah. Before that Utah was not in the United States, and polygamy was perfectly legal). So to even associate modern polygamy with the LDS church would be like calling anyone who currently lived in the southern states racist because their states used to practice slavery.
SCO is ~in~ Utah, but in no way reflects the views of Utah or Utahns. I don't hear anyone bagging on California or Virginia because Verisign is there, or Washington state because Microsoft is there.
Utah is a great state with great people, a lot of great companies, incredibly beautiful natural resources that we take very good care of (8 or 9 National Parks, I think more than any other state, and certainly more geologically diverse), and a lot of other things going for it.
To "feel immediate antagonism" toward Utah over a few issues that are really quite unrelated to the state is just a narrow-minded, uneducated, knee-jerk reaction.
RFID is a red herring. It's needed now simply because our computer technology can't understand what's going on around it without a little help. As soon as computers can understand what they're seeing through a video camera, they'll just *look* at you and your basket and gather the same information. Are we going to ban video cameras in order to protect our privacy?
Instead of arguing about whatever particular technologies happen to be available now, let's jump forward to the final argument. Unless you're inside your house, or some other friendly enclosure, you will be observable - and how can we really complain about anyone just *noticing* what they see and recording information about it, regardless of what their purposes are? I'm not really sure where this question will eventually lead but, in the end, it's the truly relevant question.
Not to mention the best and insightful press coverage on SCO shenanings have come from Utah newspapers.
I am not mormon but have lived in southern Utah (actually close to Colorado City) and I must say Utah is one of the best states in the union (just bring your own beer)!
While I don't ACT any differently I certainly do my share of database pollution, wrong phone numebrs, bad zip codes, etc. Every chance I get. Just because I don't like being watched, and don't make it easy, I don't act any differently when I am.
This issue is a bit more complicated than you think.
They're pushing for legislation to *protect* our privacy. At least, in the article linked to the story, they are.
And yes yes I know, but I wish he was.
- First they ignore you, then they laugh at you, then ???, then profit.
RFID's are an interesting thing -- but one that people haven't thought through when they decide to get paranoid about them.
But here's the real ticket: You know all those 'Visa Check Card' commercials? Since they've become more common, ever notice how much people use a check card to buy everything from groceries to gasoline?
So, you go to the grocery store to get some groceries. You go to the checkout counter, they scan the bar codes, and the sale is stored in a database, itemized completely. Then you swipe your credit-card (or check card) to purchase said groceries. Your credit card is linked directly to your identity, which is then linked to the items purchased, and the retailer has the beginnings of a customer profile on you. Same story at Best Buy, CompUSA, or anyplace else with a credit/debit card reader.
So how this kind of linking differs from an RFID tag, which is essentially a faster bar-code (in the case of retail purchases) really does escape me... If you're that paranoid about T.H.E.M.M. (The Hegemony of Evil Marketers and Merchants) keeping track of your purchases, then pay cash -- RFID's just make it so you get to the point you fork the stuff over more quickly than bar codes do. Hell, I imagine paying by check would be just as effective, because who in their right mind is going to spend the time to link the check to a particular purchase? OCR isn't that good yet...
Case in point: Before February, I've never purchased gasoline at a Chevron station. More to the point: I've never paid for fuel with anything but cash before. Well in February, I decided to both get some petrol from a Chevron station, and to pay with my check card; not a really big deal, right? Imagine my suprise when days later I recieved a letter in the mail offering a Chevron credit card! (having never heard from the company before).
Bottom line: RFID's won't make privacy problems any worse than they already are. Your worst fears about RFID's have pretty much already come to pass.
-- Sometimes you have to turn the lights off in order to see.
For your information.
"Mormon" is a nick name for members of "The Church of Jesus Christ of Latter Day Saints." Those found to be practiceing plural marrige are excommunicated. I've heard them called mormon fundamentalist, but I don't see anything fundamental about how they practice. This is true, not only in spite of history, but particularly in veiw of it.
And yes, such do exist in Utah.
I won't join Slashcott. OTOH, If Beta goes live, I just won't be back until it's fixed. Sorry Dice.
This entire discussion is moot, as I'm having it with someone who doesn't believe in prophets or scripture (modern day pharisees and sadducees, like I said before), so this will be my last post.
Yes, Brigham Young was a prophet. No, I do not agree with that statement. But that is pointless anyway, because the statement was made before the civil war, in a very, very different time. And the only source is the Journal of Discourses, which has never been considered a source of church doctrine.
If you only analyze a group by their teachings or actions of 150+ years ago, then every american is a bigot against indians (american soldiers murdered tens of thousands of them) and every catholic is a barbarian (leftover from the cruisades). But neither of those are the case, just like neither I or my church are bigots.
Bye.
It's simple really. Make an low range EMP pulse device. Disconnected antenna or not, unless those tags are surrounded by a faraday cage an EMP will fry them.
:P
:)
Popular Mechanics had article a while back about how to make a high yield EMP bomb for $400. That article should be pretty interesting for any tin-foil hatters out there who want to burn out all RFID tags within city limits.
Thought it was a little disturbing myself.
~X
Random Quote:"Are you kidding? They really are out to get me?"
~X~