Slashdot Mirror
You Need Not Be Paranoid To Fear RFID
An anonymous reader writes "A story at the Boston Globe covers extensive privacy abuses involving RFID." From the article: "Why is this so scary? Because so many of us pay for our purchases with credit or debit cards, which contain our names, addresses, and other sensitive information. Now imagine a store with RFID chips embedded in every product. At checkout time, the digital code in each item is associated with our credit card data. From now on, that particular pair of shoes or carton of cigarettes is associated with you. Even if you throw them away, the RFID chips will survive. Indeed, Albrecht and McIntyre learned that the phone company BellSouth Corp. had applied for a patent on a system for scanning RFID tags in trash, and using the data to study the shopping patterns of individual consumers." I think they may be going a little overboard with their stance, but it's always interesting to talk about.
Whenever you purchase something, just fry the RFID chip by putting the stuff for 15 seconds in your microwave. Problem solved.
(Or just use cash).
...for RFID-killers. Shouldn't need more than a watt or so at the right frequency to kill the chip.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
What's so bad about studying them?
Like with Google ads, if I have to live with ads, I much prefer directed ones with at least some research behind them than undirected ones. In other words -- in this case with shoes, if they wished to send me ads by mail, I'd rather only get ads for men in my age than women and kids.
Of course, connecting these studies to other databases from other companies could make it very wrong, but that's another problem I think need other laws (unless there aren't any already -- IANAL).
And at least where I live, there are already laws against storing personally identifiable data in a database, such as your social security number. I guess age, gender, and other purely statistical data don't fall under this law, and I don't see a compelling reason to why it should. Is it really such a big deal?
Beware: In C++, your friends can see your privates!
Come on, people, think about it. RFID on everything? It's not going to happen. The statistical data gained would be horribly inaccurate because nobody would ever know whether or not you're actually the one wearing the shoes. For instance, what if they were a gift for somebody 3,000 miles away?
Looking at the way the **AA are carpet-bombing all and sundry with outree requests in support of their business model - in the hope that the odd one will stick - once RFID tech is used widly, I foresee a future where first major brands, then other retailers and law enforcement will be making similar requests, more or less "because it's technically possible".
=> EULA when you buy a Ralph Lauren shirt, making it illegal to disable the tag?
=> Extra tax if you nuke your trash before putting it by the roadside? ("WallMart has a right to know!")
=> Automatic searches at the airport when a scan of your luggage turns results that deviate from the norm?
=> A new "coming of age" rutual, whereby you have your mandatory kiddy-goes-to-school tag removed when you turn 18 21?
yes, we have no bananas
...but this already happens WITHOUT RFID. I work for a marketing company (who will remain nameless, and hence why I'm posting as an AC) who's work is partly geared toward this sort of work. You go to a store. You pay with a credit card. It stores your CC # (in an undecryptable hash format of course) and what items you bought. It looks for patterns and even gives competitors a chance to gain your marketshare. If Pepsi wants Coke marketshare they can pay us to print a coupon for the guy who buys Coke everytime he goes to the grocery store. We don't need RFID for someone to be monitoring our purchases.
Ok, you buy a second hand jacket. I wouldn't, but a lot of people do. The tag has been connected with a child rapist by the FBI. You go to the train station. You get scanned.
Suddenly, 15 FBI agents slam your face into the dirty floor and take you away for questioning in hand cuffs. You submit to a DNA test (no, not like the CSI TV show, it really does take a long time). It will take days if not weeks to prove they got the wrong person !!! In the meantime, there is no way they are going to let you out.
Since perception is reality, you lose your job, your wife, your friends, etc...etc... because you're a deviant child molester. I mean, you must be, the evening news said you're a suspected deviant so it must be true.
Perhaps a little bit extreme for an example but not out of the range of RFID possibility.
Shoplifters in Manchester, England, put small high-value items into a metal biscuit tin lined with aluminium foil (a bit of overkill there) which is supposed to screen the RFID tags from the sensors by the door. I saw it on a documentary about junkies last week - it's common for the police to find these tins in their houses along with the usual drug paraphernalia.
When I am king, you will be first against the wall.
Coins will be made of plastic (the rfid being the way of authenticating them) before 2020.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
They don't need RFID to collect anymore information than they already.
I've seen the amount of information they collect at these POS systems. You use a credit/debit card, your card encodes your zip code, first name, last name. Your purchase is collected already by scanning the item into the register.
Your info is then sent to the 3 credit bueraus and your infor is merged with those large databasese. If you give your email to the retailer, your email is attached to your credit report. Through those credit reports the credit bueraus then sends back your address to the retailer and all other information the retailer can afford.
Your information is already available in catalog dealers, your internet info is available at experian online (yup experian started an internet division). How much you make and how much own is already available at experian, transunion and can't remember the last one.
The retailer already got the information they need, RFID is just a way to track inventory, really no joke. RFID does not add any additional information that the retail/catalog industry does not already have. Oh yea, they used to be able to get large amount of info through the DMV before 9/11.
Experian will sell your info to ANYBODY at the right price, private detective already have this ability, without license. Now the funny thing is the only person that has a hard time getting your info, is yourself! Oh yea don't get me started on the 2 files they keep, one public one that you see, and one that is hidden, that keeps every single transactions you've made in your life. the law says some items fall off the report, but the hiden one is available to anybody with money and can make your life horrible. There are no laws saying that your bank need to tell you they based their decision on this second file. So you think your report is clean, but the hidden one says otherwise. Oh yea that second one contains all your purchase habbits too.
God where's my hat? I can't see an after market of people scanning garbage from a particular locale/district etc. The marketing drones already have this information. Retailers routinely sell their lists to each other. Catelogs company give them to each other as "gifts". Or worse TRADED like comodity. You people are not paranoid enough!
2. Your method of birth control. . .
3. Medications especially for things like anti-depressants or treatments for STDs. . .
4. The books you read. . .
All of these things can be used against you by your employer or insurance company.
HOW? You can't just throw FUD out there and hope it sticks. How these things could be used against you?
Just a few examples off the top of my head.
1. Alcohol. Higher insurance premiums for drinkers, or heavy drinkers, or malt-liquor drinkers. The question of did he or did he not actually consume it would be irrelevant for the users of the data, they're not trying to prove it in a court of law, they're just using it as an excuse.
2. Birth Control. Again, higher insurance premiums for people who use too many (or too few) condoms. Increased risk of STDs and pregnancy. Or maybe you're the IT director at some fundamentalist whack-job church -- any purchase of birth control gets you sacked for not being fruitful and multiplying enough.
3. Perscriptions. Your employer probably already knows if you're on the company insurance plan, and your insurance company certainly knows unless you self pay. But again, insurance co. would love to know as much as possible about you, legal or not. They're not going to tell you they went through your trash.
4. Books. Again, I think we'd assume for harassment purposes that you read any book you buy. Whole categories of readers could be assumed to be untrustworty in their jobs because of their reading habits. Jobs with secrets, or working with children, or the elderly, or in a pharmacy, just to name a few.
I imagine someone paid to come up with evil things to do with personal infomation (like HR director or Insurance risk-analyst) could make a much longer list than mine.
Also, with regard to "throwing FUD out there" . . . the "U" is "uncertainty", the unknown. You cannot, by definition, enumerate the unknown. It's difficult to discuss the future without some degree of speculation.
I am not a crackpot.