Michael Zimmer.org

Recently, the EFF released a report named “On Locational Privacy, and How to Avoid Losing it Forever“, introducing some of the basic threats to locational privacy:
Over the next decade, systems which create and store digital records of people’s movements through public space will be woven inextricably into the fabric of everyday life. We are already starting to see such systems now, and there will be many more in the near future.
Here are some examples you might already have used or read about:

Monthly transit swipe-cards
Electronic tolling devices (FastTrak, EZpass, congestion pricing)
Cellphones
Services …

Continuing the theme of privacy issues related to my new home library system (and I still haven’t received any reply from the Shorewood Public Library regarding their collection of patron social security numbers), the Milwaukee Journal Sentinel reports that the West Allis Public Library is using RFID chips to help manage their collection. By including bibliographic data in the microchip, the library can automate circulation functions: books can simply be passed by an RFID reader to scan the bibliographic data, rather than needing to be physically opened for a bar …

Inspired by a presentation by Olivia Nellums at the Identity & Identification in a Networked World symposium, one of my post-dissertation research projects will be on the privacy issues related to increased use of RFID tags in libraries. Luckily, Don Wood just posted links to some key readings to help kickstart the literature review. Thanks, Don!

Another example of the need for value-conscious design:
Wired News summarizes a damning report from four University of Washington researchers that reveals how security flaws in the new RFID-powered Nike + iPod Sport Kit make it easy for tech-savvy stalkers, spouses, thieves, corporations, or governments (oh my!) to track your movements via those nifty shoes. From the report’s overview:
Key industry players are incorporating wireless radio communications capabilities into many new personal consumer products. For example, the new Nike+iPod Sport Kit from Apple consists of two …

A NYTimes article notes the various privacy concerns with contactless credit cards whose data is relayed by RFID without need of a signature or physical swiping through a machine. Incredibly, cards are being deployed without any encryption (contrary to what the banks are saying):
The card companies have implied through their marketing that the data is encrypted to make sure that a digital eavesdropper cannot get any intelligible information. American Express has said its cards incorporate “128-bit encryption,” and J. P. Morgan Chase has said that its cards, which it …

A Hungarian airport will soon test an RFID passenger tracking system (story here and here). The system can track every passenger to within one meter, and it will contain countermeasures to prevent passengers from removing or trading their RFID-tags. The claim is that by knowing the position of every person in an airport, crime and terrorism can somehow be prevented. This, of course, only makes sense if you can identify the criminals and terrorists in advance (you gotta know who to watch), and in that case, they shouldn’t be allowed …

One of my pet peeves is the misuse of statistics in reporting. Here’s an example that happens to intersect with issues of privacy.
The Daily Mail is featuring a story titled “Young shoppers want to pay with chip in skin”, extolling the fact that teenagers are willing to have microchip implants as a means of paying in stores. But three paragraphs into the story you discover that only around 8 percent of 13 to 19-year-olds are open to the idea of microchip implants.
Wow, 8%. That means 92% don’t want to pay …

[I am one of the organizers the following graduate student symposium to be held this fall at NYU]
CALL FOR PAPERS
Identity and Identification in a Networked World:
A Multidisciplinary Graduate Student Symposium
When: September 29-30, 2006
Where: New York University
Submission deadline: July 5, 2006
Increasingly, who we are is represented by key bits of information scattered throughout the data-intensive, networked world. Online and off, these core identifiers mediate our sense of self, social interactions, movements through space, and access to …

The New York Times reports on a draft of RFID best-practices guidelines that are to be released today:
Among other things, the guidelines say that consumers should be notified when goods have radio tags, which can be invisibly buried in labels, packaging or the goods themselves. The guidelines also say that it should be clear to consumers how to disable disposable forms of the tags and that it should be easy to do so once items with such tags have been purchased. Businesses are called on to notify consumers about how …

The government’s plans to institute passports with RFID chips were open for public comment since last February. The public feedback was overwhelmingly negative, noting concerns over both security and privacy. In an odd bit of irony, most of the public comment was posted in entirety on the State Department’s website — including name, email address, and phone number, and any other personal information included in the commentor’s e-mail or snail-mail submission.
It probably has been common practice for the government to make all public comments publically available. The difference here is …

This Doctor Fun cartoon does a good job depicting our culture’s love/hate relationship with RFID tags. Reminds me of that Spanish nightclub offering to implant RFID tags in patrons’ wrists so they don’t have to be bothered with carrying wallets with them.
[via Bruce Schneier]

IBM is demonstrating some new technologies to protect consumers who buy RFID-tagged products, but who want to avoid some of the privacy risks. In this case, the technology would let consumers easily decrease the range that an RFID chip broadcasts, so that they can still benefit from the RFID technology, without worrying about people reading the tags from a great distance. This isn’t a perfect solution by any means, but it does highlight the point that companies are working on technological means to fix the problems with RFIDs – a …

Wired News reports: “Following criticism from computer security professionals and civil libertarians about the privacy risks posed by new RFID passports the government plans to begin issuing, a State Department official said his office is reconsidering a privacy solution it rejected earlier that would help protect passport holders’ data.”
Glimpses of this debate can be found here, here and here.

Prof. Ed Felten has an excellent post on the RFID-enabled passports debate, criticising the decision to use RFID (contactless) technology rather than a more secure contact technology, such as smart card standards.
His closing statements struck me:
It seems that the decision to use contactless technology was made without fully understanding its consequences, relying on technical assurances from people who had products to sell. Now that the problems with that decision have become obvious, it’s late in the process and would be expensive and embarrassing to back out. In short, this looks …

[via Freedom to Tinker]Educated Guesswork reports that Texas is considering requiring RFID tags on cars for law enforcement purposes (language of proposed legislation here).
This is the continuation of a troubling trend of ways in which the integration of new technologies (GPS, DSRC, RFID) into our vehicles might threaten the privacy of a driver’s personal information.