Microsized RFID Surveillance

You’re minding your own business waiting for a bus when a squad car approaches. The police officer glances at a $20 handheld scanner, and in the seconds it takes him to drive past, he knows your name and birthday, all about last week’s vasectomy, and even what you paid for your latest magazine subscription. You feel like you’re starring in a science fiction flick. But you’re not. You’ve stumbled into one potential use of radio frequency identification (RFID)–an existing technology that allows products, credit cards, driver’s licenses, and even your own body to transmit a unique radio signal that anyone can intercept.

At the heart of RFID are small “tags” whose encoded data can be wirelessly picked up by a scanning device. They come in two varieties. “Active” tags consist of a crumb-sized microprocessor with a battery and an antenna that transmit information continuously. The more common “passive” tags, which are activated by the scanner, have no battery and transmits less data (typically, about two kilobytes). The technology has been available for years, but manufacturers have just recently succeeded in making RFID tags small and cheap enough to be deployed on a massive scale.

Retailers say RFID will save them billions by further automating distribution, replacing the low-wage workers who now scan inventory. With RFID, individual items can be tracked at every step in the supply chain, or even automatically priced higher as supplies dwindle on the shelves. By the end of next year, WalMart will have passive tags on all of its products.

RFID boosters have bigger plans than mere inventory control, however. They’re touting the technology as a new “killer app” for the entire service industry. Standing in a checkout line could become a thing of the past, as special readers tally up your bill and subtract it from your RFID credit card as you walk out the door. Bank tellers would know when you’ve entered the bank (RFID tags in your shoes) and libraries could keep better tabs on their stacks (RFID tags in books). The European Union even wants to put the chips in currency.

What’s more, every electronic transaction will leave behind a trail of valuable data that can be mined for commercial use. Marketing analysts are already testing pressure-sensitive shelves that would allow them to monitor customers as they waffle over cereal brands, perhaps triggering a timely instant message extolling the virtues of the new Cap’n Crunch. And since it’s already technologically and legally possible to read the RFID tags implanted in the things you buy, these data hounds eventually want to track you out of the store and into your home.

The same data-mining capabilities that have retailers salivating have privacy advocates screaming. Katherine Albrecht, a doctoral student at Harvard and founder of Consumers Against Supermarket Privacy Invasion and Numbering is a leading RFID opponent. She says in Wired (July 2004) that once your home is filled with tagged products, burglars could case your home from a van parked outside. Albrecht advocates labeling of RFID products and developing technology that will deactivate the devices when they leave the store. But invasions can occur in-store, as well. Last year, for example, WalMart conspired with Procter & Gamble and used passive tags to trigger hidden webcams in an Oklahoma WalMart. When shoppers lifted a container of Max Factor Lipfinity lipstick, their image was broadcast to researchers at P&G’s Cincinnati facility.

If the idea of opportunistic retailers ogling you in the lipstick aisle gives you the creeps, consider that the Food and Drug Administration recently approved an RFID implant, a tag the size of a grain of rice that contains emergency health data. Imagine the possibilities.

You’ll also want to watch out for the Department of Homeland Security (DHS)–because it’s a good guess that they will be watching you. The DHS and the Department of Defense (DOD) are primary investors in RFID. So far, their research programs have been relatively benign. The DOD uses tags to track its inventory, much as WalMart does, and it’s investing in “wearable computers” that would allow tracking of personnel. The DHS has already invested some $4 million to $5 million in RFID sensors, while border guards are using the chips in their so-called Nexus program, which prescreens participating travelers crossing the U.S./Canadian border.

The military and homeland security applications for RFID worries many, though, including such disparate interests as the Electronic Privacy Information Center and the conservative Washington Times. Antiterrorism measures inspired by 9/11, the Times reasons, could encourage RFID programs like Nexus to secure airports, government offices, and even subway stations. In other words, if you’ve got an RFID credit card in your wallet (or your medical implant in your arm), you could be under surveillance at all times. Given the nation’s seemingly permanent “orange alert,” it’s a safe bet that the RFID explosion will result in tracking not just lipstick and library books, but all of us.

In-depth coverage of eye-opening issues that affect your life.