RFID - Invasion of Privacy or good business

[Zythryn]

Certainly not; nor did I say or mean to imply such. Clearly, walking down the street is a public activity. :thumbs_do

 

OK, perhaps that was extreme;)

Lets go back a step. A shop keeper recognizes me walking along a public sidewalk approaching a store. He uses that information to quickly set up an item on an endcap which he knows I prefer. Is that invasion of privacy?

 

To be clear, my position is that RFID technology, in and of itself is NOT, in any way, an invasion of privacy. What information and how it is accessed MAY be, but I would need more details about what information is being stored.

[Turtle]

OK, perhaps that was extreme;)

Lets go back a step. A shop keeper recognizes me walking along a public sidewalk approaching a store. He uses that information to quickly set up an item on an endcap which he knows I prefer. Is that invasion of privacy?

 

To be clear, my position is that RFID technology, in and of itself is NOT, in any way, an invasion of privacy. What information and how it is accessed MAY be, but I would need more details about what information is being stored.

 

 

I think the key difference is how widely available the information from RFID is compared to the single shopkeeper. For example, someone hacking the RFID (whether to add or extract data) can affect the consumer (person) at every shop they visit (and in their home) with relative ease, wheras corrupting even a single shopkeeper in such a manner could present a formidable challenge.

Furthermore, suppose I have a purchase in a bag and I'm walking down the street. It would be a violation of my privacy for someone (save law enforcement with probable cause) to use any means to see what I have in that bag and such attempts would be apparent, whereas with RFID, anyone with a reader could violate my privacy to the bag's contents without my even knowing it. :thumbs_do

[IDMclean]

Alright I will admit, Perjury is a strong word with the worng connotations. Lied would be a more appropiate word. To lie is to make one a liar in the present tense.

 

None the less, assuming that Cedar has registered under a false psuedo-name then he/she has knowing commited an act of deception. Something which, I, at the least am very weary of.

 

To me it is not a question of what dishonest people will do. It is what will honest people do to prevent dishonest people from doing, and getting away with dishonest deeds without consequences. Furthermore, and more importantly I want to know what we will do to reduce this anxiety of honest people, to rehabilitate dishonest people, and maximize constructive (positive) outcomes.

 

We'll forget for a moment that I am a socialist, and an anarchist. That I consider the questions of "How much money a person needs in a year" to be irrelevant. Perhaps it doesn't even matter that I trust people to only do what they feel they must to survive.

[Zythryn]

I think the key difference is how widely available the information from RFID is compared to the single shopkeeper. For example, someone hacking the RFID (whether to add or extract data) can affect the consumer (person) at every shop they visit (and in their home) with relative ease, wheras corrupting even a single shopkeeper in such a manner could present a formidable challenge.

 

Because I don't know how easy it will be to hack this data, and how easy or even possible it will be to add data, I can't intelligently discuss this point. And because I don't know what information will be stored on these things, I can't guess as to the effect adding or deleting data would have. If it were simply item and date of sale, I don't see this as an issue. If it is your name and ssn, yea that would be a huge issue.

 

Furthermore, suppose I have a purchase in a bag and I'm walking down the street. It would be a violation of my privacy for someone (save law enforcement with probable cause) to use any means to see what I have in that bag and such attempts would be apparent, whereas with RFID, anyone with a reader could violate my privacy to the bag's contents without my even knowing it. :thumbs_do

 

How about the snoopy person standing next to you in line, or on the bus, that looks down and sees what you have in your bag? I suppose, that is technically an invasion of privacy. However, what level of regulation do we use to deter 'snoops'?

What if the information on the chips were encrypted? Only the store that sold the items could read the data on the chip?

 

Is anyone proposing putting person identification information on these things as you check out? Name, ssn, address, drivers liscense number, etc?

 

Again, what information is stored on these things, I feel, has a lot to do with the legal issue of 'privacy'. What if the stores removed the chips upon checkout? What if the stores offered customers a tinfoil lined bag that blocked the necessary signals (please replace tinfoil with what every substance would block said signals).

 

Lots of 'tracking' technology is currently used which can be misused to invade private information. This information is far more valuable to merchants to aid in selling their wares. I just don't see this as that big of an issue as long as the chips have 'I am a bag of chips bought on 12/3/2006' and not 'here is the poor sods ssn, drivers licsense, address and credit rating'.

[Turtle]

Because I don't know how easy it will be to hack this data, and how easy or even possible it will be to add data, I can't intelligently discuss this point. And because I don't know what information will be stored on these things, I can't guess as to the effect adding or deleting data would have. If it were simply item and date of sale, I don't see this as an issue. If it is your name and ssn, yea that would be a huge issue. ...

 

The rest of your reply I think is clarification for this initial statment, so I left it out of the quote. Many of these points you bring up we have discussed earlier in the thread, and to to some significant detail. That is to say, detail sufficient for me to conclude, this is a huge issue. If in re-reading the thread you find this is not the case, then I will try and answer any remaining questions. :thumbs_do

[Cedars]

I can be (present tense) more honest than most people, while having been (past tense) a thief. It is not simply a matter of once a thief, always a thief, and once an honest person, always a honest person. Buddhism, all is change, all is transitory, and all is impermanent.

 

The point you choose to ignore is you have proven that you are capable of dishonest behavior. A leopard doesnt change its spots. Ya cant beat out of the bones whats bred into the blood. blah blah blah. And you dont have control over who is seeing this data being exchanged without your consent. And I dont have a crystal ball that will show me whether in the future you will revert back to this method of obtaining cash, getting an adrenaline rush, or whatever was your motivation in your past that drove you to commit crimes against other people by theft.

 

It would be nice if you could back up this Freedom to invade my records with some justification, rather than your avoiding the facts of what is occuring out there via exchange of data and invasion of privacy.

 

So I would assume from what you have said then, that you have knowingly commited perjury in registering for Hypography? That you did not infact provide your real name to register. Well, good for you. Your paranoid. I would suggest psycho therapy.

 

And what I can assume by this statement is you dont do your research and just blather things off the top of your head. HYPOGRAPHY doesnt ask for your name when you register. However, there are scripts (little computer programs) that can look into the computer and HARVEST this information without your knowing it. What I dont know is whether Hypography uses these scripts. May I suggest some basic computer classes for you. Why do you think firewalls exist? A company that doesnt protect its data via firewall is considered irresponsible and insecure. Why is this any different on a personal level?

 

Also, what this tells me is that I can not trust you.

Now your catching on. You just need to apply this to the bigger picture. You dont know me any better than you know the person working for choicepoint, walmart credit services, QuickCleanCarpet company, or any other of the millions of businesses who have access to much more information on you than I do (only because I dont spend the money to get it). And you know even less about the workings of the criminal element which spends its every waking moment trying to get that information.

 

 

Quote:

Originally Posted by Cedar

Why is my personal privacy and security in my home of less value than corporate profit?

 

This one has two fold. One is it is a Strawman. I will explain how in a moment. Two is it is a loaded question. If I answered this question I would doom myself twice over. To answer this question, I would take upon myself an arguement that is not mine, and it would be taken in either way into light which I would not shed.

 

Nice try KAC but you ignore the question by truencating my actual quote:

 

How is it beneficial to society (meaning people, not corporate profit)? Why is my personal privacy and security in my home of less value than corporate profit? You explain to me what value there is for people, in my data harvested via a D.L. scan of my name address and bd while I am checking out of a store?

 

I have to assume you avoid these things because you dont have an answer.

 

Cedar, in short I trust in the good volition of society. That is all that I need to do. If I don't trust, and if others don't trust then the system falls apart.

 

In short you can choose to submit to the demands of corporate america to manage your data if you want. But that is the key issue here, choice. I find it abhorant that people have lost and continue to lose choice in the matter. I find it irresponsible that my tax dollars are spent maintaining Do Not Call lists in avoidance of the real issue and catering to alleged corporate needs.

 

How much tax money could we save every year by tightening up these security issues of "we the people" by implementing little things like "thou shall not fish for addresses of thy shoppers".

 

"Innocent until proven guilty."

 

Its been proven time and again this is one method of the criminal element getting ahold of my data without my consent.

 

How about making it harder for ID theft on the front line rather than deciding to invest law enforcement dollars in the issue after the fact. It wouldnt even be a proactive measure at this point in time.

[Zythryn]

The rest of your reply I think is clarification for this initial statment, so I left it out of the quote. Many of these points you bring up we have discussed earlier in the thread, and to to some significant detail. That is to say, detail sufficient for me to conclude, this is a huge issue. If in re-reading the thread you find this is not the case, then I will try and answer any remaining questions. :naughty:

 

Excellent point, I stopped following this thread for quite some time.

Let me review as I would be interested in these points. It may take a little time though so I ask for your patience:)

[Zythryn]

OK Cedars, that was a lot of reading:)

I saw a lot of jokes, many mentions of conspiracy, unsupported claims of what information will be available and how easily.

I also saw a number of links (at least one of which is not functioning for me - it was the story about the garbage company tracking their garbage cans).

I saw Bills contributions as part of a company that actually uses the things (thanks Bill).

And I saw a lot of valid concerns as well.

 

Any source of information can be abused. Sure, RFID chips could be an absolute privacy disaster on a scale never seen before. If used irresponsibly (including DL, SSN, etc). I don't see that information being stored. Medical tracking may be much more of a concern than the can of Pringles I bought. Access to the database which holds the actual information is a far bigger privacy issue, in my eyes, than access to the RFID chip that simply holds an arbitrary ID number.

 

The technology is part of the reason Wallmart is able to lower their prices. It helps them be more efficient. If there were no good applications of RFID technology I would be the first to say 'no upside, possible downsides, why bother?'.

 

The story about reading a DL at a liquor store would concern me if that could be done at range. Did you need to hand your liscense to the clerk? If so, I would suggest the opportunity for abuse is very high. If not, I would suggest not handing your DL to anyone you don't know:)

 

I will dig through the links provided so I can see if there is something not mentioned in the thread.

 

If I missed WHY you or others are assuming a DL or SSN will be stored unencrypted on RFID please refer me to the link or post # and I will review that.

[IDMclean]

Cedar, I have to end this chain of correspondence between the two of us. By answering your first sets of questions I trapped myself into a fallacious arguement. I am done, thus so.

 

My position is thus, to whom ever cares to read. RFID has potential for misuse, just as a wrench has potential for misuse. Yes, I do think that the data that should issue from the ID card should not be sensitive data, like one's SSN. Yes, I think security measures should be taken to prevent people with tin can setups from stealing anything that could potential be abused. Encryption would seem the right way to go.

 

As for the parade of horribles that have plagued this thread since it's inception? Well I am not going to talk about that. I trust that society (The world social order) is not going to design and implement something which would cause it to self-destruct.

 

What implementations does this technology possess beyond tracking my can of Pringles? I heard medical, what else? Also couldn't I just hand my card off to a friend of mine, what then?

[Turtle]

In re-considering all the arguments put forward here, I came onto what I think is a key issue. That is, that the RFID technology is so radically new and different, that we must skurry around trying to figure out how these differences relate to current laws. Borders of privacy we thought we knew are now thrown into question, and most likely the Founders did not forsee RFID.

 

My concern is that the fence of law protecting privacy is down and the herd is now open to the wolves. I do not propose trying to kill all the wolves, but rather mending the fence and killing only those wolves that get past it. :)

[Cedars]

The technology is part of the reason Wallmart is able to lower their prices. It helps them be more efficient. If there were no good applications of RFID technology I would be the first to say 'no upside, possible downsides, why bother?'.

 

Currently (as I understand one of the articles I will post) walmart uses RFID to track pallets. This is a different horse than this link:

Patent 6070147

 

This type of reader can match a specific purchace (every item you bought) with your identification swiped thru your license.

 

The story about reading a DL at a liquor store would concern me if that could be done at range. Did you need to hand your liscense to the clerk? If so, I would suggest the opportunity for abuse is very high. If not, I would suggest not handing your DL to anyone you don't know

 

I assumed he was checking the birth date visually and yes I handed it to him. It happened so fast I had no to time to say NOOOO! He swiped it thru the magnetic reader and a few seconds later, on the computer screen, it prompted him that the purchace could go thru. Needless to say I wont be back to that particular bottle shop. I only went there because it was conviently located near the grocery store. For the time being, I have other options.

 

ACLU on RFID in the D.L. American Civil Liberties Union : ACLU Testimony On Computer Chips In Virginia Drivers Licenses

 

More on the National ID FAQ: How Real ID will affect you | CNET News.com

 

Get ready to hand over $100 to pay for your new D.L. Citizens Against Government Waste Addresses National Conference of State Legislatures on License Technology - Government Technology

 

How did it come to this? National Drivers License ID

 

 

Heres a really up-to-date links page:

EPIC - National ID and REAL ID Act

 

One key thing about the RFID and drivers licenses is the info contained now can be updated FAST. If they dont include the S.S number at onset, its only a matter of time before it becomes linked via a third party (such as ChoicePoint) or by gov. mandate.

[CraigD]

Edward M. Lerner’s 2005 fictional short story “The Day of the RFIDs” provides some interesting and sensible speculation on possible uses and abuses of RFIDs.

 

This story describes a near-future in which RFIDs are common-place in such things as clothing, paper money, and car tires. Through the cooperation with merchants, (initially large ones such as WalMart, but as the checkout and anti-shoplifting benefits cause RFID technology to appear in smaller merchants, practically all of them), gas stations and local toll booth authorities with the US Department of Homeland Security, it becomes possible to store the history of the movement of nearly anyone.

 

These small devices are fairly easy to defeat – cut them out and trash them, wrap them in metal foil, microwave them, or use more exotic equipment to disable or erase them. They are easy to detect – practically any commercial stand-alone reader or laptop or handheld accessory can do so. It’s not illegal to do any of these things. It is, though, beyond the ability or patience of most people to do.

 

Lerner has written a good story.

 

Personally, I’m more alarmed by the relative ease with which current RFIDs can be read and written than by their potential for invading my privacy.

 

It’s technically not too difficult to read the RFID I carry in my hip pocket, and old 64 byte relic of the 1990s, and write a functional duplicate. This card unlocks the doors to my place of biz, which is loaded with valuable electronics.

 

The remote control fob that unlocks my car doors, is much more secure. Like almost all such systems, it uses a pseudo-random number generator, synchronized with one the car, and is effectively unbeatable. However, my car will willingly register a seed and multiplier record for any compatible key fob held near when its ignition key and doors are switched on and opened in an unusual pattern clearly documented in its owner’s manual. Anytime the car is out of my sight with the key in the ignition, such as in the hands of a parking valet, a fob can be programmed to open its doors. There is no way to query my car’s system to see how many fobs it has files for, so the only way I can be secure against this threat is to reset the system (with another key and door opening sequence), and re-register the fobs I want to have work.

[Turtle]

Edward M. Lerner’s 2005 fictional short story “The Day of the RFIDs” provides some interesting and sensible speculation on possible uses and abuses of RFIDs.

 

And lets not forget the chips planned for people; in fact they are in use already. Just a matter of time before they are de rigueur ‽‽‽

 

One day we will all happily be implanted with microchips, and our every move will be monitored. The technology exists; the only barrier is society's resistance to the loss of privacy.

 

TheStar.com - A generation is all they need

[TheBigDog]

I was reflecting on the title of this post, and it seems to me that the two options are not mutually exclusive. It can be good for business and an invasion of privacy. Applying this technology to business applications that do not impede personal liberty are just good sense. Vigilance is required in guarding persoanl information, but there is plenty of room for this technology to provide far more benefit than harm.

 

Stay vigilant while letting technology move forward.

 

Bill

[Cedars]

Kinda related issue.

 

Yesterday Immigration raided the Swift Meat Packing plant in Worthington MN, and in other states looking for illegal immigrants who were using stolen IDs to work.

 

Full story here: http://www.kare11.com/news/ts_article.aspx?storyid=143106

 

"There is a very tight connection between the immigration problem and identity theft," Sullivan says. "We just haven't spoken enough about it."

 

Sullivan is the author of "Your Evil Twin: Behind the Identity Theft Epidemic." He estimates a few million people nationwide have had their Social Security numbers stolen. But there's no way to find out if you're a victim.

 

"There's no one you can ask," Sullivan says. "If you ask the Social Security Administration if someone else is using your number, they will not tell you. They might cite privacy reasons."

[Cedars]

Another related issue when linking databases around the country and using RFID. A local news did a segment (Dec 11 I think) on a man whos brother had used his name and b-day when being pulled over by police for various infractions. I couldnt find the report, but heres the basics.

 

Dave has never been in trouble. Daves brother Andy has been in alot of trouble and Andy had used Daves name on a few traffic stops. (Names are made up by me) So now Daves name is an alias of Andy. When the news crew did a search on Dave at the MN BCA, 5 pages of criminal record comes up. Some very serious stuff including Drug Dealing and Assults. There is no way for Dave to remove this stuff when MN BCA does a search. Dave has been issued a piece of paper to carry around with him and show prospective employers who do criminal background checks and for other occasions. I imagine if Dave were to try to fly there would be extreme hassles for him, an innocent trapped in a unyielding system of government databases.

 

I am not hearing of safeguards for people, and absolute refusal on some levels of government to alter data once it has been entered into the system. Where are the protections for the common man in this alleged system of greater efficency?

[IDMclean]

I would ask why Dave was not informed of changes to his status? I also would ask why the police officer didn't ask Andy for picture verification, and a physical identification such as a driver's licence or similar? A name and DOB is not enough to identify and verify that an individual is who they say they are.