Monday, July 23, 2007

Concerns Continue to Simmer over RFID Privacy

If you are in the retail sector and are considering using RFID tags as a theft control means, you should be aware of consumer privacy concerns, which have spurned entire websites and blogs.

Most concerns revolve around the fact that RFID tags affixed to products remain functional even after the products have been purchased and taken home, and thus can be used for surveillance and other nefarious purposes unrelated to their supply chain inventory functions. Although RFID tags are only officially intended for short-distance use, they can be interrogated from greater distances by anyone with a high-gain antenna, potentially allowing the contents of a house to be scanned at a distance, something distinctly Orwellian in nature.

Even short range scanning is a concern if all the items detected are logged in a database every time a person passes a reader, or if it is done for nefarious reasons (e.g., a mugger using a hand-held scanner to obtain an instant assessment of the wealth of potential victims). With permanent RFID serial numbers, an item leaks unexpected information about a person even after disposal; for example, items that are resold or given away can enable mapping of a person's social network.

RFID will be one of the technologies addressed in ARC Training's new Specifying Security Technology Course, due for 2008.

For more information on RFID privacy click on:

http://www.networkworld.com/news/2006/040406-rfid-security-concerns.html?fsr