Archive for the ‘RFID’ Category

6 Aug 2010

Something new between us and our Calvins

In a move to monitor inventory in its stores, Wal-Mart will launch an item-level Radio Frequency Identification (RFID) inventory tracking program starting August 1st, 2010.  In its first phase, the system will track individual pairs of jeans, socks and underwear.  The items will be tagged with removable RFID tags that can be read from a distance using hand-held scanners so employees will know what sizes are missing from shelves and what is in the stock room, all in a matter of seconds.  If the program is successful, it will be rolled out at Wal-Mart’s more than 3750 U.S. stores with more products.

The upside of RFID systems have been well-documented –they help retailers better control their inventory and cut costs for consumers,  create efficiencies in our health care system, increase customer convenience (enter the smart coffee mug), and save valuable time for consumers (let’s face it, the ability to push a shopping cart through an RFID reader that instantly calculates your grocery bill without removing a single item from the cart sounds down-right heavenly!).

RFID systems also continue to be rolled out new contexts: we have written about privacy issues surrounding the use of RFID in the workplace, Northern Arizona University is using their RFID enabled student cards to track student lecture attendance,  transportation systems use RFID to monitor traffic flow, our passports are being equipped with RFID chips and our pets are tracked and monitored via RFID implants.

While these systems can be really useful and save us time and money, they also raise some serious privacy concerns.  While the RFID tags in the Wal-Mart example are removable, not all RFID tags are (some are as small as a speck of dust and are virtually invisible).  RFID tags can be tracked and hacked, may not be easy to turn off and can be read at a distance, potentially allowing tags to be read outside the original system for purposes limited only by human ingenuity.

As the tags get cheaper and the size of the tags gets smaller, extending the reach and uses for such systems will likely evolve too. Perhaps most concerning is that RFID systems have the potential to track individuals and could do so without their knowledge or consent.  As a recent article notes:

“Location-aware apps are scary enough, based on GPS with the broad range they offer. But for the most part you still have to sign up for those. RFID is being implemented all around you…it can track infants to senior citizens with Alzheimer’s. In between it can track your clothes, your purchases, your car – even you. RFID is on the verge of tracking us all, cradle to the grave.”

As we and others in a number of jurisdictions continue to wrestle with questions about RFID and privacy, the evolving application of RFID systems serve to highlight the fascinating convergence of emerging technologies and human creativity.

9 Jul 2008

Trading privacy for security – that old zero-sum game

The rising cost of air travel might be the least of your worries when flying in the future.

The Washington Times has reported that the U.S. Department of Homeland Security has expressed interest in a “security bracelet” developed by Canadian-based Lamperd Less Lethal, a company specializing in firearms training and specialized civil defence equipment. Lamperd proposes, in this corporate video, that air passengers would be fitted with a bracelet containing boarding pass information, the passenger’s personal information and the ability to track a passenger’s whereabouts. As well, the device would be equipped with Electro-Muscular Disruption technology or EMD, meaning air crew could remotely deliver a shock to the bracelet-wearer, immobilizing the wearer for several minutes. The bracelet, given to the passenger at check-in, would be worn for the duration of the flight and could not be taken off until the passenger reaches his or her destination.

Lamperd claims in its video that, “Given the choice…many, if not most passengers would happily opt for the extra security of the EMD security bracelet.”

Given recent studies that show increased skepticism among the general public over how their personal information is often handled, and coupled with growing doubts over whether many of these post-9/11 security measures actually make us safer, we have our doubts: would passengers be prepared to put their desire for security before their own concerns over how such a bracelet could be (mis)used? Could a security bracelet really be effective in deterring terrorism, or does it just make people feel safer without actually improving anything?

Update from the Department of Homeland Security

“This allegation stemmed from a misleading video posted on the Lamberd Website which depicts an ID bracelet that would contain identifying information as well as the ability to stun the wearer. The company claims to connect use of such a device to DHS and TSA, but no discussions between these agencies has ever taken place. …

This concept was never funded or supported by the DHS or TSA and hasn’t even been discussed for two years.”

11 Apr 2008

The future is friendly? Experimenting with RFID

Last week, the Seattle Times reported on an experiment the University of Washington is conducting with radio frequency identification, or RFID. The university, responsible for one of the largest experiments using wireless tags in a social setting, has effectively created a futuristic atmosphere where RFID is everywhere. With this in place, they hope to uncover problems before the technology becomes widely adopted.

The use of RFID and its implications on privacy is an issue that has been discussed previously on this blog and the use of RFID in the workplace is a topic we are looking for feedback on. Having recently prepared a consultation paper with recommendations on privacy practices for organizations considering implementing RFID technologies, we are inviting people affected by RFID in the workplace to answer a series of consultation questions. To share your thoughts, visit our resource center to read Radio Frequency Identification (RFID) in the Workplace: Recommendations for Good Practices and complete the consultation questions.

5 Mar 2008

RFID in the workplace

While there are certainly some novel uses for RFID technology out there (like studying the secret life of bees), RFID systems are increasingly being used for the more practical purposes of improving productivity and enhancing security.

The increasing appetite among companies to use this technology to track their employees is a worrisome trend for the Office of the Privacy Commissioner. While we certainly recognize the business benefits of RFID systems, we believe they can also be used as surveillance tools, which raises important privacy concerns for employees.

Our office has just released a discussion paper outlining the steps organizations could consider, and questions that could be asked, before proceeding with RFID applications in the workplace. The paper includes some broad questions on the use of RFID technology, to which we invite stakeholders to submit their responses. We hope this paper will spark discussion on a growing trend with some serious implications.

5 Feb 2008

Kick-starting the discussion on EDLs

Two weeks ago, the provincial government of British Columbia announced that it would be making enhanced driver’s licences (EDLs) available to eligible B.C. residents. These licences – a first in Canada – would be recognized as an alternative to a passport at the Canada-U.S. border.

What makes them “enhanced”? The B.C. version of the EDL will feature a Canadian flag, a special code used by border authorities, and most importantly, a radio frequency identification (RFID) chip. These chips contain unique identifier numbers which can be read by RFID scanners at U.S. border entry points.

While the RFID chips in B.C.’s EDLs will only contain unique identifier numbers, it is possible to store other types of personal information on these chips. The technology also makes it possible to track the movements of individuals carrying driver’s licences enhanced with RFID chips.

The potential for misuse of personal information or a breach of security exists, and as other provinces consider whether they want to implement their own EDLs, there’s a need for a public discussion about those risks.

Today, Canada’s information and privacy commissioners kick-started that discussion by issuing a joint resolution outlining the steps that will need to be taken to ensure that the privacy and security of our personal information are respected if and when EDL programs are implemented. (You can also read the news release here.)

7 Nov 2007

Radio Frequency Identification Tags: Two Perspectives

On the second day of the Terra Incognita conference, we had the opportunity to hear about recent innovations in radio frequency identification tags (RFIDs).

RFIDs have been presented as a tremendous technological advancement that will help companies large and small track their inventory, expedite shipments and protect goods in a retail environment. By design, they are also tracking devices. This can have an effect on personal privacy if RFID technology is linked to information that can identify an individual.

Two distinct perspectives were presented. Dr. Kathryn Albrecht, the Director of Consumers Against Supermarket Privacy Invasion and Numbering, delivered a critical broadside against radio tags and their consumer applications. On the other hand, Dr. Ann Cavoukian, the Information and Privacy Commissioner of Ontario, argued the benefits of building privacy guarantees into technologies such as RFIDs. She focused specifically on her Office’s work and the development of the IPC Privacy Guidelines for RFID Information Systems.

We have transferred both Dr. Albrecht and Dr. Cavoukian’s presentations to They are embedded below as well.

You need to have flashplayer enabled to watch this Google video

You need to have flashplayer enabled to watch this Google video

In addition, the Conference research papers and presentations on RFIDs are available online.