RSS feed
The CASPIAN mailing list recently mentioned a protest which was held against a conference on RFID in clothing. The controversial aspect of the conference is the proposal to uniquely tag individual items ("item-level tagging"), which has potential for serious post-sale privacy problems. In most existing tagging schemes, all equivalent items have the same tag code, and tracking of an individual item isn't possible. Where individual items have to be tagged (e.g., library books), encryption and other techniques can and should be used to protect people's privacy. Otherwise third parties may be able to read the tags and make illegitimate use of the information.
The conference agenda mostly brushes over the issue. One item description asks, "Can privacy and other issues be overcome, or will they inhibit adoption?" This doesn't make it clear whether "overcoming" would consist of overcoming the problem -- making sure threats to privacy are minimized or eliminated -- or just overcoming the issue -- persuading people with smooth words that there's really no problem. Another item addresses "how to ensure customer privacy," and the speaker is an engineer (greatly outnumbered on the program by sales and management types); perhaps that item had some substance.
An article in RFID Journal discusses item-level tagging in connection with the conference:
[Roberto] Montanari says, the lab and its fashion board members have seven overall goals. These goals, he explains, are to measure the impacts of item-level tagging on retail business processes; determine the most appropriate tag construction for specific needs; gauge the impact of item-level tagging on the perceptions and purchasing behavior of consumers who are the fashion companies' customers; test the tags' performance; determine the usefulness of RFID as a tool to deter the sale of counterfeit garments to the public; assess the environmental impacts of large-scale tagging; and ascertain whether RFID can be deployed to effectively reduce shoplifting.
Notice what's conspicuously missing from that list of goals: There's nothing about privacy and security concerns.
0 comments:
Post a Comment