Phillips places the traditional definition of privacy, stated by privacy advocate Dr. Alan Westin, as individuals' right "to control, edit, manage, and delete information about them[selves] and decide when, how, and to what extent information is communicated to others" within Identity Management.6 However, the problem of "surveillance" and its meaning appears to encompass the larger societal privacy threats posed by RFIDs:
"In its idealized form, panoptic surveillance individualizes each member of the population, and permits the observations and recording of each individual's activities, then collates these individual observations across the population. From these conglomerated observations, statistical norms are produced relating to any of a multitude of characteristics. These norms are then applied back to the subjected individuals, who are categorized and perhaps acted upon, either with gratification or punishment, according to their relation to the produced norm."
RFID is a transformative technology because it brings about the potential for constant individual identification and the automatic sorting of individuals, named or otherwise, into groups. "Group privacy" is a newer concept, but one that will be increasingly important in a world of M2M communications. Who goes to Starbucks? RFIDS will make it easy to know when we all carry tagged loyalty cards.
Fear of a Central Database
Work on the privacy framework in the 1960s was stimulated by a vision popular among IT specialists and government officials--that of a central database of citizen information. In the generation since then, we have averted our eyes from the rampant proliferation of databases such as those held by credit reporting bureaus, banks, insurance companies, major retailers, and information management companies such as Axciom and LexisNexis. The growth of these disparate databases has been well documented in Database Nation.7 In 2005 these databases have grown into what we feared in the 1960s: the specter of an all-knowing, all-seeing, central database. However, it is manifesting not as one database but as many different databases interlinked around the globe. Governments that spent the equivalent of billions of dollars making sure records were not linked through single numbers, like the Social Insurance Number in Canada, are once more looking at ways to facilitate searching between interoperable platforms and linking data reliably to particular individuals--ostensibly in the name of fighting organized crime and terror.
People still react negatively to the loss of control over their own personal information, believing they have a right to present their unique face to the world, in their own terms. This may be in denial of the facts of the twenty-first century, as has been pointed out by various commentators, perhaps most infamously by Scott McNealy, the CEO of Sun Microsystems, when he said, "You have zero privacy anyway, get over it."8
In previous generations, when bankers dealt with a customer for a loan, they based their decision primarily on personal knowledge of the individual and the forms that the individuals filled out. Today neither the human being requesting the loan nor the bank manager has much influence on the decision. Databases, predictive software programs, and inexpensive telecommunications have facilitated a world where decisions are made remotely by machines fed an ever-increasing stream of data, with little human intervention. Everyone banks, but very few know about the companies that manage their financial transactional data and the relationship between those data processors and the state.
From a policy perspective, it is not clear that society and democracies have yet adjusted to this current scenario. People do not fully understand how the information infrastructure works, and the high levels of concern for privacy that we see in virtually all the polling data9 demonstrate strongly contradictory behavior. While few people are actively protecting their privacy, the level of concern is rising every year, leading to a profoundly unstable situation such that a scandal in the press could precipitate sudden change in consumer behavior. In fact, this scandal hit in February 2005 when it became publicly known that Choice-Point, one of the largest and most successful data brokers in the world, with 64 billion files, sold personal information to a criminal ring of ID thieves posing as small businesses. This scandal has prompted calls for legislation, Congressional
hearings, complaints to the Federal Trade Commission, private actions, and
investigations from State Attorneys General.10
Now RFID bring to us an "Internet of things," on which objects talk about their owners or handlers, thus feeding powerful new databases. Industry proponents protest that the chips are not big enough to be intelligent, but the chips "chatter," even if it is only in monosyllables, brings to a new level a world in which humans hold increasingly less power and information holds increasingly more. In discussions about "trust" and "security," the emphasis is on building trusted systems. But does this mean we no longer trust humans?
1. Stephanie Perrin is a recipient of the Electronic Frontier Foundation Pioneer Award for her role as a global privacy advocate.
2. RFID was on the Workplan of the Article 29 Group, a working party of data commissioners that is constituted under the European Directive 95/46. http://europa.eu.int/comm/internal_market/privacy/workingroup/wp2004/wpdocs04_en.htm. A call for comment on the issue, closing on March 31, 2005, was issued in late winter 2005.
3. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995, on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
5. In New Media and Society, vol.6 (6): 691"706. London, Thousand Oaks, CA, and New Delhi: 2004.
7. Garfinkel, S. Database Nation: The Death of Privacy in the 21st Century. Sebastapol, CA.: O'Reilly, 2000.
9. For a view of the evolution of privacy concern, see Alan Westin's work in association with Harris Interactive, as described on the Privacy and American Business Web site, www.pandab.org. Although the surveys are proprietary, Dr. Westin has written about them since the early 1990s, and he said of the recent survey results described at the Privacy and American Business conference in Washington in June 2004, and at the Ottawa University conference "The Concealed I" March 4, 2005 that concerns continue to rise and self-professed privacy fundamentalists now stand at 37% of the U.S. population.
10. The latest news on the ChoicePoint scandals can be found at the Electronic Privacy Information Center's Choicepoint page www.epic.org. Robert O'Harrow Jr.'s book, No Place to Hide (New York: Free Press, 2005), contains useful updates on the database industry in the post-911 environment.
Next: Mapping the RFID Discovery Process
About the Authors
Simson Garfinkel is a computer security researcher and an award-winning commentator on information technology. Among his twelve books are Database Nation: The Death of Privacy in the 21st Century (O'Reilly, 2001) and Practical UNIX and Internet Security, Third Edition (O'Reilly, 2003). A columnist for Technology Review and CSO magazine, Garfinkel's CSO columns earned the 2004 Jesse H. Neal National Business Journalism Award. He is a doctoral candidate at MIT's Computer Science and AI Laboratory.
Beth Rosenberg is a writer, editor, and journalist with fifteen years of experience in emerging technologies. She has written for the Boston Globe, Boston Magazine, and the Christian Science Monitor, and edited a book for Harvard's Kennedy School of Government.
Reproduced by permission of Pearson Education, Inc. 800 East 96th Street, Indianapolis, IN 46240. Written permission from Pearson education, Inc. is required for all other uses. This book can be purchased at: Pearson.