Park Ridge, Ill. - Engineers and consumer advocates are pushing suppliers and corporate retailers to take a harder look at privacy concerns related to the use of radio frequency identification technology. Noting that such issues could undermine RFID's enormous potential, engineers at a recent RFID Privacy Workshop at the Massachusetts Institute of Technology called for implementation of "powerful and flexible privacy mechanisms."
"This issue must now be addressed or the RFID explosion may not occur, or may occur in a much more limited fashion [than expected]," wrote Kenneth P. Fishkin of Intel Research (Seattle) and Sumit Roy of the University of Washington in a paper presented at the MIT conference last month.
Such calls for high-tech intervention have put backers of RFID technology on the defensive, as consumer groups and the media press for safeguards.
"This technology is like an electronic frisk or a form of X-ray vision," said Katherine Albrecht, the founder of Customers Against Supermarket Privacy Invasion & Numbering (Caspian). "It really could create a total surveillance world. It's very dangerous."
Even RFID's backers believe the privacy issues need to be addressed if consumers are to embrace the technology. "RFID will do no one any good if the public is not comfortable with it," said Jack Grosso of the Uniform Code Council Inc. (Princeton, N.J.), an organization helping with the creation of an RFID standard.Rising concerns
The debate over RFID technology heated up after the Chicago Sun-Times reported on Nov. 9 that Wal-Mart Stores Inc. and Procter & Gamble Co. had engineered a secret test of the technology at a Wal-Mart store in Broken Arrow, Okla. The story said shoppers were unwitting participants in a test to track sales of Max Factor Lipfinity lipstick via RFID technology. It also said that executives at a Procter & Gamble facility 750 miles away were watching consumers at the store via a hidden Web cam.
The story raised the blood pressure of consumer advocates, who had previously warned of RFID's potential for violating individual privacy. Procter & Gamble argued that the goal of the test was merely to determine whether RFID technology could help retailers keep products on the shelf and in the right place.
The technology, which employs tags made from silicon chips with radio frequency functions and on-board memory, is said to have tremendous potential in the retailing world. Because each tag's on-board memory enables it to hold a unique identification number, it could conceivably identify and track any object as it moves from a store shelf to a shopping cart to a home medicine chest or closet.
Much of the supply chain says it now wants to tag every carton and pallet with the tiny devices to track products. By installing RF readers at dock doors, and then communicating with the RFID tags as they pass by, product theft would drop dramatically, advocates say. Eventually, retailers say they want to extend the concept, moving the silicon tags onto every item they sell as a replacement for bar codes.
Still, consumer advocates claim the technology smacks of Big Brother, particularly if the tags carry information about consumers and the products they buy. "It's safe to assume that the data from these tags will fall into the hands of marketers, retailers, sophisticated criminals and government investigators," Caspian's Albrecht said.
Engineers at MIT's RFID Privacy Workshop, however, contended that the creators of RFID have developed technical solutions to the potential privacy problems. These include simple methods, such as requiring that tags be hung visibly from items so that they can be easily removed, along with more-complex techniques that involve implementation of special on-board logic.
One such form of logic is the use of a "kill command" in the RF reader, which would essentially disable the RFID tag after it had been scanned. That way, a tag would no longer be capable of transmitting data to readers after leaving the store. Some retailers, however, are resisting such commands on the grounds they would do nothing to deter the enormous amount of fraud that occurs when consumers return merchandise.
Other technical solutions include creation of cryptographically unlinkable pseudonyms that mask the information on the tag, use of "blocker tags" that simulate billions of possible serial numbers to unauthorized readers, evolution of RF protocols that leak as little information as possible and use of so-called privacy IDs that users could place into a rewritable memory.
Fishkin of Intel Research and Roy of the University of Washington also pitched the idea of incorporating the physical distance between the information owner and the person requesting information into the RFID system's software algorithms, and using that as a means for decision making. The concept, based on the idea that "hostile" readers tend to be farther from the RFID tag than legitimate ones, would employ tiered authentication structures to prevent unauthorized individuals from intercepting personal information.
Industry analysts said last week that such concepts could help the RFID makers deal with potential problems, but added that real solutions will require more dialogue between RFID suppliers and retailers.
Out of proportion?
"They need to come to some sort of consensus as to what direction they will take," said Pete Abell, co-founder of the ePC Group Ltd. (Boston) and a developer of the original bar code technology during the 1970s.
Abell also contended that some of the concerns over privacy have been blown out of proportion. Statements about scanning individuals to determine the color of their underwear, for example-or scanning their homes to gather data on everything inside-are absurd, he said.
Abell added that the dialogue between consumer activists and retailers needs to involve discussions of the potential benefits of RFID, as well as the dangers. The benefits, he said, include consumer protection against meat containing E. coli and salmonella, protection against counterfeit pharmaceutical drugs and detection of counterfeit aircraft parts.
Industry analysts said last week that concerns over privacy haven't affected forecasts on the future strength of the RFID market. Market watcher Allied Business Intelligence Inc. is forecasting that RFID revenues will nearly triple over the next five years, possibly reaching $3.8 billion by 2008.
"A lot of the privacy critics are talking about applications that won't kick in for a long time-possibly not until the end of the decade," said Edward Rerisi, director of research for ABI (Oyster Bay, N.Y.). "But over the next few years, RFID's growth will take place between the distribution center and the back room of the retail operation, where privacy isn't a concern."
Still, consumer advocates are concerned that retailers and RFID suppliers are pushing the technology without regard for consumer concerns.
"The scary part of this technology is that it could take away the sweet freedom to move around in anonymity," said Albrecht, who added that technical solutions to the privacy concerns will not slow Caspian's efforts.
"Even if you come up with the greatest technical solution, if the heart of society is bent on that kind of surveillance, it will happen," she said.