The kill feature arrives as Italian clothier Benetton Group has backpedaled from a plan to embed RFID labels, based on Philips Semiconductors' I.Code chips, in millions of its garments. After the plan was made public, a backlash ensued that led to the formation of Boycott Benetton, a group that opposed the clothier's and others' planned use of RFID tags to track products through the manufacturing and supply chains. Benetton now says it is reevaluating the plan's "potential implications relating to individual privacy."

Technology companies' responses to the Benetton flap range from protests that it's much ado about nothing to promises that consumers' privacy concerns are paramount. While acknowledging that privacy is a hot-button issue, many said they believe it won't be a showstopper for RFID tags, particularly in light of the development of protocols that can disarm the chips' communications capability once tagged merchandise is in consumers' hands.

It's highly unusual for chip companies to consider such "self-destructive technology because it's shooting yourself in the foot," said Kevin Ashton of the Massachusetts Institute of Technology. Ashton is executive director of the Auto-ID Center, which is designing an infrastructure for RFID technology that includes a kill command as part of the protocol specs. But when it comes to encouraging marketplace acceptance of RFID tags, the industry may have to be willing to kill its chips in order to save them.

Opponents of RFID tagging say the tags make it theoretically possible to "profile" a consumer remotely, by linking the data on a garment, for example, with the purchaser's credit card information via the retailer's database and then cross-referencing that to the credit card company's database to obtain a broader picture of buying habits. But that scenario is unlikely "unless you live in a totalitarian state with a perfect information architecture—or in a Hollywood movie," quipped Ashton.

Eye-opener: Boycott Benetton laid bare the RFID privacy controversy. Can self-destruct tags put it to rest?

The Auto-ID Center research group, which involves three universities and scores of companies, has developed a kill-command feature for its Electronic Product Code (EPC) spec, which Ashton said is approaching recommended-standard status. Three Auto-ID Center sponsors—Alien Technology (Morgan Hill, Calif.), Matrics Inc. (Columbia, Md.) and Philips Semiconductors (Eindhoven, the Netherlands)— said they will have kill-command-equipped RFID chip prototypes ready by summer.

Dirk Morgenroth, segment marketing manager for RF tag and label ICs at Philips Semiconductors, said the company plans a late-second-half launch for a full-production version of a kill-command-equipped, EPC-compliant I.Code RFID chip.

It has always been possible to deactivate an RFID tag by brute force, for example by breaking an antenna or applying a high voltage to the tag. But under the Auto-ID spec, the kill-command feature is "not an afterthought—it is very much a part of the whole system," said Steve Hodges, acting director of Auto-ID Centre Europe, which is associated with the University of Cambridge, England.

The group's researchers developed a password-associated kill command as a part of its RFID protocol specs. Just as a read, write or be-silent command can be sent to any RFID tag from a reader, a command could be sent that would instruct the chip to self-destruct, said Daniel Engels, director of the Auto-ID Center in Cambridge, Mass. A chip so instructed would either blow a fuse or set its memory at a value that would render it permanently unable to communicate.

While the Auto-ID Center's proposed spec issues a standard command to deactivate the chip, it's up to tag designers to decide how the physical deactivation will occur, Engels said.

Alien Technology has already developed a kill-command-equipped prototype chip compliant with the Auto-ID Center's UHF class 1 specification. Matrics, meanwhile, is working on a prototype based on the UHF class 0 spec, and Philips' prototype will be based on a 13.56-MHz spec.

Philips' Morgenroth said he doesn't expect a cost premium to accompany the kill feature.

Product tracking: An electronic product code is embedded in 400-micron2 RFID smart tags to track a soda can from the factory to the retailer. Privacy advocates worry that the tracking can continue well after the product has been purchased.

Bill Allen, marketing and communications manager at Texas Instruments Inc.'s RFID group, said he believes consumers should be able to opt out of RFID programs via mechanisms like the kill command, although he called the worst-case scenarios of privacy breaches "fantasy."

Auto-ID Center's Ashton said that the center has created an independent policy council to explore the development of a privacy policy. At a minimum, he said the policy will give the customer the option to kill tags at checkout.