RFID chips, identity cards (IDs) and privacy issues

[forum_admin]

Climbing into his Volvo, outfitted with a Matrics antenna and a Motorola reader he'd bought on eBay for $190, Chris Paget cruised the streets of San Francisco with this objective: To read the identity cards of strangers, wirelessly, without ever leaving his car.

It took him 20 minutes to strike hacker's gold.

Zipping past Fisherman's Wharf, his scanner detected, then downloaded to his laptop, the unique serial numbers of two pedestrians' electronic U.S. passport cards embedded with radio frequency identification, or RFID, tags. Within an hour, he'd "skimmed" the identifiers of four more of the new, microchipped PASS cards from a distance of 20 feet.

Embedding identity documents — passports, drivers licenses, and the like — with RFID chips is a no-brainer to government officials. Increasingly, they are promoting it as a 21st century application of technology that will help speed border crossings, safeguard credentials against counterfeiters, and keep terrorists from sneaking into the country.

But Paget's February experiment demonstrated something privacy advocates had feared for years: That RFID, coupled with other technologies, could make people trackable without their knowledge or consent.

More...

Chips in official IDs raise privacy fears - Yahoo! News

[chicago]

Imagine this: Sensors triggered by radio waves instructing cameras to zero in on people carrying RFID, unblinkingly tracking their movements.

Unbelievable? Intrusive? Outrageous?

Actually, it happens every day and makes people smile — at the Alton Towers amusement park in Britain, which videotapes visitors who agree to wear RFID bracelets as they move about the facility, then sells the footage as a keepsake.

This application shows how the technology can be used effortlessly — and benignly. But critics, noting it can also be abused, say federal authorities in the United States didn't do enough from the start to address that risk.

The first U.S. identity document to be embedded with RFID was the "e-passport."

In the wake of the Sept. 11 attacks — and the finding that some of the terrorists entered the United States using phony passports — the State Department proposed mandating that Americans and foreign visitors carry "enhanced" passport booklets, with microchips embedded in the covers.

The chips, it announced, would store the holder's information from the data page, a biometric version of the bearer's photo, and receive special coding to prevent data from being altered.

In February 2005, when the State Department asked for public comment, it got an outcry: Of the 2,335 comments received, 98.5 percent were negative, with 86 percent expressing security or privacy concerns, the department reported in an October 2005 notice in the Federal Register.

"Identity theft was of grave concern," it stated, adding that "others expressed fears that the U.S. Government or other governments would use the chip to track and censor, intimidate or otherwise control or harm them."

It also noted that many Americans expressed worries "that the information could be read at distances in excess of 10 feet."

Those concerned citizens, it turns out, had cause.