|
Newsletters
|
|
|
|
|
HOLDING COURT - SUMMING UP
Should concerns about privacy be allowed to impede the progress of RFID?
Our resident judge Nicki Hayes sums up our readers' responses to the debate,
reports on what other experts are saying and reframes the debate. Apparently it's
not so much a question of allowing concerns about privacy to impede the progress
of RFID. It's more about whether or not we, as an industry and as consumers of
said industry, want the types of controls and laws imposed upon us that some
experts propose. (see original Article
RFID is Watching You)
Summary of Proceedings
The potential threat to privacy that looks set to dawn with the more or less ubiquitous delivery of RFID
technology was the subject of this month's debate. Developments such as MIT's Auto-ID Center, an
industry co-operative aiming to help build wireless digital identification tags into everything, from
razor blades to magazines, pharmaceuticals and milk cartons, will be seen as progress to convenience
junkies. But, to those protectionists concerned about the right to privacy, this, and other developments
such as the European Central Bank's plans to install RFID tracking devices in Euro bills by 2005, will
be seen as a call to arms.
The call for expert evidence to try to clear up this issue brought the following statement from the Auto-
ID Center:
"At the Auto-ID Center, we take privacy very seriously. Knowledge and choice are two tools
that we intend to provide to technology users. Armed with both tools, the user can exercise an
informed choice on the matter.
First: knowledge. The species of radio-frequency tags we are developing are passive. In other
words, they have no batteries, and cannot broadcast any information on their own. They must
absorb energy from the reader to even power-up their internal circuitry. Tags can then
modulate information back to the reader by reflecting the reader's own signal -- not by actually
broadcasting their own signals. For both these reasons, the range that can be achieved in
passive RFID tags is in the order of a meter. These signals do not travel through metal or
water. It is certainly inconceivable that a truck might drive by your house and identify all the
contents of your house. The signals from these tags are very weak and they are really intended
to enhance bar-codes. They are most certainly not like cellular phones or cordless phones.
Second: choice. A consumer can have the tags destroyed electronically upon purchase. You
may have noticed anti-theft devices being deactivated in a similar way when you borrow a
library book or purchase an expensive item from a store. Furthermore, we are developing
technologies that will permit the user to personalize the tags so that only they have access to
them.
As for consumer or in-home applications of these technologies, it is difficult to predict when it
will be ready for the open market. Today, and for the foreseeable future, our focus is on
validating the technologies' supply-chain applications, involving only commercial enterprises
(like manufacturers, distributors and retailers). First, we want to verify that these technologies
work in a commercial context before deciding whether or not to apply them in other non-
commercial contexts."
This question of "choice" was also high in the agenda for M L Hayes of Texas who called for an
International RFID Registration Authority. Hayes argues that:
"All marketing has the power of singling individuals out for manipulation but that RFID takes
this capability further, extending it to the point of empowering malicious observation and
intent…
"To combat malicious observation the RFID(s) owner must be enjoined to make public not
only their stated intent, but also their identifications, clear and defined. The instance where a
stated intent and private action by the owners or the RFID conflict, would give rise to the
individual's right to redress…
"Governments should make sure that the standards acceptable for the inclusion of RFID
technology in products sold within their jurisdiction have mandates for identification of all of
the component contributors, suppliers and distributors. This part of the RFID would be
registered in a publicly accessible data-repository so that comparison of the attached RFID to
the registry could be easily and quickly performed. The purpose of the registry would be to
serve as a checkpoint for determining alteration of the product to which the RFID was
attached."
Hayes goes on to give a detailed blueprint for such a registration system see
(www.wirelessdevnet.com/holdingcourt/court1_reply1.html), but can today's technology deliver
such a system? The answer, according to Jeremy Wyant, product manager at NTRU Cryptosystems, is
yes:
"Fortunately, new technology that enables the development of secure RFID solutions can now
be used to protect privacy. Public key based RFID solutions enable strong authentication and
data confidentiality that can provide the basis for effective privacy services. An RFID service
provider with a strong privacy policy for data collection and dissemination now has the tools
to enforce this policy. The end user can now be assured that they are transacting with a
provider that respects their privacy".
He is, of course, referring to tools enabled by NTRU's patented algorithm (see
http://www.ntru.com). This algorithm is thousands of times faster than the current algorithm upon
which public key infrastructure (PKI) applications are based and has 1/50th of the conventional
footprint. It can, therefore, provide ultra fast public-key cryptography and strong protection on even the
most constrained RFID application.
Whether PKI is the chosen tool to deliver the government mandates for which Hayes calls, or not, I am
sure that the very influential cryptography guru Ronald Rivest would agree with the essence of his
argument. However the equally legendary and influential Whitfield Diffie may not. Both expressed
concerns about privacy at the eleventh annual RSA Conference last month. MIT professor Ronald
Rivest expressed concerns about plans to make widespread use of small, inexpensive radio-frequency
tags as security tools and scared the shit out of attendees to his key note speech, convenience junkies
and privacy protectors alike, by painting the following picture:
"Everything you own might have one of these tags on them. I might be able to tell how much
money you're carrying just by putting out a radio probe."
Rivest went on to express his fear that the technology could backfire, with terrorists using the tags as a
proximity fuse for an explosive, so that a bomb would go off when a particular person came within
range, for example. He used such scenarios to justify his recommendation that laws may be needed to
prevent companies or the government from tying such tags to personally identifiable information.
But Whitfield Diffie (the Diffie in Hellman-Diffie and a founder of public key cryptography),
expressed concerns about growing restrictions on the free flow of information, advising:
"The more we impose controls on ourselves, the more they can be taken over to support some
else's information control policies."
Taking all this into account I think it's time to abuse the power bestowed upon me by my editor and
reframe the debate. It's not so much a question of allowing concerns about privacy to impede the
progress of RFID. It's more about whether or not we, as an industry and as consumers, want the types
of controls and laws imposed upon us that M L Hayes and Ronald Rivest propose. If we do, the
technology is out there to facilitate it, apparently, although it's questionable whether it could currently
meet the price point low-end applications - such as supermarket pricing tags - would need. But that's
not the point. The point is:
Do we need new laws specific to RFID technology, to ensure our
privacy is protected once this technology becomes widespread?... What do you think? It's time to vote:
Holding Court Home
|
|
