p2pnet - rss feed: Spy chip privacy threat
p2p news / p2pnet: RFID (Radio Frequency IDentification) chips, often called spy chips, are slated for use in US passports starting in October and the Department of Homeland Security (DHS) has just wound up a test to evaluate the ability of RFID interrogators to read RFID inlays.
"The department is now analyzing the results in order to determine which of the tested interrogators and inlays it will chose for a nationwide deployment," says the RFID Journal.
But, "Future government-issued travel documents may feature embedded computer chips that can be read at a distance of up to 30 feet," a DHS official says, "creating what some fear would be a threat to privacy," states CNET News, going on:
"Jim Williams, director of the Department of Homeland Security’s US-VISIT program, told a smart card conference here that such tracking chips could be inserted into the new generation of wallet-size identity cards used to ease travel by Americans to Canada and Mexico starting in 2008."
US-VISIT has already been strongly criticized for another ID difficulty.
Last summer EPIC said the border security program’s fingerprint identification system had, "resulted in many cases of mistaken identity," and on the DHS plan to use RFID chips, "The technical specifications of the test RFID tags have not been released to the public, so it is unknown if the information is encrypted or not".
If data were unencrypted, they can "easily be accessed by unauthorized users with RFID readers" and even when data on RFID tags are encrypted, security risks remain, said EPIC (Electronic Privacy Information Center).
A pilot program last summer had RFID tags in immigrants’ visas. It applied to people without green cards who entered the US for work, school, research or tourism, and to others from 27 mostly European countries traveling under the ‘Visa Waiver Program,’ which allows travelers to stay for up to 90 days without a visa.
Now Williams’ remarks are, "likely to heighten privacy concerns about RFID technology, which has drawn fire from activists and prompted hearings before the U.S. Congress and the Federal Trade Commission," says CNET, pointing out that one California politician has even introduced anti-RFID legislation.
"Many of the privacy worries center on whether RFID tags - typically miniscule chips with an antenna a few inches long that can transmit a unique ID number - can be read from afar," says the story. "If the range is a few inches, the privacy concerns are reduced. But at ranges of 30 feet, the tags could theoretically be read by hidden sensors alongside the road, in the mall or in the hands of criminals hoping to identify someone on the street by his or her ID number."
Homeland Security has said, in a government procurement notice posted in September, that "read ranges shall extend to a minimum of 25 feet" in RFID-equipped identification cards used for border crossings. For people crossing on a bus, the proposal says, "the solution must sense up to 55 tokens."
Meanwhile, "What we’re putting in the card is possibly nothing but a 96-digit serial number that is random and would do nothing but point back to a database…someone would have to hack into our database at the same time," CNET has Williams saying, "adding that the agency is considering delivering the cards in a ‘Mylar sleeve that would block the technology when people aren’t using it.’ They’re also exploring using a card that would have to be activated by the user, through a fingerprint or some other biometric method, before any information could be read remotely."
Also See:
RFID Journal - DHS Completes E-Passport Test at SFO, April 18, 2006
CNET News - New RFID travel cards could pose privacy threat, April 18, 2006
another ID difficulty - US-VISIT ‘full of tech problems’, July 10, 2005
immigrants’ visas - Spy chips track immigrants, Seprtember 5, 2005
anti-RFID legislation - California spy-chip ID cards, May 18, 2005
