CNet.com has a round up of articles about RFID:

Privacy questions arise as RFID hits stores
Companies brace for privacy debate, as potentially intrusive applications arrive faster than expected.

European supermarket chain extends RFID push
Tesco will use the technology in more stores, focusing this time on tracking cases and pallets, rather than individual items.

Tracking technology gets a reality check
At Baltimore pow-wow, hype over new RFID technology is tempered by concerns about cost, privacy and quality.

With RFID, corporate might makes right
Retail powerhouses such as Wal-Mart gather in Baltimore to push development of controversial tagging technology.

IBM readies large RFID push
Big Blue plans to invest $250 million in a new business unit to support products and services related to sensor networks.

Wal-Mart Stores, Procter & Gamble and other big companies pushing the electronic tracking tags said they’d use them only in warehouses to more easily locate and account for stock arriving in cases and palettes. By the time the merchandise hit store shelves, they’d have removed the tags. The placement of tags on items consumers actually take home was projected to be at least 10 years away, last year’s argument went. Some said it may never happen if costs remained prohibitive.

Though relatively rare today, RFID tags are marching toward stores and shopping baskets across the country--raising questions about the implications for consumers. Also experimenting with RFID are Albertsons, Best Buy, Target, as well as European chains Metro and Tesco. Elizabeth Board, executive director of the public policy steering committee for EPCglobal said during a panel discussion:

There is a concern that EPC (tags) can be tracked everywhere and that retailers want to track you at all times of the day. It’s not realistic, but it has caused a lot of confusion.

She expects that fears about privacy invasion will continue to be a public relations problem for the technology. RFID supporters must do more to dispel the myths and misconceptions surrounding it.

Retailers and consumer-goods companies are hesitant to agree to removing tags from items at the time of purchase for several reasons. One reason is that RFID tags could help with returns by exposing people trying to get a refund for a product they never really bought, or one they purchased from another store.

One of the valid concerns about RFID is what companies plan to do with all the detailed data they’ll be able to collect about consumers, said Daniel Engles, director of research at Massachusetts Institute of Technology’s Auto-ID Lab, an RFID research group.

CNet new.com reports that a key patent holder's demand for royalties has triggered concerns that promising RFID technology could become embroiled in an intellectual property battle.

The royalty flap stems from a new protocol, the Electronic Product Code Generation 2 standard, designed to improve the compatibility of radio-frequency identification (RFID) equipment from different suppliers and iron out a number of other technical kinks.

The patent claim comes on the eve of a new protocol's debut. EPC Global, the organization that helped create the protocol, expects to finalize it at an Oct. 5 meeting. Now, some RFID backers fear other patent holders could come forward and demand royalties, slowing RFID's progress.

Major companies, including Albertsons, Procter & Gamble, Wal-Mart Stores and German retailer Metro, have already begun to set up RFID systems and are eagerly awaiting the release of the new protocol to advance their projects. They expect RFID, a wireless tracking technology that may someday replace bar codes, to help them reduce theft, shave labor costs and handle inventory more efficiently.

CNet news reports that when it comes to radio frequency identification tags for humans, the people have spoken. They hate it.

CNET News.com recently ran a report on companies with technologies that involve implanting RFID chips under people's skin or inside a bracelet. Advocates say the tags could help paramedics deliver medical help to people in the field, reduce prison violence or give police a way to track victims of kidnapping, a major problem in Latin America.

The issue has united people with fairly strong religious beliefs and libertarian privacy advocates.

The fear that the technology will enable governments to keep tabs on everyone was the concern raised most often. Hypothetically, law enforcement agencies or even private security companies will be able to track where you've been, with whom you associate and what you own with this technology. Imagine a semiretired senior citizen in a rented maroon blazer knowing everything about your day.

A large number of letters also asserted that human RFID tags are a demonic tool.

There is much interesting stuff, read the whole thing.

One German start-up has created an alternative to RFID that is likely to get under consumers' skin.

Ident Technologies has dreamt up Skinplex - which could be used in all the same ways as RFID and Bluetooth - but uses a different transmitter: human skin.

Like RFID, Skinplex works by reading a unique identifier remotely using an electromagnetic signal, normally between a microchip and a reader. Unlike RFID, however, Skinplex uses the skin to transmit the signal and an identifier carried on a person. The signal is transmitted when the carrier touches the receiver.

Yeah, right. So much better than RFID then.

CNET news reports that privacy advocates may not be the only people taking issue with the current crop of radio-frequency identification tags - merchants will likely have problems with a lack of security as well, a German technology consultant said Wednesday.

Low-cost RFID tags - many which are smaller than a nickel and cost less too -are already being added to packaging by retailers to keep track of inventory but could be abused by hackers and tech-savvy shoplifters, said Lukas Grunwald, a senior consultant with DN-Systems Enterprise Solutions GmbH. While the technology mostly threatens consumer privacy, the new technology could allow thieves to fool merchants by changing the identity of goods, he said.

This is a huge risk for companies. It opens a whole new area for shoplifting as well as chaos attacks.

While expensive RFID reader hardware and hard-to-use software have hindered security research in the area, Grunwald said that's no longer a hurdle. The security expert announced during the session a new software tool that he helped create that can be used to read and reprogram radio tags.

When such tools become widely available, hackers and those with less pure motives could use a handheld device and the software to mark expensive goods as cheaper items and walk out through self checkout. Underage hackers could attempt to bypass age restrictions on alcoholic drinks and adult movies, and pranksters could create confusion by randomly swapping tags, requiring that a store do manual inventory.

Grunwald's software program, RFDump, makes rewriting RFIDs easy. While there are significant malicious uses of the program, consumers could also use it to protect themselves.

Everyone should have the right, once they leave the store, to erase the RFID tags. Deleting information on the tags would allow people to stop RFID checkpoints in stores and other places from tracking which products they are carrying, or which have been inserted under their skin.

ComputerWorld reports that a U.S. law enforcing privacy rules for radio frequency identification (RFID) isn't needed because companies experimenting with the technology are committed to protecting privacy, two such corporations told a U.S. House subcommittee yesterday.

Wal-Mart Stores Inc. continues to move forward with plans for case- and pallet-level tagging of products with RFID chips. But most item-level tagging, where individual products are identified with RFID chips, is about 10 years away, Linda Dillman, executive vice president and CIO of Wal-Mart, told the House Subcommittee on Commerce, Trade and Consumer Protection.

Privacy advocates told the committee that legislation is needed to protect consumers from potential uses of RFID. Three privacy advocates testifying yesterday offered few current examples of privacy concerns caused by RFID, but as the range of RFID scanning grows beyond the current 10 to 20 feet, RFID could allow corporations and governments to track people's movements and purchases.

The War on Terror, like any war, provides the opportunity for certain technologies to be developed at an accelerated pace. The problem is that we seem to depend on the rather glib assertion that without freedom there is no prosperity. This is fine so long as government is concerned with prosperity. But how long do people have to wait in societies where an élite puts the power to rule ahead of prosperity? As George Orwell put it in Hommage to Catalonia: "We don't grasp it's [totalitarianism's] full implications, because in our mystical way we feel that a régime founded on slavery must collapse. But it is worth comparing the duration of the slave empires of antiquity with that of any modern state. Civilisations founded on slavery have lasted for such periods as four thousand years."

With this thought in mind, from Tech Central Station:

Chemical detectors may provide, by the way, the greatest advance in counter-insurgent capabilities. Biochips will make it possible for self-directed UAVS to seek out explosives, including those used in small arms, and chemical and biological agents. They will also enable the identification and tracking of thousands or even millions of individuals in a monitored area based on their "smell."

Silicon.com reports on Japanese authorities decision that tracking is best way to protect kids.

The rights and wrongs of RFID-chipping human beings have been debated since the tracking tags reached the technological mainstream. Now, school authorities in the Japanese city of Osaka have decided the benefits outweigh the disadvantages and will now be chipping children in one primary school.

The tags will be read by readers installed in school gates and other key locations to track the kids' movements.

Apparently, Denmark's Legoland introduced a similar scheme last month to stop young children going astray.

Josh McHugh in Wired has a feature on RFID chips in supermarkets. He describes his visit to the Future Store built by European retailer Metro to be the premier live testing ground for RFID tags.

Thanks to the coordinated efforts of the world's biggest retailers and manufacturers, not to mention the persistence of former lipstick marketer Kevin Ashton, these little tags are about to infiltrate the world of commerce. Depending who you ask, RFID tags constitute:

1. the best thing to happen to manufacturing since the cog.
2. the biggest threat to personal privacy since the crowbar.
3. the near-exact fulfillment of the Book of Revelation's description of the mark of the beast.

There's a compelling argument for each of these perspectives - including number three.

He explains why manufacturers and retailers alike are so eager to implement RFID technology. It is mostly about the supply chain margins.

Retailers are even keener to get their hands on the sort of information RFID tags promise to reveal. The way it works now, all the little kinks along the supply chain accumulate in the lap of retailers, which take delivery of products without knowing whether the shipments are correct until they're unpacked. The average rate for shipping screwups is 1 in 20. That's a big part of why margins in the retailing business are so thin - average net profit for supermarkets is 1 percent - and precisely the reason that Wal-Mart, Target, and Metro have given their top suppliers six to nine months to start slapping RFID tags onto crates and delivery pallets. Manufacturers want this technology, but retailers need it.

RFID will be good for the customer too. Shopping will be much easier and the information gathered about their shopping behaviour will result in a closer match between demand and supply.

There is more, especially on the argument opposing RFID that we have written about here already. It is worth reading the whole thing.

Yesterday Michael Jennings introduced me to Skype, a sort of instant messaging program that is very good at voice communications. This is part of an ongoing trend which is seeing computer networks challenge the traditional telephone networks for business.

Because rather then pay a large sum of money to make an international phone call, I'm now able to speak with Michael in London from my Australian home, for free, and with a better sound quality then I was able to do before.

So as you can imagine, it is a time of fast change in the telephone business. This has implications wider then the share prices of telephone companies.

To encourage take up of VoIP, legislation has been introduced in the US Senate, by Senator John Sununu. The VoIP Regulatory Freedom Act of 2004 is designed to exempt this technology from most state and federal regulations.

Needless to say there's been plenty of opposition to this. Much of the opposition comes from self-interested telephone companies, but the US Dept of Justice is not happy either.

The VoIP Regulatory Freedom Act of 2004, sponsored by Senator John Sununu, would exempt VoIP service from a wire-tapping regulation called the Communications Assistance for Law Enforcement Act, or CALEA, commonly used to listen in on traditional telephone calls, said Laura Parsky, deputy assistant attorney general for the DOJ's criminal division.

"I am here to underscore how very important it is that this type of telephone service not become a haven for criminals, terrorists and spies," Parsky told the Senate Commerce, Science and Transportation Committee Wednesday. "If any particular technology is singled out for special exemption from these requirements, that technology will quickly attract criminals and create a hole in law enforcement's ability to protect the public and national security."

You can read Laura Parsky's complete testimony here

What this statement is all about is that the Dept of Justice has got quite accustomed to using the wiretap to track down undesirables and is most unhappy that this legislation might prevent them from doing so in the future.

This is part of a wider trend that I suspect we will see more of, with people taking the opportunity to try out new ways of communicating with each other, and regulatory agencies scrambling to keep up. In the United States, there are US Senators who seem, like Senator Sununu, who consider privacy issues and freedom from regulation important. I fear that when the EU catches up, as it surely will, that those issues will be the least of the concerns of the people who draft the regulations.

Privacy advocates and some lawmakers are pushing a debate over potential privacy abuses from the growing use of radio frequency identification chips as huge retailers such as Wal-Mart Stores Inc. move toward large-scale use of the technology.

They see the potential for retailers and other companies to be able to track consumers long after a consumer purchases an item - for example, a tennis shoe manufacturer scanning a sporting event for the number of people wearing its product.

Those advantages are why large retailers such as Wal-Mart and Target Corp., as well as government agencies such as the U.S. Department of Defense (DOD), are embracing RFID technology as a way to improve their supply-chain efficiency. Wal-Mart, leading the way on RFID adoption, plans to phase in use of RFID, with major suppliers of its north Texas stores required to use RFID chips on pallets and cases by January 2005. The DOD plans to require suppliers to use RFID tags by early 2005.

But early experiments with RFID haven’t gone smoothly, at least in the public relations arena. In early 2003, Wal-Mart and The Procter & Gamble Co. tested the use of RFID chips on individual packages of lipstick in an Oklahoma store, and the supposedly secret test raised the hackles of privacy advocates everywhere. The RFID chips allowed Wal-Mart to track the customers as they took the lipstick off shelves.

Wal-Mart’s test of RFID chips on individual products also prompted Senator Patrick Leahy, a Vermont Democrat, to suggest that federal legislation may be necessary at some point. He criticized what he called Wal-Mart’s "clandestine" testing of RFID.

In November, a group of privacy advocates, including the American Civil Liberties Union and the Electronic Frontier Foundation (EFF), issued a position statement on the use RFID in consumer products. The statement called for retailers to give notice to consumers when RFID chips are being used, what the purpose is and to have security measures in place verified by third parties.

The statement (pdf) calls on merchants to voluntarily comply with RFID privacy measures, and asks retailers to comply with a moratorium on item-level use of RFID chips until a technology assessment involving consumers and other stakeholders can be completed. The statement asked retailers not to force consumers to buy products with RFID tags and advocated that consumers should be able to remove or disable the tags, but the statement did not advocate federal legislation.

Ari Schwartz, associate director of the Center for Democracy and Technology (CDT), one of the groups signing on to the November privacy statement.

There has to be a way to kill these chips. The question is really what it’s used for and how it’s done, rather than the technology itself. Most of the benefit out there comes on the back end, in the stock room, and most of the privacy concerns come when it leaves the stock room.

Most retail uses of RFID so far are limited to stock rooms, and with retailers and vendors open to privacy discussion, Schwartz doesn’t yet see the need for federal legislation.

From this weekend, the adoption of RFID tags in the retailing industry has become a matter of time. At a recent conference, organised by the RFID non profit standards organisation, EPCglobal, both Walmart and Tesco warned their suppliers that they expected takeup of this technology. By forcing the adoption of RFID technology through their purchasing power, RFID will soon become ubiquitous in retail, over the next two years.

Colin Cobain, UK IT director for Tesco, advised suppliers to get involved and take a considered view of the new technology. "Some manufacturers are going down the route of slap-and-ship - I urge you not to do that... If you start of slapping-and-shipping, you'll get a bad name in your organisation." He added that the question about RFID was not "whether or not it will make a huge difference in the world: the question is, will you be ready?"

Simon Langford, manager of RFID strategy for Wal-Mart and Asda, said "start engaging in RFID today... don't sit back and wait for it to happen." Wal-Mart, remember, were so enthusiastic about the technology that they issued a mandate telling their top suppliers to get the tags in their supply chain by 1 January, 2005, or else.

WalMart began their testing of RFID tags in the supply chain on Friday in the Dallas/Fort Worth area. Their links with EPCglobal are also clear:

EPCglobal is a joint venture of EAN International and the Uniform Code Council. It is the organisation chosen by industry to develop standards for RFID technology in the global supply chain based on user needs and business requirements.

As a charter member of EPCglobal, Wal-Mart fully adheres to its core principles related to privacy issues, including consumer notice, consumer education and consumer choice. Wal-Mart's Linda Dillman and HP's Dick Lampman serve on the board of directors of EPCglobal.

To follow the work of EPCglobal, the website setting standards for electronic product codes can be found here, including details of their membership and policies.

… and will soon be invisible. Anyone who bases their arguments about the dangers of camera surveillance on the primitiveness of current technology is, unlike the latest cameras, being very short sighted. Take a look, for example, at this:

It sounds like the speeder's nightmare. A speed camera accurate up to 150mph which can be concealed in road studs as small as a cat's eye indicator, and which can also - as you're passing - cast a glance at your tyres to see if they're a bit bald.

And at you, to see who you are and where you are, and what you're up to. If not yet, then very soon.

Wake up: this camera exists, and it's being trialled.

I'm awake already.

But the anti-camera lobby can rest easy for a while. The Department for Transport says that there is no way that these cameras, designed and made by a British company called Astucia, will ever be used for "enforcement" to level fines and penalty points. However, they will start being tested around the country later this year, as part of the wider efforts to encourage motorists to respect speed limits.

So, they will not (yet) do "enforcement", not "for a while". But they can already do "encourage". Sounds like enforcement will be with us very soon.

From the BBC last Friday:

Nearly 200 people have been wrongly accused by the Criminal Records Bureau of having criminal records.

The names of 193 people were mistakenly linked with convictions held on the police national computer (PNC), BBC Radio Five Live has learned.

In some cases the names of those being vetted by the bureau were similar or identical to those of actual criminals.
In others, the criminals had given someone else's personal details to the authorities to avoid a police record.

The Criminal Records Bureau, which came into operation in March 2002, does background checks on those who work with children or vulnerable people.

They made this number of mistakes (that they already know of) in the criminal record list, which is only a minority of the population. How many would they make if the list contained, or was supposed to contain, everybody?

What is scary about this kind of thing is when the information-that-isn't starts to really get around, into several different data bases at once. At that point it becomes extremely hard to eradicate. Something like a false reading on sexual perversion (which is what these background checks for working with children and vulberable people are all about) is liable to spring to life again after previously having been eradicated, supposedly. After all, you can't be too careful, can you?

The U.S. Department of Transportation's Federal Highway Administration is working with four companies to develop new radio-frequency identification technology for roadways. Officials see RFID as a way to warn drivers of, for instance, impending intersection collisions and vehicle rollovers.

Specifically, the government and vendors are investigating technology called dedicated short-range communications, which is related to RFID. The vendors are Mark IV Industries, Raytheon, Sirit, and TransCore.

A prototype system co-developed by the quartet is expected to be ready for testing in about 18 months. The Federal Communications Commission has assigned a block of high-bandwidth radio spectrum for dedicated-communications products--5.850 to 5.925 GHz.

The news just goes from bad to worse on the RFID front. Trevor Mendham quoted Tesco CEO Sir Terry Leahy as saying that RFID tracks products, not people, but American tech company Applied Digital Solutions, through it's subsidiary Verichip Corporation, has already broken through that barrier.

They have developed a RFID product that is implanted in the victim.

The VeriChip minaturized Radio Freqency Identifcation (RFID) Device is the core of all VeriChip applications. About the size of a grain of rice, each VeriChip contains a unique verification number, which can be used to access a subscriber-supplied database providing personal related information. And unlike conventional forms of identification, VeriChip cannot be lost, stolen, misplaced or counterfeited.

Once implanted just under the skin, via a quick, painless outpatient procedure (much like getting a shot), the VeriChip can be scanned when necessary with a proprietary VeriChip scanner. A small amount of Radio Freqency Energy passes from the scanner energizing the dormant VeriChip, which then emits a radio frequency signal transmitting the individuals unique verification (VeriChipID) number. The VeriChip Subscriber Number then provides instant access to the Global VeriChip Subscriber (GVS) Registry - through secure, password protected web access to subscriber-supplied information. This data is maintained by state-of-the-art GVS Registry Operations Centers located in Riverside, California and Owings, Maryland.

It's a password protected website- anyone with knowlege of the internet knows that password protected websites are not that secure; anyone that says that they can guarantee the security of such a webserver is whistling in the wind.

It's rather like that dreadful George Lucas film, The Phantom Menace, where the slaves are fitted with a tracking device. Verichip Corp. doesn't have slaves in their sights as a target market- they have a wider target market in mind.

VeriChip products are being actively developed for a variety of security, defense, homeland security and secure-access applications, such as authorized access control to government and private sector facilities, research laboratories, and sensitive transportation resources, including the area of airport security.

In these markets, VeriChip is able to function as standalone
personal verification technology or it is able to operate in conjunction with other security devices such as ID badges and advanced biometrics.

In the financial arena, VeriChip has enormous potential as a personal verification technology that could help curb identity theft and prevent fraudulent access to banking and credit card accounts.

In other words, they are after a world where everyone is fitted with these devices. Does Big Blunkett own shares in this company? At the moment, they are working with gun manufacturers. Who will be next?

Plenty of people around the world by now know of the allegations of philandering made against the English footballer David Beckham, based on claims made to the media, and also on transcripts of SMS phone messages that are said to have been sent between Beckham and one Rebecca Loos.

The ins and outs of the affair are none of our concern, but what did concern me was this explainatory article in The Advertiser:

He apparently even has offered to produce his mobile phone records to prove his innocence. It may surprise some mobile phone users that some carriers retain details of text messages.

In Australia, Telstra keeps SMS messages for up to 28 days and Optus keeps theirs for three days.

I have three questions here. First, why are telephone companies keeping records of these things at all, and second, why is there such a large difference between Telstra, the dominant company that is still half owned by the government, and Optus (which is now owned by Singtel, the phone arm of the Singaporean government.) And thirdly, why are these messages apparently so insecure?

At a recent software conference, Sun Microsystems unveiled new software initiatives in areas related to RFID, 3-D interfaces, game technology and Linux. According to the CTO of Sun, the advances are further proof that "innovation [is] Sun’s DNA." The article reviews Sun’s upcoming product offerings, noting that the company is actively looking to capitalize on hot new technology trends (e.g. a new RFID test center is on tap for May).

Also, Oracle plans to launch new RFID software offerings in an attempt to give retailers such as Wal-Mart the ability to "handle the deluge of data that RFID systems are expected to produce." According to Oracle executives, "The IT systems most companies use today are not equipped for a world in which billions of objects report their whereabouts in real-time." In addition to building in RFID data-processing capabilities in its databases and application servers, Oracle will release new device drivers in its software as well as "device driver frameworks." Other big-name IT vendors, such as IBM and Microsoft, are also actively exploring new RFID technology offerings.

Finally, Delta Air Lines Inc. starts its second test of radio frequency identification (RFID) technology to track bags today in hopes of improving accuracy over the 96.7% to 99.9% it achieved in a test last year. Delta will write information to the RFID bag tags at the request of the Transportation Security Administration, which has backed both tests, Rary said. That information will include the flight number, passenger name and what Rary called a "license plate" - a serial number that identifies each bag.

Computerworld has an opinion article by Jay Cline about the privacy scare surrounding RFID technology who explains that the RFID hype has outpaced reality. Manufacturers and retailers have yet to agree on a universal electronic product code. RFID scanning is also far from error-free. But more important, RFID signals are so weak that they're easily blocked by metals and dense liquids. It's infeasible today for someone driving a vehicle down your street to intercept signals from RFID-tagged goods inside your home.

He also argues that the economics of RFID chips also limit how they're used. Until the price of RFID chips comes down to about a penny apiece, they'll mostly be used at the case and pallet level, clear of any personally identifiable activity. So we have several years to identify the privacy controls we want to see in RFID systems. Some companies are already creating these privacy controls. Chip makers and users are discussing how the principles of data privacy could be built into the RFID process. A top priority is notifying customers that certain items are tagged with these transmitters - which could be done by placing a common RFID logo on product packages. To give customers the ability to turn off the transmitters, some companies plan to make them peel-offs. RSA Security Inc. is also developing a chip that could be worn on watches or bags to block nearby RFIDs from transmitting certain information. So the RFID privacy ball is rolling.

Glad to hear that. Nevertheless, I will still be watching the RFID development with interest...

ZDNet.com reports that computer-security software maker RSA Security has developed a new technology for protecting information emitted by radio frequency identification tags.

The RFID cloaking system is intended to guard proprietary data located on chips used to carry product information. The RSA Blocker Tag technology uses a jamming system designed to confuse RFID readers and prevent those devices from tracking data on individuals or goods outside certain boundaries.

The blocker tags work by emitting radio frequencies designed to trick RFID readers into believing that they are being presented with unwanted data, or spam, causing the information collection devices to shun the incoming transmission. RSA claims that by placing an RFID-loaded product into a parcel bearing one of the blocker tags, the system would cause RFID readers to miss any information carried by the product in the bag, thereby protecting consumers.

The company also promised that its cloaking system would not interfere with the normal operation of RFID systems or allow hackers to use security technology to bypass theft control systems or launch denial-of-service attacks.

CNetnews.com has an article about radio frequency identification that has become a hot concept, promising to streamline how businesses track and stock inventory, warning that companies may need to rethink their software infrastructures in order to make RFID work as advertised, say analysts and technology makers.

Early resistance to RFID adoption has come from civil liberties groups, which fear that the technology could lead to unprecedented surveillance of consumers. But industry watchers and technology vendors have identified a more mundane potential problem for RFID adopters. They warn that in the rush to launch RFID projects, businesses may be overlooking a crucial element necessary to allow the technology to work smoothly: Making sure back-end databases and business applications can handle the massive amounts of information generated by RFID-enabled systems. Kara Romanow, an analyst at AMR Research in Boston said:

Companies are going to have problems when they drop RFID on top of shaky infrastructures. In order to do RFID right, to see a true return, the first thing (a company) needs to do is finish a data synchronization initiative, and do it right.

Romanow believes that there are two popular scenarios among businesses working to develop RFID capabilities today: those doing just enough to keep demanding companies like Wal-Mart as a customer, and those with real long-term vision. According to the analyst, the first group will garner few returns other than short-term bragging rights to getting RFID up and running, while the second group will see true return on investment down the road.

Infoworld's Ephraim Schwartz paints a picture:

Picture this: You're sitting in the food court at your favorite mall with the family, munching on greasy kung pao chicken from Panda Express, followed by a warm, sweet Cinnabon, when a cordon of mall police surround your table, guns drawn, screaming at you to "Drop the bun and put your hands up!"

Reluctant as you are to give it up, you comply.

What went wrong? Your wife is wondering if you've been leading a secret life, but it’s nothing so exotic. Rather, the clerk at the Gap forgot to deactivate the RFID (radio frequency identification) tag in the sweater you just bought. When you passed an RFID reader, connected to the Wi-Fi enabled network, it sent a message to the security desk, and as you passed each RFID reader along the way, they tracked you down in the food court.

There is no doubt that RFID tags will be sewn into the lining of every item of clothing manufactured. Current RFID prices are about 16 cents each on orders of 10 million tags, with the price expected to reach a nickel a tag in a year or two.

By using RFID in clothing, not only will companies be able to discourage shoplifting, they'll also be able to spot other frauds, such as counterfeit brand names or buyers who purchase an item at a discount outlet and then try to return it for the retail price at a regular store. Warranties can now also be easily tracked to date of purchase.

With those benefits to the supply chain, the question is, will the store really want to turn off the tag after the item is purchased, and how can you, as a consumer, tell? "What if you have some strange hobbies you'd like kept private?" Etterman asks.

It is certainly a small step from deploying RFID tags, which have a reach of only about three feet, to putting the readers in public places that already have hot spots. The combination is potent. Suddenly, the information in the tag can be transmitted over the Wi-Fi network and associated with all kinds of other data by all kinds of organizations, such as insurance companies. Or, you may be on the Most Wanted list at your local public library. Why shouldn't they have a piece of you, too?

While these scenarios are not possible today, there is no technological barrier preventing them from becoming reality. Who can really say what's next?

The General Accounting Office warned today that the Transportation Security Administration's high-tech system to screen airline passengers for terrorist connections faces significant testing and deployment delays, which could affect the program's ultimate success.
According to a report by the GAO, the TSA has not only fallen behind in testing the new Computer-Assisted Passenger PreScreening System (CAPPS II), but also has yet to fully identify all of the functions it would like the system to perform. In addition, the TSA has not yet completed work on at least seven key technical challenges that could stand in the way of the system's final deployment.

These issues, if not resolved, pose major risks to the successful deployment and implementation of CAPPS II.

There are other significant issues facing U.S. airport security, according to a former top Israeli airport security official and the director of security at Virgin Atlantic Airlines. According to these officials, who spoke Tuesday during an online Terror and Technology conference sponsored by IDPartners LLC, the U.S. runs a major risk by focusing too much on information technology and other high-tech solutions to uncover terrorist plots against airports and airlines.

Rafi Ron, president of New Age Security Solutions and the former head of security at Ben Gurion Airport in Tel Aviv explains that the terrorist threat against airlines is a relatively new experience in the U.S.

There is a tendency to solve problems through the use of technological means. Focusing on technology sometimes makes you lose your overall perspective. That can lead to unbalanced planning, unbalanced investment and misuse of funds.

Rather than rely on IT systems for the bulk of security monitoring, Ron said airport authorities should use personnel training programs in behavior pattern recognition, which has been highly successful in Israel.

Behavior analysis can fill the gap of a purely technological approach. Technology is not yet good enough to provide us with a 100% solution.

Says Dave Barry of this apprehended spamster: "Let's see how large his penis is." Ho ho. And I know the feeling. I'm sure we all do.

A man alleged to be one of the world's most notorious spammers was arrested yesterday in North Carolina, accused by Virginia prosecutors of falsifying the origin of e-mails that pitched low-priced "penny" stocks and home-mortgage schemes.

Jeremy Jaynes, also known as Gaven Stubberfield, of Raleigh, was charged with four felony counts as prosecutors seek to increase the heat -- by bringing criminal penalties -- on spammers for deceptive e-mail marketing.

The case marks the first time Virginia's criminal provisions for spam have been invoked.

This anti-spamming activity has to be watched, I say, precisely because so many people are crying out for it, flaming torches in hand. What if they make a law which ends up making my Brian's Fridays list illegal? This is the one that gets you invited to my last Friday of the month soirées. You know, just to make sure they get all the bad people. There are lots of complaints doing the rounds already that what Europe is doing about spam now is not enough.

They wouldn't do that! Of course not. Ah but they might. More realistically, what they might do is make Brian's Fridays list a bit illegal (like, I have to "register" it or something), and then they do me for not registering it when I say something truly hurtful about them, on a completely different subject. Or, I get scared that this might happen and refrain from my criticising. And other potential nuisance makiers do the same.

Those wacky guys at b3ta.com, or one of their many photoshopping friends, did a paranoid, Robocopish rethink of how speed cameras might soon be operating. The pictures may still be there (left hand side - scroll down) but will soon be gone if they aren't gone already. It's that kind of site.

If you can't find anything speed camera related, I've stuck the pictures up on my Culture Blog, so that White Rosers can give the matter some more prolonged thought. (I don't think I'm allowed to stick up pictures here, which is probably a good thing.)

Over at the Adam Smith Institute Blog, Mark Griffin says they're about to legalise spam, by defining it, incompetently. That means whatever dodges its way around the definition ain't spam, right? So by trying to stop it they are going to allow it.

Patrick Crozier's Transport Blog is steadily becoming a blog to be reckoned with. And yesterday and today, Patrick posted two White Rose Relevant bits, on the new law against mobile phones in cars, and (this presumably being kit that will also help to enforce the new phone law) surveillance cameras for spying on speeding motorists.

On mobiles in cars, Patrick agrees with David Carr. Bad new law. On the cameras? Well, his piece is entitled: "It's not the speed cameras that are to blame - it's the law".

More on vote (mis?)counting machines, from Paul Krugman in today's New York Times. As always with the NYT, hurry.

Opening paragraphs:

Inviting Bush supporters to a fund-raiser, the host wrote, "I am committed to helping Ohio deliver its electoral votes to the president next year." No surprise there. But Walden O'Dell – who says that he wasn't talking about his business operations – happens to be the chief executive of Diebold Inc., whose touch-screen voting machines are in increasingly widespread use across the United States.

For example, Georgia – where Republicans scored spectacular upset victories in the 2002 midterm elections – relies exclusively on Diebold machines. To be clear, though there were many anomalies in that 2002 vote, there is no evidence that the machines miscounted. But there is also no evidence that the machines counted correctly. You see, Diebold machines leave no paper trail.

Representative Rush Holt of New Jersey, who has introduced a bill requiring that digital voting machines leave a paper trail and that their software be available for public inspection, is occasionally told that systems lacking these safeguards haven't caused problems. "How do you know?" he asks.

What we do know about Diebold does not inspire confidence. The details are technical, but they add up to a picture of a company that was, at the very least, extremely sloppy about security, and may have been trying to cover up product defects.

I think if people are seriously about democracy, they should keep it all on paper. That way, onlookers and overseers can see fair play, and with luck they can spot at least some of the unfair play. Put your vote in a computer system, and who the hell knows where it ends up?

Things are getting fraught on the speed camera front.

There's a long article in today's New York Times about Diebold, the voting machine company, and their struggle to prevent internal emails about security weaknesses in their software getting around on the Internet. They're arguing intellectual property. Their opponents argue "fair use". First three paragraphs:

Forbidden files are circulating on the Internet and threats of lawsuits are in the air. Music trading? No, it is the growing controversy over one company’s electronic voting systems, and the issues being raised, some legal scholars say, are as fundamental as the sanctity of elections and the right to free speech.

Diebold Election Systems, which makes voting machines, is waging legal war against grass-roots advocates, including dozens of college students, who are posting on the Internet copies of the company’s internal communications about its electronic voting machines.

The students say that, by trying to spread the word about problems with the company’s software, they are performing a valuable form of electronic civil disobedience, one that has broad implications for American society. They also contend that they are protected by fair use exceptions in copyright law.

Hurry if you want to read all of it. NYT stuff seems to go behind a payment wall quite soon. They take their property seriously too, I guess. (By the way, is this NYT policy recent, or is it just me having only recently noticed it?)

I did a posting yesterday on Transport Blog about how they're now using lie detection software to monitor phone conversations from insurance claimants, to flag up potential liars, and then "give them the opportunity to change their story". The result is a fall in insurance claims, and hence, presumably, potential cheaper car insurance.

I have a the overwhelming feeling that this procedure will bring bad news as well as good, in a White Rose Relevant way, when governments start using stuff like this for instance, as I dare say many have. But what form will this bad news take? I can't think of any obvious badnesses, but I feel sure there are some. Comments please.

One suggestion. The insurance companies mentioned in this story are all saying at the start of their conversations that "this call is being monitored", although I don't believe they say straight out that this means a lie detection machine. Clearly others will not be so scrupulous, and will simply monitor all conversations and flag up what the machines says are lies, all the time. What are the White Rose Relevant implications of that?

On the face of it, I think I have the right to buy a machine that helps me decide whether I trust someone at the far end of a phone line. I could simply say "Is this a junk phone call?" every time I suspect it is, and if they say no but my machine goes "ping", then down goes the phone. At present the danger is that with our own more fallible bullshit detection software that we all have in our brains, we do this to "real" phone callers who are merely a bit clumsy in identifying themselves, or whom we are a bit clumsy in identifying.

Presumably what makes this so much more usable now is that the kit has got a lot cheaper, and it supplies answers straight away, while the conversation is still going on.

Techo-food for thought here, I think.

Internet.com reports that UK retailer Marks and Spencer (M&S) is to begin trials of RFID tagging at item level.

Clothes in M&S stores will be tagged with RFID chips. These each contain a unique ID and can be read by a nearby scanner without the consumer being aware of it. Thus your underwear might be broadcasting your location.

To be fair to M&S they did show an unusual degree of social responsibility concerning these trials. They consulted with CASPIAN and as a result the tags will be obvious and will not be scanned at checkouts.

Welcome as these factors are, this trial is still another step on the dangerous road towards making RFID ubiquitous. Not all companies will share M&S's ethical stance, therefore RFID tagging at item level must be opposed outright.

Cross-posted from The Chestnut Tree Cafe. Thanks to shanti941 for the pointer.

John Walker thinks that big brother and big media can put the Internet genie back in the bottle.

Earlier I believed there was no way to put the Internet genie back into the bottle. In this document I will provide a road map of precisely how I believe that could be done, potentially setting the stage for an authoritarian political and intellectual dark age global in scope and self-perpetuating, a disempowerment of the individual which extinguishes the very innovation and diversity of thought which have brought down so many tyrannies in the past.

This is a massive document that is highly technical in some places, but is well worth slogging your way through. (And I always did wonder why IPv6 flopped.)

(Hat-tip to Joe Katzman)