dcseain: Cast shot of me playing my violin in role of minstrel in the Two Gentlemen of Verona (Default)
dcseain ([personal profile] dcseain) wrote2006-08-24 12:49 pm
  • Add Memory
  • Share This Entry

Just a Grain of Rice

VeriChip Wants To Test Human Implantable RFID On [US] Military. This information week article indicates that at least one company thinks we should treat military members like pets. I think this is a double plus ungood. What think you?

Thanks to lina.d for pointing this article out to me.
Flat | Top-Level Comments Only

[identity profile] dcseain.livejournal.com 2006-08-24 08:52 pm (UTC)(link)
Actually, you hit the diabolical on the head their, my friend. The tech is in fact there already, i.e. multi-wavelenght RFID readers, just a matter of how secure the backend data is. Mind you, my fears there are arguably irrelevant, now that i think about it a bit.

I use EZPass (https://smart-tag.com/index.cfm?flash=yes), an RFID device mounted on my windscreen that lets me bop though the main toll plaza on my local toll road at speed, and the exit plazas at 30-35 MPH. Going through the gate dings my account for the 75- or 50-cent toll respectively, and when the total balance on my EZPass dips below $10, they charge another $35 to one of my credit cards, which they have on file.

Since i'm willing to trust the tech with my name, addres, credit card numbers, expiry for the cards, VIN, and license plate, really why not trust it with my medical history. Hmmm.

[identity profile] dr-tectonic.livejournal.com 2006-08-24 09:19 pm (UTC)(link)
Well, even further: it's not like you need RFID -- or even computers -- to acquire illicit copies of medical records. Or to track someone's movements. Or to identify someone.

I think the biggest danger is that if there are large caches of RFID data lying around, someone might be tempted to do dubious kinds of datamining that they wouldn't if they had to go to the effort of collecting the data in the first place. But the technology as described in the article doesn't particularly lend itself to that.

The idea of somebody with a scanner walking down a row of people and reading records from their bicep seems like it ought to be nefarious, but I haven't been able to think how. You could just as easily collect the data from a computer system or a filing cabinet. Etc.

A part of me wants to find the idea alarming, but I think it's more that I find the military itself alarming, not its technologies.

[identity profile] selki.livejournal.com 2006-08-24 10:24 pm (UTC)(link)
The idea of somebody with a scanner walking down a row of people and reading records from their bicep seems like it ought to be nefarious, but I haven't been able to think how. You could just as easily collect the data from a computer system or a filing cabinet.

There is at least one employer in the US who RFIDs its workers (this hit the news last winter). Ostensibly for secure access to areas as I recall, but one could also use it to monitor bathroom break length, etc. Perhaps not hugely different from badge tracking in that respect, but it's one step closer to enabling total surveillance.

[identity profile] dr-tectonic.livejournal.com 2006-08-24 11:17 pm (UTC)(link)
Definitely a worry. But my impression is that implanted chips have a tiny, tiny range. this website (http://www.bsava.com/resources/microchipadvice/implantationsites/) gives veterinarians (heh - can't just say 'vets' in this discussion!) advice on how to scan animals for ID chips, and they talk about holding the scanner actually touching the fur, and making sure not to do it on top of a stainless steel table. So it seems ill-suited for figuring out where people are.

I guess my thought is that the employer who would use RFID tags in badges to track bathroom breaks is the same employer that would have the person whose desk is near the bathroom take notes without RFID. Like any technology, it can be abused, but it doesn't seem geared towards abuse -- at least in its current form. It could always change.

[identity profile] selki.livejournal.com 2006-08-25 12:18 am (UTC)(link)
my impression is that implanted chips have a tiny, tiny range

I'm not sure about the implanted ones, but I know some RFID tags have been read at 30 feet (probably detailed in RISKS digest or on Bruce Schneier's blog at some point), despite claims by the manufacturers that their range was less than a foot.

[identity profile] dr-tectonic.livejournal.com 2006-08-25 12:55 am (UTC)(link)
I wish we had those ones at work! (We've got them in our employee IDs for entering the building, and I have bonked my knee on a couple occasions doing the badge-reader door-unlocking dance.)

I think the conclusion I'm coming to is that medical-record implant chips aren't, in and of themselves, a terribly worrying idea. But they're related to things that can be worrying, so if someone (especially the military) is considering using them, privacy concerns need to be clearly respected and boundaries established early. And I don't think I can tell from the article in question whether that's the case or not.

[identity profile] dcseain.livejournal.com 2006-08-25 01:14 am (UTC)(link)
I miss card readers. My current employer uses cypher locks.

I also have reached the conclusion you state. I definitely do not think this tech is inherently a bad thing. I do think that if it's not very well implemented, that it could cause problems, but that's realyl a data security issue. Seeing as i've gotten 2 new debit cards from my bank due to the Visa/MC DB breaches last year, data security uber alles, as well as appropriate, and respeceted, limits and boundaries on the use of the tech and data.
Flat | Top-Level Comments Only