Being able to disable RFIDs isn't enough


Many people, trying to address concerns about the privacy implications of RFID tags have indicated that it can just become the norm, or even a requirement, to "burn" out the RFID tags in purchased products as they are sold.

I'll get to why that doesn't work in a moment, but first some background. RFID tags are cheap passive radio devices planned to go into most consumer products, replacing the bar-code. A reader can, within certain range of the tags, read the serial numbers of all tags in the area. Every tag has a unique number, so it makes a great bar-code for inventory control.

Soon your body will be covered with RFID tags everywhere you go. In your clothes, boots, watch, wallet, glasses, ID-badges, credit-cards etc. Scanners may show up everywhere. This provides the potential to put them on city streets, doorways, airports, train stations and so on, and, once you have scanned a person once, to track everybody's movements everywhere. Pretty 1984.

Here's the rub. We're going to want some of these tags. Not just to return products to the store. Today the readers are expensive, but soon they will be cheap, and we'll want to have something we can use to find our keys, wallet, glasses, watch or other losables. To let us know what's in our closets, on our bookshelves. We'll love it. So we won't burn out the IDs.

The only answer I have thought of (I don't think Rivest's jammer will work) is more expensive RFIDs that can be modified instead of burned out, so that they will no longer respond to any scanner, just to our personal one. So they work for us, not for others.

Even with this the IDs in credit cards, access cards and such will need to work in more scanners. How will we turn them off?

Add new comment