Loss of Privacy

Speaking a CeBIT, Professor August Wilhelm Scheer made the astonishing claim that one in four Germans would be happy to have an implanted RFID chip in their skin if it meant more convenience for them, particularly waiting times at the grocery store.

As well as foretelling the imminent demise of the CD and DVD, Professor Scheer said that implanting chips into humans was going to become commonplace. “The speed of the development is not going to be reduced this decade,” he told an audience of tech execs and politicians including German Chancellor Angela Merkel. “Some developments can already be seen. CDs and DVDs are going to disappear as material sources of information. Wallpaper will be replaced by flat screens and many of us will have chips implanted beneath our skin by the end of next decade.

Rather than being based on pure speculation, Scheer said that his organistion BITKOM had actually conducted research which had shown that a quarter of Germans would be happy to have a chip implanted if it meant they could access services more easily.

“We just carried out a survey and one out of four people are happy to have a chip planted under their skin for very trivial uses for example to pass gates more quickly at a discotheque for example and to be able to pay for things more quickly in the supermarket,” said Scheer. “The wilingness of the population to accept our technology is certainly given.”

The results of that survey are on their website [pdf] . If you look closer at Mr. Scheer’s statistics, 72% do not want an RFID implant.

Stats are hard to figure out, especially when it’s been reported that 1 in 7 Germans want the Berlin Wall back because the country was better off when it was split.

The New Hampshire State House of Representatives have passed, for the third time in four years, an RFID privacy bill that will restrict the use of RFID in driver’s licenses. It has now been sent to the state senate again for a vote.

VeriChip, the corporation known for human-implantable RFID microchips, bought Steel Vault back in September. Steel Vault is a company that specializes in identity theft protection, credit monitoring, and credit reports. Together, they will become PositiveID.

The formation of PositiveID represents the convergence of a pioneer in personal health records, VeriChip, with a leader in the identity security space, Steel Vault, focused on access and security of a consumer’s critical data. The companies believe that joining personal health records and identity security solutions provides a solid foundation for organic growth and a strong, flexible platform for future offers.

Commenting on the transaction, Mr. Silverman stated, “We believe the acquisition of Steel Vault will provide a powerful platform to differentiate ourselves among both the consumer and medical community. PositiveID will be the first company of its kind to combine a successful identity security business with one of the world’s first personal health records through our Health Link business. PositiveID will address some of the most important issues affecting our society today with our identification tools and technologies for consumers and businesses.”

Combining medical records on the same chip as your credit score is quite scary. One would assume that there would be blocks put into place so that your financial details stay out of the hands of the medical world and vice versa, however, the link between the two is evident and PositiveID has not stated how the chips will be secured.

Your entire life should not be stored on an RFID chip. While some argue that making your health information readily accessible to medical personnel, there is no need to combine it with your financial information.

Continued Silverman, “VeriChip will be able to market its personal health record offerings to the rapidly growing customers of Steel Vault, while Steel Vault should be able to further expand its customer base by offering a unique suite of both security and healthcare offerings. As we focus on securing consumers’ financial information and addressing the critical need for secure, online personal health records, we believe we are well positioned to benefit from federal stimulus funding. We will keep patients involved in their health care as medical records migrate to the Internet.”

Personally, I do not want my health information all over the Internet. Yes, that includes the “what if it could save your life” scenarios that people keep throwing out as a positive reason to have such a system. These systems have been proven time and again that they cannot be 100% secured. If my data is at risk, then keep it on paper. I’ve traveled around the world and never had a problem. The likelihood that I would need my medical data on the Internet is slim at best.

Identity theft is the number one crime in the United States and as many as 10 million people are victims each year. Additionally, medical errors contribute to countless deaths each year due to a lack of or incorrect patient information. PositiveID will address the significant market need to monitor critical data on an ongoing basis to protect consumers and ensure data integrity and safety.

PositiveID says they will address the significant need for this monitoring, yet they don’t detail how they will do it. Stating that they will monitor it on an ongoing basis is impossible. If you force every citizen in America to have their data online, you cannot simply monitor it constantly. Breaches will occur. Jackasses will monitor the data. People with something to gain will sell the data. It’s a nightmare just waiting to happen, yet we are willing to sit back and say, “Sure, make my data less secure.”

Right now, my medical information lies in two places. One is in my old pediatrician’s office basement. I know this because I needed a copy of something and it took several weeks (I was not in a hurry) because they were in a locked room in the basement of the office. The other is in my doctor’s office. Everything is a paper copy. You physically have to search to find my information. If this information is placed online, you can find out my details and change it remotely.

What happens if I am old and forgetful and someone hacks into the system and changes my medicine or dosages? What happens if that break in is by someone who works in my doctor’s office and is authorized to change my medical data. Is the constantly monitored system going to pick this up? There are simply not enough people to watch the ever changing data in people’s files to be able to catch slip ups.

Computers can only output data that you’ve put in. It is not capable of the subtle changes a human would pick up. That is why we need to be vigilant in jumping into situations that haven’t been researched or thought out. In this case, the human is worth more than the stock’s bottom line and we should remember this before we so readily put so much of our personal, private information into the public’s hands.

Pigs are smart.  They can find hidden food using mirrors and appear to have some complex cognitive abilities.  Now, they’ve even figured out how to beat RFID tags to get more food.

The United Nations currently coordinates international postal services through the Universal Postal Union, but it feels that the speed of deliveries could be increased with the use of RFID.

Unlike private delivery services such as FedEx, regular postal delivery is not operated by a single organization. Consumers buy stamps in one country that have to get a piece of mail into another country and through the domestic mail system there to a particular destination. The UPU sets quality-of-service rules for how long that should take, as well as standard origination and termination fees for countries to settle the cost of getting the mail where it’s going.

So far, the UPU has monitored letter delivery by sending special test letters. Independent analysts record the departure and arrival of these test letters, but at the gateway offices where letters leave and enter countries, postal workers themselves record the time. That leaves the process open to manipulation, said Akio Mayiji, quality of service coordinator at the UPU.

The RFID system instead will use tags hidden inside envelopes, which will be read automatically as they pass through RFID portals at the international gateway offices. Reva Systems’ TAP (Tag Acquisition Processor) servers will collect the letters’ unique tracking numbers and pass them on to be correlated into delivery reports. The UPU wants countries to pay each other based on the quality of service their letters receive, and more detailed measurement will help it do so, Miyaji said.

RFID is already used to monitor mail in some developed countries, but the systems they have deployed use “semi-active” tags that cost US$20 each. A relatively new global standard for RFID, called Gen2, allowed the UPU to introduce passive-tag systems that cost far less: Each tag only costs about US$0.30, and the UPU considers them disposable. The lower cost should make RFID accessible to all of the UPU’s 191 member countries. The scope of quality testing can also be expanded, so tens of thousands of test letters are moving through the system at any time.

21 countries will be testing the new tags, including India, South Korea, Switzerland and Togo.  Countries with the older RFID tags will also be participating.  These include Mexico, Norway, and Saudi Arabia.