Skip to content

Implantable RFID Chips, Privacy, and Effort

Who has the time or who can afford the effort required to manage the privacy issues under attack today?

A company in Ohio (Agent Technologies, see domain note below) is implanting RFID chips into the arms of employees, to see if the technology provides a good security solution for controlled-access areas. Ohio has introduced a law to make it illegal to require employees to be chipped. Wisconsin says you can’t chip people without their consent… isn’t it sad we need a law to say that? And it’s a state law, so don’t you wonder what it means when YOUR state doesn’t have that law, too? Rest easy when you go to bed tonight… unless you don’t live in Wisconsin, North Dakota (PDF), or California. Creepy.

The Ohio employees volunteered, so they would not be covered by the law anyway. Anyone who understands the concepts of harassment and constructive termination can see the headaches in the future with this stuff going on. And why RFID? What happened to biometrics, the last savior of the security industry, which promised to use faulty enrollment methods to almost guarantee a useless, but expensive invasion of privacy? Have we given up on that already, or have we just decided to install shoulder-height cameras at every teller window at the bank and collect iris data covertly without asking anyone’s permission?

A geek just demonstrated (again?) that he can easily clone an RFID chip… which ostensibly means he can access those “secure” areas the Ohio company is relying on RFID chips to protect. Since RFID chips can be read from a distance, I guess all a cloner needs to do is read the airspace in the traffic jam outside the offices, clone the RFID chips he discovers, and suck on one of the grain of rice sized RFID clones as he waltzes through the controlled-access areas. Ever wonder how those windshield washing homeless guys at the intersection can afford Air Jordan’s with the few bucks they get from scared drivers? I bet an RFID wand is just about the side of a squeegee handle… I’m just thinkin’, that’s all.

What a waste of time this all is, and challenge to our common sense. Who has time to fight the new laws that enable trade on our privacy, and support whatever efforts are truly designed to protect us (if there are any of those)? The EFF can’t do it all, can they? And if they don’t, what are we doing, letting the universe settle wherever it will via some theory of entropy or something? Clearly, this can’t be good.
Domain Note: The Ohio company is , but it seems they eiher allowed their domain to expire or decided against renewingit, because it’s owned by a domainer in the Cayman Islands right now. Tsk tsk…