May 31, 2007

Future Flop: HP's New Shopping Assistant

hp-shopping-assistant.jpg

In its latest much-ado-about-nothing press release, HP has unveiled an in-store kiosk designed to keep track of your purchase history and offer you coupons. *Yawn*

People don't want this in their stores. I don't see how they can continue to develop this "new idea" year after year after year.

When you go shopping you just want to find what you want and get out, not play with the latest in-store technology. If it's playing with technology you want, you'll go home and connect your brain to a video game, not peer intently into a coupon kiosk or interact with a klunky laptop strapped to your grocery cart. These systems will never take off. Not because they are invasive, but because they're a pain.

That's why the industry wants the automatic data capture capacity of RFID readers in entrances and spychips in loyalty cards. That's the only way they can be sure of getting people's data when their other schemes fail.

Of course, all of this watching will be good for stores and bad for consumers, as John Vanderlippe and I have been saying for years. (See our NoCards.org website) The article below about the "new" HP retail assistant says it pretty plainly, too:

"The system offers retail marketers granular control over the number of items that they can sell, and allows them to provide discounts to their most loyal and profitable customers."

Of course, offering discounts to selected, profitable customers who can afford to drop large sums at the store means no longer offering them to the customers who actually need them.

"A supermarket, for instance, could offer a discount on a steak to a customer who tends to buy expensive wine, rather than a low-income family that uses the lower prices to stock up."

I rest my case.

-Katherine Albrecht

Click "more" below to read the entire story here, or find it online here:
http://www.toptechnews.com/story.xhtml?story_id=133008V1YHDT

HP Unveils Personal Shopping Assistant
By Tom Sanders
May 30, 2007 10:43AM

HP's Retail Store Assistant allows retailers to push excess inventory by offering personalized rebate deals, and to prevent an item running out by discontinuing a promotion or even by discounting alternative products. The system offers retail marketers granular control over the number of items that they can sell.

HP Labs has unveiled a Retail Store Assistant kiosk that provides customers with a personalized shopping experience while allowing retailers to better target marketing campaigns.
The kiosk is placed inside retail stores, and customers log in with their loyalty card to access personalized offers, a shopping list and information such as instruction videos or recipes.

The system also prints out shopping lists and personalized discounts and indicates their location inside the store.

Retail Store Assistant allows retailers to push excess inventory by offering personalized rebate deals, and to prevent an item running out by discontinuing a promotion or even by discounting alternative products.

The system offers retail marketers granular control over the number of items that they can sell, and allows them to provide discounts to their most loyal and profitable customers.

A supermarket, for instance, could offer a discount on a steak to a customer who tends to buy expensive wine, rather than a low-income family that uses the lower prices to stock up.

The kiosk is a research project for now, but HP is talking to retailers about live testing. The first kiosks could show up in retail stores in about two years.

Retail marketing currently relies on printed brochures and mass media marketing campaigns.

Mohamed Dekhil, manager of retail applications at HP Labs, described the Retail Shopping Assistant's granularity as a bricks-and-mortar version of Google's AdSense online advertising program.

The in-store kiosks also offer HP a way to differentiate its products in an age in which PC and server makers compete solely on price, according to Dekhil.

"If you go to a retailer and tell them that you have the biggest and fastest server in the world it is not really exciting for them," he said at a meeting with reporters at HP Labs in Palo Alto, California.

"The question is what can it do for the retailer? How is it going to enhance the loyalty of its customers?"

HP also envisions itself as a trusted third party between store operators and the makers of brand name products. As a retailer's brands often compete with brand name products, the two are often reluctant to share sales information.

The kiosks are just part of what HP sees as a future shopping experience spanning Web sites and mobile devices.

A store could also opt for a model equipped with a camera, allowing shoppers to scan an article and talk to a specialized salesperson who can answer questions and offer tips on how to use the item.

This is important because the average staff turnover rate for retail stores can reach six months for entry-level employees and 18 months for managers. This makes specialized knowledge about products a rare and expensive commodity.

Posted by Katherine Albrecht at 8:10 AM | Comments (0)

April 30, 2007

EAS/RFID: Don't do it!

This is the text of a letter that went out to 15,000 newsletter subscribers on April 30, 2007.

If you've read Spychips, you know that our worst consumer privacy nightmare is for those little anti-theft tags (known in the industry as "EAS" tags) to someday be combined with individually trackable RFID chips and slipped into consumer products. (See Spychips Chp 4: "The Spy in Your Shoe" for details.)

Well, those tags are now here.

An article in Friday's RFID Journal (posted below), reveals that Checkpoint Systems has actually developed a product tag that combines anti-theft and RFID tracking capabilities. The tags will debut this week at the RFID Journal Live! Conference in Orlando, Florida. What's more, Sensormatic, Checkpoint's only serious competitor, is running a whole conference session to describe the benefits of using this combined tracking technology.

This is beyond a doubt the #1 most important -- and dangerous -- development in the consumer privacy arena today. It means consumers may soon be buying, wearing, and carrying products tagged with RFID at the item level, because Checkpoint and Sensormatic specialize in hiding anti-theft tags deep inside of products, then distributing those products to nearly a million retail locations worldwide.

Now they want to do the same thing with RFID spychips. If they are not stopped, Checkpoint and Sensormatic will soon be hiding these dual-use tracking devices in your belongings, where they will be able to silently and secretly transmit information about you to marketers, criminals, and Big Brother.

This will be a consumer privacy nightmare -- and no one will even know it's happening. That's because industry lobbyists have prevented RFID labeling legislation from passing anywhere in the nation. There is no requirement that retailers or manufacturers tell us when they're hiding RFID tags in our clothes, shoes, books, or anything else.

Our only protection against this threat is the strength of our voices -- and the power of our protests.

Below is a list of relevant companies attending the RFID Journal Live conference in Orlando this week. They will all be hearing from Sensormatic and Checkpoint what a good idea it would be to start hiding RFID tags in the individual items you buy. Please look over the list, and if you see a company you buy from, tell them politely but firmly that if you catch them using RFID at the item level you will not only boycott their company, but you will tell everyone you know to boycott them, too.

Companies attending the RFID Journal Live! Conference:

Academy Sports & Outdoors, Albertsons, The ALDO Group, Anheuser-Busch, Best Buy, Blockbuster, Blommer Chocolate, Brass Eagle, CDW Corp., Dreyer's Grand Ice Cream, Electrolux, Energizer Battery, Fuji Photo Film USA, The Gap, General Mills, Gillette Company, Hampton Products, Hasbro, Hershey Foods, Hewlett Packard (HP), Hunter Fan, Hy-Vee, Inc., Jockey International, Johnson & Johnson, Johnsonville Sausage, Kellogg Co., Kimberly-Clark, Limited Brands, L'Oreal USA, Loblaws, Louisville Bedding, Lowe's Companies, Luxottica Retail, Maidenform Worldwide , Mars, Marubeni America, Masterfoods USA, McIlhenny Co., Meyer Corp., Nestle USA, Newell Rubbermaid, OfficeMax, Pacific Cycle, Payless Shoe Source, Pharmavite, Procter & Gamble, S. C. Johnson, SAKS Inc., Sara Lee Foods, Schick, Scott Paper Limited, Sears, Sears Canada, Sherwin-Williams, Storekraft, Stride Rite Corp., Tanimura & Antle, Target Corp., The Valvoline Co., Unilever, Wal-Mart, Walgreens, Wm Wrigley Jr Co, Wegmans

[To learn more about the conference, and to see a video on it, see: http://www.rfidjournalevents.com/live/ ]

Write to as many of these companies as you can, and cc: us on your emails. Let them know how strongly you oppose RFID spychips. When you're done writing an email, call their customer service lines for good measure. Send a fax, write snail mail, send a singing telegram. But whatever you do, don't take this lying down. We're counting on you to put a stop to this.

And because they just don't seem to get it, here's a special message for our friends in retail and consumer product manufacturing who may think now is a good time to start spychipping products.

I strongly suggest you reconsider.

Item-level RFID tagging of consumer products is simply unacceptable. It was not acceptable in 2003 when we launched boycotts against Benetton and GIllette for running trials, nor when we exposed the Auto-ID Center's confidential (and very incriminating) PR plans. It was not acceptable when we sued the nation's largest conference center for interfering with our right to protest the launch of the EPC network. It was not acceptable in 2004 when we outed Metro's spychip-laced loyalty card and sparked outrage across Germany. It was not acceptable in 2005 when we launched a boycott against Tesco, Britain's largest retail chain, live on BBC television.

Item-level tagging was not acceptable when we outed the entire industry (including IBM's "person tracking unit" ) in our award-winning book, Spychips, which hit the top ten Amazon nonfiction bestseller list and galvanized readers worldwide. It was not acceptable when we disclosed a tagging trial by Levi Strauss and generated an avalanche of angry letters. It was not acceptable when we demonstrated outside of Wal-Mart stores in two states. Nor was it acceptable when we shamed American Eagle Outfitters and American Express into publicly backing away from their privacy-invading RFID customer tracking plans.

We've done over 2,000 television, print, and radio interviews in virtually every media outlet in the world, and in every one we've clearly said the same thing: Item-level RFID tagging is not acceptable.

It's hard to be any clearer, but in the event there is anyone in the industry who still doesn't get it, here is a promise. If any company purchases dual EAS/RFID technology from Checkpoint Systems or Sensormatic and places even one EAS/RFID tag on a single consumer item, I will personally wage a worldwide campaign to expose and oppose you. Hidden or not, we will find you out and hold you up to public scrutiny.

We trust you will do the right thing.

Meanwhile, may God bless and guide you all, and hold us all in His wisdom, compassion and love.

In freedom,
Katherine Albrecht, Ed.D

============================================================
Dr. Katherine Albrecht
Founder and Director, CASPIAN Consumer Privacy
kma@spychips.com

Co-author (with Liz McIntyre) of "SPYCHIPS: How Major Corporations and Government
Plan to Track Your Every Move with RFID"

http://www.spychips.com // http://www.nocards.org
Bio online at: http://www.spychips.com/media/katherine-albrecht.html
============================================================


Checkpoint Combines EAS Tags With RFID
The labels contain both a Checkpoint 8.2 MHz RF antitheft inlay and an EPC Gen 2 UHF RFID tag.
By Mary Catherine O'Connor, RFID Journal, April 27, 2007
http://www.rfidjournal.com/article/articleview/3280/

April 27, 2007—Checkpoint Systems unveiled today the Evolve product family of labels, which marries RFID technology with Checkpoint's electronic article surveillance (EAS) technology. Checkpoint developed the dual-purpose labels to offer its retail customers a means of leveraging RFID tools for in-store inventory visibility while continuing to use the EAS tags as a theft deterrent—without having to apply two separate tags to their products.

The Evolve labels contain a Checkpoint 8.2 MHz radio frequency (RF) EAS inlay, which does not contain a microprocessor or carry a unique ID. The inlay is designed to trigger an alarm if passed through an EAS reader stationed around store exits unless first deactivated at the point of purchase. The labels also contain an 850-950 MHz EPC Gen 2 RFID inlay, to which an EPC can be encoded to identify and track individual products.

The initial Evolve tag design, the Evolve 410, involves the placement of an EAS antenna around the RFID inlay, containing an Impinj Monza chip on an adhesive paper substrate. The label dimensions are slightly less than 2 inches square, enabling it to be attached to most hangtags for apparel and footwear products.

"Before joining Checkpoint, I spent 20 years in the retail industry, and whenever there's a big technology change, such as RFID, retailers face so much [transition]. There's training staff, converting software, new data to manage," says Checkpoint's CEO, George Off. "Anything that can offer [retailers] flexibility [in adopting new technology] and enable them to pace their investments really helps during these transitions. That's what we're trying to do with Evolve."

Off says Checkpoint envisions working with retailers to incorporate Evolve tags as part of CheckNet, the company's global logistics and data communications platform. Retailers and their contract manufacturers can use the system to order product tags—including Checkpoint's EAS tags—that are applied to house-brand products at the point of manufacture. This, in many cases, is done overseas.

Using the Evolve labels as part of the CheckNet platform, retailers and manufacturers alike would be able to leverage the RFID tag applied to products and track their movement through the supply chain—from the factory down to the store level. "Retailers," says Off, "want both EAS security and inventory tracking."

Presently, Checkpoint is still in the early stages of discussions regarding incorporating Evolve product labels into the CheckNet platform, Off says. To deploy such a system, Checkpoint would need to develop a means by which the EPC encoded to the labels would be generated, managed and shared with supply-chain partners. The required RFID hardware infrastructure would also need to be put in place at manufacturing and retail warehouses and facilities. To leverage the RFID tags for inventory tracking inside retail stores, he adds, interrogators would be needed in the back rooms, and possibly on store shelves and at point-of-sale terminals as well.

=========================================

Conference Session RFID Journal Live! 2007
Item Level Tagging for Retail – Why Combining RFID and EAS Makes Sense
Wednesday, May 2, 11:30 am

ADT, primarily through its Sensormatic brand of EAS and CCTV products, has decades of experience working with retailers to protect their merchandise. Whether it’s a beep at the door or an image recorded to a DVR, “visibility” created by physical layer deployments is at the heart of ADT’s retail solutions. Item level RFID promises to offer new levels of visibility related to both in-store and supply chain processes. And while this new form of process visibility involves many integrated layers, many of the physical layer challenges faced by retailers in creating item level RFID tagging models have already been addressed. This presentation will discuss the challenges retailers face in adopting item level RFID tagging and offer lessons learned from years of experience in providing similar EAS solutions.
Speaker:
Randy Dunn, Director, RFID Sales, ADT Security Services
Takeaways:
. Lessons learned from combining EAS and RFID
. Understanding the obstacles for adopting item-level RFID tagging in the retail sector

Source: http://www.rfidjournalevents.com/live/level_expertise_executive_strategy.php


=========================================
ABOUT CASPIAN

CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering) is a grass-roots consumer group fighting retail surveillance schemes since 1999 and irresponsible RFID use since 2002. With thousands of members in all 50 U.S. states and over 30 countries worldwide, CASPIAN seeks to educate consumers about marketing strategies that invade their privacy and encourage privacy-conscious shopping habits across the retail spectrum.

To join or support CASPIAN or to sign up for our mailing list, please
see:
http://www.spychips.com/get_involved.html

==========================================

Posted by Katherine Albrecht at 5:10 AM | Comments (0)

October 27, 2006

Spychipped Credit Card Q & A

rfid-card-151.JPG

The recent NY Times article that reveals the security flaws of RFID-enabled credit cards has consumers wondering if the cards in their own wallets are putting them at risk. We've been getting lots of questions and thought it might be helpful to share some thoughts here about what steps cardholders can take to protect themselves and their identities.

Q. Am I really at any risk if I carry an RFID-enabled credit card?

A. Security researchers have demonstrated that someone can siphon your name, credit card number and other information from these cards right through your purse, backback, or wallet--without your knowledge or consent. If you tote the "spychipped" cards, you could be opening yourself up to identity theft and surreptitious tracking of your movements and behavior. This "someone" could be the credit card issuer or a retail store--it could also be a stalker or thief.

Q. Does my credit card contain an RFID tag? How can I tell?

A. Call your credit card company and ask if your card contains an RFID tag. RFID tags are so small and thin that they can be hidden within the plastic. An RFID tag communicates by silent, invisible radio waves. If you don't ask, you might never know that your card can beam back information like your credit card number, name etc. The exception is the American Express Blue card. You can see the RFID tag through the clear plastic.

Q. Don't credit card companies tell you when they send RFID-enabled credit cards and alert consumers to the information security issues?

A. Millions of RFID-enabled credit cards have been issued with innocent-sounding names like "Blink" and "EasyPay." Most consumers don't understand this is a way the card companies have been trying to get the public to accept the cards without needing to explain the serious privacy concerns. After all, the RFID industry's own studies have shown that 75% of consumers object to RFID on privacy grounds once they understand how it works and how companies plan to use it.

Q. What credit card brands contain RFID tags that have security issues?

A. I spoke with one of the researchers quoted in the NY Times article. He wouldn't reveal the names of the issuers of cards tested in the sample, but he said the team found problems across all brands, including Visa, MasterCard, and American Express.

Q. What should I do if my credit card contains an RFID tag?

A. We believe credit card companies should recall RFID-enabled credit cards that leak information about consumers. However, we haven't heard of any company taking this responsible action. It's going to be up to you to demand a replacement card that is spychip-free.

Most credit card issuers will send you a new card without an RFID tag at no charge. However, we've heard that American Express customer service representatives are telling consumers who call with concerns not to worry because they can disable the RFID functionality from headquaters.

The RFID-enabled American Express Blue card has dual functionality and contains two distinct credit card numbers. One number resides on the mag stripe. The other number resides on the embedded RFID tag. AMEX customer service representatives are likely disabling the card number that resides on the RFID tag in the company database. This should help prevent unauthorized purchases via numbers read by radio waves. HOWEVER, this is only a partial solution.

The tag within the card could still be read by authorized and unauthorized persons and be used to track you and your behavior. We are recommending that consumers demand a spychip-free version or take their business elsewhere. Do you really want someone to scan information about you through your purse, backpack or wallet without your knowledge or consent?

Note: Do not mail or throw away the RFID-enabled credit card before destroying the RFID tag. Tags can be read right through envelopes and trash. You can destroy the tag by shredding the card or by cutting or crushing the chip.

Q. Can I disable the RFID tag in my microwave?

A. Don't do it. While putting an RFID tag in the microwave can disable a tag, doing so can also start a fire and damage the microwave. (We recount our microwave disabling trials in our book "Spychips.")

If you have any other questions, send them to me, and I'll try to share an answer:

Liz@spychips.com.

- Liz McIntyre

Posted by liz at 5:54 PM | Comments (5)

September 22, 2006

RFID Risky; Could Expose Company Secrets, says Forrester

reader reading tags.jpg
Consumers aren't the only ones who need to be concerned about the privacy and security downsides of RFID technology. A new report by Forrester Research is warning companies that "RFID is not mature enough yet to protect your company secrets," notes Evan Schuman, Retail Technology Editor for eWeek.com.

Forrester's report cites risks that include surreptitious modification of RFID data on tags and attackers monkeying around with data transmissions.

Read more at Schuman's StorefrontBackTalk:

http://www.storefrontbacktalk.com/securityfraud/forrester-report-rfid-not-as-secure-as-vendors-say

- Liz McIntyre

Posted by liz at 10:02 AM | Comments (0)

August 30, 2006

Procter & Gamble Products You May Want to Avoid

folgers no.jpg

No more waking up to Folgers for me! I mistakenly bought this Procter & Gamble brand coffee at the store the other day because the label indicated it is was made by the Folgers Company. Turns out that P & G owns the Folgers brand.

CASPIAN does not currently have a boycott against P & G, but like many of you, I have decided to avoid purchasing its products because of its involvement in promoting item-level RFID. (We do have a boycott against its recently acquired company Gillette! See www.boycottGillette.com.)

Procter & Gamble was instrumental in starting the ball rolling on item-level tagging, and it was involved in the notorious Lipfinity RFID spying at a Broken Arrow, Oklahoma Wal-Mart. What's more, P & G has a patent pending titled "Systems and Methods for Tracking Consumers in a Store Environment." Need we say more?

Since reading fine print on product labels may not always reveal their connection to P & G, one of the world's leading spychippers, here's a table that you can take with you when you shop. It comes straight from P & G's 2006 annual report:


pg key brands.jpg

--Liz McIntyre

Posted by liz at 12:08 AM | Comments (0)

April 28, 2006

Tell Levi Strauss What You Think about RFID

levis-dockers_rfid.GIF
Graphic by Todd Fox

Many of you who have read our press release about the Levi Strauss item-level tagging initiative are emailing to request contact information for Levi Strauss. Here it is:

Main Number: (415)501-6000
This number goes to the main switchboard. The operator can switch you to Consumer Relations. Remember. If you call the toll-free Consumer Relations number on the Levi Strauss website, your phone number can be obtained.

Email: info@levi.com
This email address goes to a general email box. Consumer Relations would like you to use a special online form, but that doesn't give you a record of your comment. Please share a copy with us. You can email me at Liz@spychips.com.

Snail mail:
Levi Strauss
Consumer Relations
1155 Battery Street
San Francisco, CA 94111

We are hopeful that Levi Strauss will stop its item-level RFID tagging initiatives and honor the moratorium called for by over 40 of the world's leading privacy and civil liberties organizations. (See: http://www.spychips.com/jointrfid_position_paper.html)

RFID technology can easily be abused, and we believe it is essential that all the societal issues be explored before it is deployed. We hope Levi Strauss will be the company to step forward and begin the needed dialogue.

The current Levi Strauss RFID test reportedly involves RFID hang tags that can be clipped from the garments at checkout. But as anyone who has read "Spychips" knows, the RFID industry has discussed affixing tags on and within products and tracking consumers through them--a practice that could usher in an Orwellian surveillance society. On the clothing front, companies have talked about embedding RFID tags in the seams of garments and in flexible clothing labels. There has even been talk of using threads woven into fabric as antennas.

That's why it is crucial to counter *any* attempts at tagging individual consumer items now. Once the RFID infrastructure is in place, the nature of tagging--and the tracking done via the tags--can change overnight.

- Liz McIntyre

Posted by liz at 2:53 PM | Comments (101)

April 15, 2006

Wal-Mart Suffers Slowing Sales, Drop in Stock Price

walmart supercenter.jpg
Empty parking lots could force Wal-Mart to reconsider its practices

Calls for consumers to avoid shopping at Wal-Mart appear to be hurting the 800-lb. gorilla of RFID. The Associated Press is reporting that the remorseless retail goliath is cutting back on inventory in its stores as it "struggles with slowing sales and disappointing profit growth." The AP also reports that "Wal-Mart's stock price has fallen 6 percent during the past 12 months."

This cut-back in inventory will hurt RFID proponent Procter & Gamble, as well, the AP reports. Sales to Wal-Mart represented 16 percent of P&G's total 2005 revenue.

This news has appeared in several papers, including an April 14 story in The Akron Beacon Journal: http://www.ohio.com/mld/beaconjournal/business/14341310.htm

Thanks to those of you who are voting against Wal-Mart and Procter & Gamble RFID plans by shopping elsewhere and switching to more privacy friendly brands. As we all work together, we are having a palpable impact on manufacturers and retailers that refuse to take consumer privacy and civil liberties concerns seriously.

-Liz McIntyre

Posted by liz at 1:38 PM | Comments (1)

March 15, 2006

RFID Vulnerable to Viruses!

sneezing RFID tag1.jpg

Melanie Rieback, a Ph.D. student at the Vrije Universiteit in Amsterdam, delivered a wake-up call to RFID proponents March 15 at the Fourth Annual IEEE Conference on Pervasive Computing and Communications in Pisa, Italy. She gave a live demonstration of how hackers could deploy rogue RFID tags programmed with a virus to wreak havoc on associated databases--possibly even facilitate a terrorist attack.

Read all about it in our latest press release by clicking here.

- Liz McIntyre

Here are more relevant links:

The researchers' website
http://www.rfidvirus.org/

Their paper
http://www.rfidvirus.org/papers/percom.06.pdf

Their press release in english
http://www.rfidvirus.org/papers/press_release.pdf

Here's the link to the BBC article...
Mikko Hypponen, chief research officer at anti-virus firm F-Secure, said: "RFIDs with embedded computers are suspectible to basically all the same threats any other computers are. Unfortunately."
http://news.bbc.co.uk/1/hi/technology/4810576.stm

(Thanks to Trevor for compiling these links.)

Posted by liz at 12:03 AM | Comments (3)

March 13, 2006

Checkpoint Showcases a Spychipped Shoe

02-28-06_1842.jpg
Photo by Todd Fox

CASPIAN volunteer Todd Fox snapped this photo at the recent RFID World 2006 trade show held in Dallas, Texas. The advertisement depicts a boot with a hidden Checkpoint Systems Performa RFID tag molded into the rubber sole. RFID tagging of any consumer item poses a threat to your privacy, but that threat gets up close and personal in the things we wear--especially shoes.

Why are shoes such an issue? Simple. Ask yourself when was the last time you lent your shoes to someone else. The answer is likely "never." So if someone can scan your shoe to glean its unique RFID tag number that's linked to you, that person could have a pretty good idea of who is standing in it.

Imagine now that someone tracks you through your spychipped shoe via RFID readers hidden under floor tiles in your workplace or in public venues like shopping malls. Philips Electronics has clearly been thinking about this possibility. In a sworn U.S. patent application, a Philips' inventor observes that "the placement of [the RFID tag] in [the] shoe may be particularly advantageous where the [RFID] interrogator is located in a floor." (See page 52 of Spychips.)

Checkpoint's spychipped shoe display comes as no surprise to those of us who have been keeping a close eye on the publicly traded company. Back in the Fall of 2004, Katherine and I documented Checkpoint's scandalous display of prototype flexible clothing labels laced with hidden RFID devices. These labels looked very much like the ones that are sewn into the collar of clothes that might be hanging in your closet, bearing brand names like Calvin Klein, Champion, and Carter's.

- Liz McIntyre

Posted by liz at 5:58 PM | Comments (0)

January 4, 2006

The duct tape wallet - a sign of the times

RFID-laced credit cards with names like "Blink" and "ExpressPay" are in the mail, and concerned consumers are fighting back--with duct tape. Yikes!

Desperate times call for desperate measures, and an enterprising tech type has come up with a duct-taped, aluminum foil wallet that promises to keep invasive radio waves from siphoning card data--though you might have to suffer with an oozing, gooey back pocket on steamy days. Anyone familiar with the properties of duct tape can get a mental snapshot of that pending laundry disaster.

Here's a better idea: send back the spychipped cards. Yep. Just refuse them. We've been told that credit card companies will send you the familar low-tech mag striped cards if you insist. Better still, switch credit card companies in protest and opt to use anonymous cash whenever possible.

Cash: use it or lose it.

Liz McIntyre

Posted by liz at 1:49 AM | Comments (8)

December 19, 2005

Ad-Age features our opposition to Walgreens' RFID plans

ad-age-walgreens.jpg
WALGREENS RFID TRACKING PLANS STIR CONTROVERSY
'Spy Chip' Critics Cite Future Consumer Implications

December 13, 2005
By Jack Neff
http://www.adage.com/news.cms?newsId=47149#

CINCINNATI (AdAge.com) -- The planned rollout of a radio-frequency identification system to track promotional displays in 5,000 Walgreens stores is raising objections from privacy advocates, who cite patents as proof the system could eventually track consumers using RFID chips in loyalty cards.

In what appears to be the largest marketing application yet of RFID, the system from privately held Goliath Solutions at Walgreens electronically tracks when, how long and where displays are placed in stores. It allows the 15 package-goods marketers who have initially signed on to the program to track results of promotions by store or demographic cluster.

It also lets participating manufacturers send representatives to stores that haven't put up displays and time local, regional or national advertising according to when displays are in place. The system doesn't involve putting RFID chips on products consumers take home.

Out of the store

But the privacy group Consumers Against Supermarket Privacy Invasion and Numbering cites two patents and two pending applications by Goliath that envision extending the system to track individual consumers in stores and target ads to them at home by using RFID chips embedded in loyalty cards.

One of the patents, granted in October, for example, outlines using RFID readers to count how many consumers are exposed to a particular display or to identify consumers who "closely identified a display for a predetermined amount of time" by reading their loyalty cards. The patent envisions consumers flashing their loyalty cards in the vicinity of the displays or, it adds: "The card could be read in a shopper's purse." The patent also covers gathering data about which displays individual consumers frequent in retailer databases to provide "personalized incentives" and "focus subsequent advertising material, such as direct mail."

Vows to protect privacy

"I couldn't speculate on the future and I could never say never about anything," a Walgreens spokesman said. But he added: "All we're doing at this point is looking at using this technology to get better performance out of our displays in the stores, and that's it." Walgreens doesn't have loyalty cards, he said.

"We are absolutely focused on not impacting consumer privacy," said Robert Michelson, CEO of Goliath.

In a statement, he said Goliath is not using the system in Walgreens to track consumers and that the RFID tags there are attached to displays and signs only, not on any products. "Consumer privacy is not an issue in that displays and signs are part of the store. Consumers do not purchase them."

He did not respond to questions regarding future plans to use the Goliath system to track consumers in stores using RFID-enabled loyalty cards.

Liz McIntyre, communications director of CASPIAN and co-author of the recently published anti-RFID book "Spychips," said she knows of no retailers that currently use RFID chips in loyalty cards, a practice that was fraught with controversy for the one retailer caught trying it. German retailer Metro recalled its frequent-shopper cards in 2004 after CASPIAN founder Katherine Albrecht discovered an RFID chip in a sample card given to her by the chain.

Slippery slope

But Ms. McIntyre said technology suppliers like Goliath and retailers like Walgreens are likely to try to maximize returns from investment in infrastructure by expanding use of RFID tracking to consumers. "Today, they may just be monitoring displays," she said.

"Tomorrow, they could be monitoring individual shoppers and siphoning information from them without their knowledge or consent."

She noted promotional material from Goliath touts its system's invisibility to shoppers and store personnel, citing an ability to track RFID signals from "well beyond 30 feet" and to embed readers unobtrusively in light fixtures or above ceiling tiles.

"Once RFID crosses the line from the warehouse to the store floor, that's where we have an objection," Ms. McIntyre said, adding that the group believes any use of RFID in stores should be disclosed to consumers. But she said the group hasn't decided yet what if any action to take regarding the Walgreens program.

###

Posted by Katherine Albrecht at 11:50 AM | Comments (3)

October 29, 2004

Kmart and the System

I love Kmart, the scruffy-yet-lovable, can't-quite-seem-to-get-its-act-together underdog of the retail world. But I had an experience yesterday that is causing me to reconsider -- and its breaking my heart.

I had stopped into Kmart to buy long underwear (winters are cold here in New England) and was pleasantly surprised to find them on sale at 20% off. I grabbed a few and headed for the checkstand.

On my way, I ran into the woman who cuts my hair. We had a "fancy meeting you here" conversation where I gushed about how much I love Kmart. She said that after hearing my ringing endorsement, she'd make a point of shopping there more often.

From Kmart's perspective, nothing says "great customer" like a walking, talking, blogging, consumer advocate willing to provide free advertisement for your store. They have few enough customers as it is, so they need to treat the ones they have left like gold.

My first frustration came when the cashier was ringing me up. The monitor was positioned way over on her side, too far for me to see unless I leaned over the counter and squinted. (More on cash register screens later -- putting them where customers can't see them seems to be a trend.) Since I couldn't keep an eye on the prices as the cashier rang up my items, I made a mental note to check the receipt later. Sure enough, when I looked it over in the parking lot, they hadn't applied the discount.

Since I like Kmart, I didn't take it too badly. I'd rather shop at a human Kmart -- where they occasionally forget to update their prices but are generally well-meaning -- than at a soulless, hyper-efficient, state-of-the-art, data-capturing surveillance machine, which is what most of the other retailers I know have become.

My faith intact, I handed my receipt to the lady at the customer service desk. She confirmed that the store owed me $9.60. Then came the sucker punch.

"May I have your driver's license?"

"My driver's license?"

"I can't process this transaction without a driver's license."

"Well, no, you can't have my driver's license. That's nuts. I paid cash not five minutes ago and here's the receipt to prove it. Plus you guys are the ones who made the mistake."

(Deep sigh) "Hold on while I call a manager."

As I stood there waiting, I thought about my bedraggled, beloved Kmart, the store I shopped at as a little girl, the big capital K, the place that won't be getting RFID any time soon. This driver's license thing was new and ominous. It wasn't something *my* Kmart would do. Could Kmart really be going bad?

I thought about how I will respond when Kmart joins the ranks of Wal-Mart and Target and the card stores as places I can no longer shop. I will really be out on a retail raft. Where will I buy long underwear and dish towels and socks and curling irons and camping equipment and bike tires and...

When the assistant manager finally arrived, he looked tired and -- I hate to say it -- vaguely hopeless. (Maybe he sees what I see when he looks at retail. Maybe he sees what I see when I look at the world.) He mustered a faint smile, then he and the customer service lady went back and forth a few times with the computer. The exchange lasted just long enough to convince him that "the new system" really wasn't going to work with me without ID. No matter how hard he tried to override it, the computer wouldn't budge.

I was witnessing in miniature a battle that plays out all over the country every day. A human manager stands in a retail store, faced with a real customer, a good customer, a loyal, longstanding, honest customer, a tells-her-hairdresser-how-much-she-loves-your-store kind of customer. He knows how to fix the problem but he can't, because he's backed up against a wall by a computer that won't budge.

He knows this mindless new ID requirement came from some corporate guy on a committee who wouldn't know a loyal customer if she rammed him with a shopping cart. He knows that the mis-ring was wrong, that the ID requirement is wrong, that the whole freaking system the goons above him just imposed on his store and his customers is wrong. In fact, everybody is wrong here but his customer. And this particular customer is neither giving in nor going away quietly.

What's a manager to do? I've had similar things happen to me elsewhere: twice at Home Depot, to be precise. I was bailed out the first time by a chance meeting with a friend who offered to lay down her ID in place of mine at the return altar. Then it happened again this summer, but that time there was no helpful friend, and the store employees made it clear they could care less if I returned my item or not. No ID, no return, period. So I ate the loss (around $25), kept a product I didn't need and couldn't use, and have harbored a dark cloud of ill-will against Home Depot ever since.

But bless his heart if that Kmart manager didn't reach into his wallet and pull out his OWN driver's license to get me my $9.60 back. All of it, in cash. As I watched his employee carefully feeding each digit of his ID into the system, I mourned for him, for myself, for the loss of the innocent Kmart I knew as a child.

That manager knows something I was just realizing: that there will soon be nothing left at Kmart for either of us. The corporate committee guy, and the hundreds of corporate committee guys like him, won't rest until they have everyone at the store, from customers and cashiers on up to managers flattened spread-eagle against the wall, stripped of the authority to make any decisions short of which button to press or which way to be entered into the system -- Visa, Mastercard, or chip implant. There will be no more thinking outside the software. Acts of defiance, like a manager entering his ID for a customer, will be ruthlessly rooted out.

I know Kmart is going to fall like the rest of them, in due time (provided it doesn't implode financially, first). In the meantime, I plan to still keep shopping there, because there is something so doggedly human about an assistant manager who would dig out HIS OWN DRIVERS LICENSE to help a customer that I just can't let Kmart go.

As long as Kmart keeps that human touch in defiance of the machine, I'll continue to shop there, though I'll cast an occasional wary glance over my shoulder.

Posted by Katherine Albrecht at 7:42 PM | Comments (4)