October 5, 2006

Schwarzenegger's Support of RFID Tracking Technology No Shock


Governor Schwarzenegger's veto of a bill aimed at protecting California citizens from surreptitious RFID tracking should come as no shock if you understand his penchant for paternalistic power.

In a 1990 U.S. News interview he was quoted as saying "My relationship to power and authority is that I'm all for it. People need somebody to watch over them. Ninety-five percent of the people in the world need to be told what to do and how to behave."

Senate Bill 768, known as the Identity Information Protection Act of 2006, was passed by state legislators last month. It was drafted to prohibit abusive tracking of people through RFID tags and give Californians control over personal information stored on RFID-laced identity documents.

Among other things, the bill would have provided "... that a person or entity that intentionally remotely reads or attempts to remotely read a person’s identification document using radio waves without his or her knowledge and prior consent...shall be punished by imprisonment in a county jail for up to one year, a fine of not more than $5,000, or both that fine and imprisonment." (See http://info.sen.ca.gov/pub/bill/sen/sb_0751-0800/sb_768_bill_20060901_enrolled.pdf)

Schwarzenegger was apparently aware that his failure to sign the bill could open the door to more Big Brother surveillance on California soil. He issued a statement explaining that he vetoed the bill because it could conflict with new government standards for identity documents like those to be issued for driver's licenses under the Real ID Act. (See http://gov.ca.gov/pdf/press/sb_768_veto.pdf)

The Real ID Act, passed in the spring of 2005, gives the Department of Homeland Security the right to set new federal driver's license standards. Privacy advocates and civil libertarians are not only concerned that these new standards will create a de facto national ID, but that this national ID will contain remotely readable RFID tags.

Homeland Security is already testing RFID tags in visitor documents, and it is on record as shopping for a very powerful form of the technology that could allow law enforcement to read documents secured in purses, wallets and even in cars speeding by at 55 miles per hour.

It wouldn't surprise me if the governor has already read our book "Spychips" and understands how RFID technology could be used to track, monitor, and control citizens. He's just the sort of character who would find added value in RFID deep organ implants for humans and IBM's RFID-based "PERSON TRACKING UNIT" that can follow people in places like shopping malls, libraries, theaters, museums, elevators and even restrooms. Why, with that kind of power, he could most certainly keep track of the 95 percent of his constituents that he seems to believe need close supervision and instructions on proper behavior.

For more on this story, see Martin Bosworth's article Schwarzenegger Terminates Spychip Bill at www.consumeraffairs.com/news04/2006/10/ca_spychips.html
Arnie Terminates RFID Bill at www.theregister.co.uk/2006/10/05/california_rfid_bill_terminated/

-- Liz McIntyre

Posted by liz at 3:01 PM | Comments (1)

August 30, 2006

Procter & Gamble Products You May Want to Avoid

folgers no.jpg

No more waking up to Folgers for me! I mistakenly bought this Procter & Gamble brand coffee at the store the other day because the label indicated it is was made by the Folgers Company. Turns out that P & G owns the Folgers brand.

CASPIAN does not currently have a boycott against P & G, but like many of you, I have decided to avoid purchasing its products because of its involvement in promoting item-level RFID. (We do have a boycott against its recently acquired company Gillette! See www.boycottGillette.com.)

Procter & Gamble was instrumental in starting the ball rolling on item-level tagging, and it was involved in the notorious Lipfinity RFID spying at a Broken Arrow, Oklahoma Wal-Mart. What's more, P & G has a patent pending titled "Systems and Methods for Tracking Consumers in a Store Environment." Need we say more?

Since reading fine print on product labels may not always reveal their connection to P & G, one of the world's leading spychippers, here's a table that you can take with you when you shop. It comes straight from P & G's 2006 annual report:

pg key brands.jpg

--Liz McIntyre

Posted by liz at 12:08 AM | Comments (0)

June 10, 2006

Arkansas joins the fight against NAIS


Arkansas has launched a "stop NAIS (Nat'l Animal ID System) program" with meetings in Fayetteville on 7-1-06, and in Conway on 7-9-06.

You go, Arkansas!

-Katherine Albrecht

Posted by Katherine Albrecht at 11:00 PM | Comments (3)

April 15, 2006

Wal-Mart Suffers Slowing Sales, Drop in Stock Price

walmart supercenter.jpg
Empty parking lots could force Wal-Mart to reconsider its practices

Calls for consumers to avoid shopping at Wal-Mart appear to be hurting the 800-lb. gorilla of RFID. The Associated Press is reporting that the remorseless retail goliath is cutting back on inventory in its stores as it "struggles with slowing sales and disappointing profit growth." The AP also reports that "Wal-Mart's stock price has fallen 6 percent during the past 12 months."

This cut-back in inventory will hurt RFID proponent Procter & Gamble, as well, the AP reports. Sales to Wal-Mart represented 16 percent of P&G's total 2005 revenue.

This news has appeared in several papers, including an April 14 story in The Akron Beacon Journal: http://www.ohio.com/mld/beaconjournal/business/14341310.htm

Thanks to those of you who are voting against Wal-Mart and Procter & Gamble RFID plans by shopping elsewhere and switching to more privacy friendly brands. As we all work together, we are having a palpable impact on manufacturers and retailers that refuse to take consumer privacy and civil liberties concerns seriously.

-Liz McIntyre

Posted by liz at 1:38 PM | Comments (1)

March 30, 2006

Scholarly articles on RFID security

Gildas Avoine, an MIT post-doctoral research fellow specializing in RFID security and encryption, maintains a resource page with links to the latest scholarly articles on RFID security and privacy. You can even subscribe to email updates for an alert when new articles are added.

The following new articles in Avoine's latest email caught my eye. The full text of each is linked from his page.

Dang Nguyen Duc, Jaemin Park, Hyunrok Lee, and Kwangjo Kim.
Enhancing Security of EPCglobal Gen-2 RFID Tag against Traceability and Cloning

Ilan Kirschenbaum and Avishai Woo
How to Build a Low-Cost, Extended-Range RFID Skimmer

Melanie Rieback, Bruno Crispo, and Andrew Tanenbaum
Uniting Legislation with RFID Privacy-Enhancing Technoloy

-Katherine Albrecht

Dear all,

You receive this email because the website
http://lasecwww.epfl.ch/~gavoine/rfid/ has been updated.

The website has not been updated for a few weeks and so there are a lot
of new papers to read... The reason is that I moved from EPFL to MIT
very recently: You will notice that my email address on the website has
changed, although the Website URL remains unchanged. By the way, I am
looking for a sponsor to support my travel expenditures during 2006 (to
attend conferences). So, if you are a potential sponsor, let me know...


[01] Christy Chatmon and Tri van Le, and Mike Burmester
Secure Anonymous RFID Authentication Protocols

[02] Julien Bringer, Hervé Chabanne, and Emmanuelle Dottax
HB++: a Lightweight Authentication Protocol Secure against Some

[03] Jonathan Katz and Ji Sun Shin
Parallel and Concurrent Security of the HB and HB+ Protocols

[04] Melanie Rieback, Bruno Crispo, and Andrew Tanenbaum
The Evolution of RFID Security

[05] Melanie Rieback, Bruno Crispo, and Andrew Tanenbaum
Is Your Cat Infected with a Computer Virus?

[06] Ilan Kirschenbaum and Avishai Woo
How to Build a Low-Cost, Extended-Range RFID Skimmer

[07] Sangshin Lee, Tomoyuki Asano, and Kwangjo Kim
RFID Mutual Authentication Scheme based on Synchronized Secret

[08] Dang Nguyen Duc, Jaemin Park, Hyunrok Lee, and Kwangjo Kim
Enhancing Security of EPCglobal Gen-2 RFID Tag against
Traceability and Cloning

[09] Yasunobu Nohara, Sozo Inoue, Kensuke Baba, Hiroto Yasuura
Quantitative Evaluation of Unlinkable ID Matching Schemes

[10] Andrea Soppera and Trevor Burbridge
Wireless identification - privacy and security

[11] Melanie Rieback, Bruno Crispo, and Andrew Tanenbaum
Uniting Legislation with RFID Privacy-Enhancing Technologies

Best regards,

Gildas Avoine

Posted by Katherine Albrecht at 6:17 AM | Comments (0)