CASPIAN Newsletter
November 27, 2004 "CA Store Victory; What's With Verichip?"

Consumer privacy and RFID newsletter

Edited by Sunni Maravillosa and Katherine Albrecht

We hope you are enjoying a long, relaxing weekend with family and friends. All of us at CASPIAN are thankful for your interest in consumer privacy, and appreciate your activism and educational efforts!


  1. California grocer drops loyalty card program
  2. VeriChip company announces privacy plan
  3. Police to peruse your prescriptions?
  4. Printer privacy problems expand
  5. Petco customer data compromised
  6. U.S. RFID passport standards under fire

CASPIAN Activists Update:

  1. CASPIAN files Freedom of Information Request for VeriChip details
  2. CASPIAN in the news
  3. CASPIAN members sound off

Tools You Can Use:

  1. Information on Wal-Mart to share for Christmas shopping season
  2. Quick hit: don't give gift cards, give cash


The emperor has no clothes when it comes to frequent shopper cards. The programs cost a fortune to implement, are a pain to manage, and are despised by two thirds of shoppers. Despite this, it takes a brave retailer to break ranks with the industry leeches who whisper in their ears how "popular" and "necessary" loyaty programs are. We offer kudos to PW Supermarkets of the San Francisco/Silicon Valley area for listening to their customers and dropping the card.

A company spokeswoman explained the decision, saying, "Customers kept saying, 'We don't want the card. [So] we decided to lose the card, but keep the savings." Not surprisingly, privacy was a major consideration. "Customers didn't want to share the information," she said. "Some people refused to shop with us because they were afraid Uncle Sam was watching."

If you live in San Jose or Cupertino, reward PW with your shopping dollars -- and tell them why! For locations, click here:

To drop them a note of thanks, write to:

Source: CRM Buyer
(paste to above line to restore link)



VeriChip promoters unveiled a six-point privacy statement earlier this week that, frankly, has us scratching our heads. Here's one of the points:

VeriChip should be voluntary and voluntary only. No person, no employer, no government should force anyone to get "chipped."

Sounds good -- but wait, what about the government employees in Mexico who were implanted with VeriChips to access their secure data center? We're pretty sure nobody tied them down and "forced" chips into them, but what would have happened if they had said no? Is taking a chip to keep your job really "voluntary?" As for government mandates, this is a company that envisions a market of "billions," i.e., they want to chip nearly everyone on earth. How will they accomplish that without government complicity?

Here's another one:

We pledge to thoughtfully, openly and considerately engage government, privacy groups, the industry and consumers to assure that the adoption of VeriChip and RFID technology is through education and unity rather than isolation and division.

Hmm, if they're so anxious to engage us, why have they not returned our phone calls?

Source: Yahoo! News, 11/22/04


As if planning to affix RFID tags to medication bottles wasn't bad enough, the government now wants to share personal prescription records for anxiety, depression, insomnia, and pain with law enforcement. A bill before Congress, The National All Schedules Prescription Electronic Reporting Act (H.R. 3015), has been passed by the House and is being considered by the Senate.

"While masquerading as a law enforcement tool to help control the illegal use of painkillers, the national bill would...create

a central database affecting tens of millions who are not even suspected of a crime. And the information will be shared with

state and local law enforcement."

The American Association of Physicians and Surgeons (AAPS) is leading the charge against the plan. If you are concerned, urge your senator to vote "no" (use the easy link below) and print out the AAPS' doctor info page to share with your physician.

Source: American Association of Physicians and Surgeons

Click here to send a letter to your senator:


We learned last week that Lexmark printers spy on their owners by phoning home printer usage details to the company. Now it turns out that Lexmark isn't the only printer company finking on its customers; several brands of laser printers have been secretly encoding the printers' serial numbers on printouts. A series of tiny dots function as a "license plate" that can be used to track printouts to the machine that made them. If you filled out a warranty card (something you should NEVER do!), the company can look up your printer's unique "signature" and share your identity with government investigators.

If you buy a printer, don't register it, and consider more anonymous means of getting one. eBay, local small computer stores, especially ones that refurbish used equipment, and similar private sales make it less likely your printed pages will rat on you.

Source: PC World via Yahoo News



It's business as usual in the world of corporate data mismanagement. Petco, the billion dollar retail giant that helped put many local pet stores out of business, is in trouble for shoddy data security practices that exposed customer data to hackers. This is ironic considering the company's March 2000 boast about its (detestable) PALS loyalty card program:

"By scanning customers' membership cards at the POS, we collect data that flows into our host system,' said IT director Andrew Ross. 'Using database tools, we can analyze the buying trends of an individual consumer... In addition to gathering valuable data, PETCO is careful to secure this information."

The bottom line: Data protection promises have become all but meaningless. If you don't want your data compromised, don't provide it to retailers! Pay cash, say "no" when asked for data, and boycott stores with loyalty programs.

Source: Information Week (current story)

DM Bulletin (Petco's March 2000 boast appears here)


Plans to put RFID chips in passports in 2005 have been roundly criticized for both privacy and security reasons. Noted cybersecurity guru Bruce Schneier clearly outlines the problems here:

Now the mainstream press appears to have figured it out, too, with a recent AP article reporting that "even an executive at one of the companies developing a prototype for the State Department calls the international standards woefully inadequate."

In matters like this, it's no fun being right.

Source: Yahoo! News



1. CASPIAN files Freedom of Information Request for VeriChip details

What are the health risks of the VeriChip implant? What testing was done prior to FDA approval of the device last month? Will the device shift in a patient's body or cause burns during an MRI test? Since Applied Digital Solutions and Digital Angel aren't telling, CASPIAN director Katherine Albrecht has filed a Freedom of Information Act request with the FDA to find out. According to law, the government has 20 days to respond to the request. We'll let you know what we discover.

For more on VeriChip health issues first reported by CASPIAN:


CASPIAN was showcased last week in a five-page Supermarket News featureon RFID titled "The Privacy Hurdle." The article carried this tagline:"Like loyalty cards, RFID tags raise questions about consumer privacy, once again putting retailers on the spot." Featured were the Metro"Future Store" privacy flap (where we discovered that the store hadhidden RFID tags in its frequent shopper cards), along with the privacygaffes of Gillette, Wal-Mart and Procter & Gamble. Some great photos of

Katherine and the German RFID protest. (It's not archived online, but we'll try to scan the highlights. If you're an SN subscriber, see theNov 15 edition, page 67.)

Katherine also commented this week on Zebra's new "SurgiChip" RFID sticker designed to be affixed to patients before surgery, as follows:

"Most medical errors are due to a lack of personal attention to the real needs of patients, not patient misidentification," [Albrecht] said. "RFID tags are inventory control devices, and treating patients like inventory will merely increase the divide between patient and caregiver, depersonalizing the relationship still further. The money would be better spent on other preventable problems."

Chicago Sun Times 11/23/04



We've received some terrific letters in response to our request to be cc'ed on letters to the Spring Independent School administrators in Houston, Texas regarding their plan to chip students. Here's a sample:

"I can't believe the news I just read that Spring ISD plans to brand children like cattle with RFID devices. Aren't criminals in prison treated better? Please stop wasting community and state money on horrors like this. .... Perhaps you have lost the ability to see the children as the PEOPLE they are?"
-- anonymous

"I strongly oppose your school district's decision to tag schoolchiildren with RFID tags/chips. This is would move our society further toward a totalitarian police state. The illusion of security for children through RFID chips will not make them more secure, in reality, but only dehumanize them. Only loving and caring human relations which nurture responsibility between people will bring true security and peace of mind to parents and supervisors."
-- Richard, currently in Tokyo

We received this letter on spying Lexmark printers from Alan:

"In your latest newsletter I received I found interesting how Lexmark flat out lied about the hidden file when you install their printer. This hidden file installs even if you do not participate in their 'program.' I found a post at a google message board posted by zcrayfish -at- that states otherwise. This person even called Lexmark and they tried to lie about it until they were backed into a corner so to speak. The hidden folder is titled: Lx_CATS."

Alan tells us the Google post describes how to safely eliminate the spying files.


1. Whether you are a Wal-Mart shopper (*tsk, tsk*) or a Wal-Mart boycotter, you should check out these reports on the giant megastore. We found them just the thing to strengthen our anti-Wal-Mart resolve as we enter the season of heavy shopping. The only thing missing is an expose of Wal-Mart's role in furthering the surveillance society through RFID.

NPR Audio: Wal-Mart's Social and Economic Impact
Four-Part Series Examines Influence of Largest U.S. Employer

PBS Video: Is Wal-Mart Good for America?
90-minute Frontline video

2. Yesterday was "Black Friday" for retailers across the country -- the day after Thanksgiving, the biggest shopping day of the year. (It's called "black" from the phrase "in the black" meaning turning a profit.) As you start your holiday shopping, if you make gift cards a regular part of your gift-giving routine, please reconsider. Here are some quick reasons why cash is a better gift for privacy-minded consumers:

Cash is today's only truly untraceable payment option. Giving cash encourages its use by others (especially young people), while giving numbered plastic cards gets them used to traceable payment instruments. That's a bad precedent for us to set.

Cash: use it or lose it.

CASPIAN: Consumers Against Supermarket Privacy Invasion and Numbering
Opposing supermarket "loyalty" cards and other retail surveillance schemes since 1999

You're welcome to duplicate and distribute this message to others who may find it of interest.

To subscribe or unsubscribe to the CASPIAN mailing list, click the following link or copy and paste it into your browser:

If you have difficulty with the web-based interface, you may also subscribe or unsubscribe via email by writing to: