Rights 'Chipped' Away: RFID and Identification Documents

uniform machine-readable format. the machine-readable format, even if it is a 2-d barcode, will make it very efficient for private civil rights groups, women's groups, domestic violence prevention groups, business organizations, sectors.30 once the verichip is read and cloned, the copy could be used for whatever purpose was countermeasures to address these risks. in the meantime, other identification technologies--which of data, these technologies, identification systems, and databases threaten to allow the government-- identification documents that are used for multiple purposes, that are used for public schools and see cal. office of the senate floor analyses, bill analysis: third reading: bill no. sb 30, may 21, 2007, available at documents, and, unfortunately, rather than our concerns being "exaggerated," they have often been intrusion, the surveillance is a search."72 while the home has always been afforded the highest caliber violate the fourth amendment because a "person traveling in an automobile on public thoroughfares has no reasonable read the documents, and authorized to then access data stored on the documents.") 57 id. privacy and civil rights organizations, technologists, and legislators across the country seems to have 220,000 u.s. electrical, electronics, computer, and software engineers, has also expressed serious payment card vulnerabilities technical report, oct. 11, 2006, instead of leaving auto safety up to the car manufacturers, the privacy and security of individuals manufacturer of the human-implantable rfid tag (the "verichip").120 while it hardly seems as well as the move to create greater federal identification systems and integrated databases through 86 letter from aea to frank e. moss, deputy ass't sec'y, passport services, and elaine dezenski, acting ass't sec'y, border plain text. with $150 of readily-obtainable computer and radio components, the researchers 3. insecure rfid implicates state constitutional protections security architecture becomes and the more failure opportunities are created. further, many of these become ubiquitous, tagged items carried by an individual can be scanned unbeknownst to 47 department of homeland security, supra note 45. pocket or purse to read this information. individuals have no reason to think that the information stack higher and higher, more research has been done, and more reports have been written. further, losses of more than $56 billion dollars, and a cost of 40 hours of time per person to make claims and to allow the layering of data protection processes, such as cryptography and authentication,10 on top the company who were deploying rfid in the elementary school were actually teachers at the high 105 for a thorough discussion of whti and the privacy and security impact of the pass card, see katherine walkenhorst, c. rfid-embedded credit cards cracked http://newstandardnews.net/content/index.cfm/items/1473. information to the reader by sending it a radio signal. the chip does not alert anyone that it is reading of information safeguarded in spaces away from public view, creates the potential for identity years tell a very different story. the privacy and security vulnerabilities of rfid- embedded tracked like a product or a piece of cattle. by virtue of being human, we have inalienable rights to practically impossible to be in a public place without wondering whether the government was appropriate management and safeguards of those keys to protect the integrity of the encryption.") battery, they can be small, easy to embed, quite cheap to produce, and can successfully operate for a 121 zetter, supra note 1. leaflets, and circulate petitions anonymously,78 and it is improper to force disclosure of membership in the absence of associated cryptographic keys necessary to enable decryption of that data. that encryption shall include identification documents, it will be very hard to make these tags safe. countermeasures are difficult consumers who are aware of rfid technology is growing steadily, but so are negative perceptions of the technology--especially 69 hiibel v. sixth jud. dist. ct. of nev., 542 u.s. 177, 184-185 (2004) (interpreting stop and identify statute and finding that in many situations. for example, contact-required smart cards, optical scan cards, the newest rfid is not present, the car is not supposed to start. but these chips were also easily cracked. this were brought to the attention of congress by the gao in may 2005 in its report: information a camera and to access a wealth of information about that person--likely anything stored in a associated with rfid technology. such technologies, which provide many of the benefits of rfid 3 see aclu of northern california: don't chip our rights away!, of the core radio frequency technology actions performed by the chip. however, these tags are only by increased surveillance and data collection activity in contemporary society. the new not withstood the tests of the real world. additionally, deployment of rfid technology in mass- 98 id. http://www.engadget.com/2006/02/03/dutch-rfid-e-passport-cracked-us-next/. 62 am. legislative exch. council, rfid state legislative activity, oct. 2006, http://downloads.heartland.org/20144.pdf. "rfid systems present a unique technical and policy challenge because they allow data to be a cursory visual inspection.87 among women. . . . since the first survey of the series, conducted in september, distrust over the use of rfid has increased and source of data compromise is now less than one percent. see id. concern, relating to the accelerating encroachment on personal freedom and security caused protection/484638-1.html. see also kaczmeirczak supra note 34. �21 similar concerns about both tracking and profiling were also detailed to the department of discussed supra, both california constitutional and statutory law guarantees privacy and control over powers and disregard of essential privacy laws. the federal government has engaged in warrantless financial security of individuals. things that a person "seeks to preserve as private, even in an area accessible to the public."64 the use stages of a $2.5 million investment in concrete barricades, posts, and other security measures to printed electronics. the company gives strictly independent marketing, technical, and business advice and services on these regions were required to show a valid passport, and the next phase will require all land border inc., the internet engineering task force, the international organization for standardization, the organization for the 18 icao, a little known body run by the united nations with a mandate for setting international passport standards, was 35 neville pattinson, director of technology & government at axalto inc. of austin, texas, commented at the june 7, 2006 f. verichip human-implantable rfid cracked magnetic strip that is used on many licenses today.97 the draft regulations stated that "[t]he �14 in 2005, researchers at johns hopkins university cracked the security protecting the rfid by software written in less than forty-eight hours and an rfid reader bought for about five hundred critical in a supply chain application because the information contained on the tags is not sensitive, by the issuing entity, is not cloned, and is authorized to be read;134 and (3) notice to all individuals 118 koprowski, supra note 6. protection act. originally introduced in the 2005-2006 legislative session by california state senator services under president george w. bush, was appointed to the board of applied digital, the showed just how easy it was to read and clone the information encoded on the building entry cards have a passing resemblance to legitimate cardholders spoofing or counterfeiting" cards.84 basic rfid read. (c) another access control protocol that enables the holder to exercise direct control over any transmission of the data using was to embed all new passports with an rfid chip that had no protections. all the information due to security failures, abuse of power, key management difficulties, and the unknown reliability of 143 these groups also include the california national organization for women, california alliance against domestic a business from retaining or using personal information from a driver's license for any other purpose proposed legislation to address the possible technological implications of potential widespread use of relationships often make good decisions about privacy and security more difficult, the privacy and california, 362 u.s. 60 (1960) (striking down a ban on anonymous handbills, noting that "[p]ersecuted groups and sects from time security countermeasures, such as encryption, mutual authentication, basic access control, and shield then putting the key under the mat."19 spurred in large part by the sutter story and the rollout of rfid in passports, the term has moved government for use in the passport card "does not support the necessary security safeguards to . . . of freedom of speech protected by the first amendment."81 the use of insecure rfid in unconstitutional to prohibit the distribution of anonymous campaign literature, "[t]he decision in lists.79 furthermore, courts have ruled that surveillance that targets individuals, intimidates them, or 116 robert jaques, rfid set for growth explosion, vunet.com, feb. 28, 2005, copyright � 2008 stanford technology law review. all rights reserved. �42 financial security: the use of rfid technology in identification documents also threatens to ix. basic standards may not be enough or "hinder development," just like passing regulations to put seatbelts in automobiles has not 17 3des uses 112-bit or 168-bit keys. 101 see aclu, naked data: how the u.s. ignored international concerns and pushed for radio chips in passports without expectations about the inalienable freedoms of individuals. human beings should not be tagged and and potentially others--to invade the privacy of individuals at an unprecedented scale. and security implications, and how they can protect their information.135 bin/postquery?bill_number=sb_30&sess=cur&house=b&author=simitian (last visited oct. 7, 2007). do not pose the same privacy and security threats--appear to be just as effective as rfid technology for identification documents and there is still not a single rfid law on the books--nothing to 10 very generally, cryptography is the procedure to translate data written in plain text into cipher text, coded text that requires are simply inherent in the technology."92 locking up your cards is not going to help if the databases that might be built as a result.61 state representatives around the country have introduced order to reduce the chance that people get hurt and provides a punishment for bad actors that 44 the privacy advisory committee was created to advise the secretary of the department of homeland security and the http://www.leginfo.ca.gov/cgi-bin/postquery?bill_number=sb_768&sess=prev&house=b&author=simitian (last visited oct. 7, covering the full spectrum [of] industry suppliers, integrators, and end user groups." smart card alliance activities: overview, http://www.smartcardalliance.org/pages/activities (last visited nov. 11, 2007). information, such as someone's name, social security number or, in the case of commercial use, the 49 id. the state department that the additional protections are still not adequate.103 as predicted, e- 38 see shermach, supra note 37. 2-d barcode that is scanned optically as the common machine-readable technology to replace the security and privacy concerns of a proposed border-crossing identification card that would contain copyright � 2008 stanford technology law review. all rights reserved. as there is not an identifiable need for driver's licenses and identification cards to be routinely read at programs such as real id (which will create a national id and a fifty-state interlinked database) the even more portable and easier to conceal.36 http://www.hitachi.co.jp/prod/mu-chip/ (last visited oct. 5, 2007). elected representatives, by independent researchers who specialize in rfid technology, and even by move quickly through security checkpoints with only a cursory visual inspection "would potentially september, distrust over the use of rfid has increased and tv and radio news surpassed the internet as the most common way all government-issued identification documents. �41 the technology industry itself has admitted that rather than keeping us safer, using a technology 5. elected officials by-case basis. they are often "worked out" to the detriment of the privacy, personal safety, and rfid industry consultants warn that, "[g]iven that rfid tags are made to broadcast information, the �32 in addition to fourth amendment concerns, the privacy issues associated with the use of 138see cal. s.b. 30, 2007 reg. sess. �1798(10)(6) (cal. 2007); cal. s.b. 30, 2007 reg. sess. �1798.10(5) (cal. 2007) ("this 99 real id's impact on privacy is still overwhelming. the real id act, passed by congress as a little-known attachment to the car thieves often successfully steal expensive cars, such as two of soccer star david beckham's tag owner. the more layers of technology that are implemented, however, the more complicated the ii. rfid � what is it? 4,000 verichip systems installed worldwide for use in the healthcare, security, and government while the verichip corporate website still claims that its tags are "safe," "secure," and "cannot be that the holder of the fake card resembles the holder of the true whti card in order to pass systems."52 the smart card alliance confirmed that rfid tags such as this "release their identifiers . constitutional privacy provisions. national conference of state legislatures, privacy protections in state constitutions, with little or no public debate. in just over two years, the san francisco "pilot program" with two segments of the technology industry itself.35 41 see id. 70 cal. civ. code � 1798.90.1 (deering 2007). authorized holder. (2) authorized identification documents can accurately assess whether a reader accessing them is authorized to following the rsa conference, ioactive planned to give a presentation at the black hat computer security conference in generation of magnetic strip cards, and 2-d barcodes can all serve as alternatives to increase and growing.113 however, rfid technology is still being considered for more and more uses by the government is more likely to be able to confirm the identity of an individual coming into the range of identification documents. legislation like the identity information protection act is an important ieee or its other organizational units." developing national policies, supra note 2. 27 the verichip corporate website claims that "unlike conventional forms of identification, the verichiptm cannot be . . . like the british passport, the ease of cracking the protections was due in part to the fact that the privacy and security of the new rfid-embedded passports. rapid inventory tracking is "inappropriate for personal identification applications."56 such rfid technology in identification documents. rfid technology that lacks additional multilayered protections, "was designed to track packages and http://www.metroactive.com/papers/metro/09.07.05/rfid-0536.html. whether the identification document and data stored are issued by the responsible issuing state or local governmental body to an iv. impact of rfid on civil liberties and consumer privacy parents in sutter and of national organizations such as the aclu, saying that the worries and passport, including the digitized fingerprint, photograph, and other encrypted and plain text data. government and private sector. why? http://www.gcn.com/online/vol1_no1/42815-1.html. distinguished and found to implicate the fourth amendment. 71 bond v. united states, 529 u.s. 334, 337 (2000). rfid technology and a "smart card" system that can implement protections such as encryption and safely away from view in wallets and purses.67 this information, hidden away, cannot be read and growth in the market not just with tax dollars, but also with the loss of their privacy, personal safety, was assembly member fran pavley, he gained access to the california state capitol.23 23 capitol building to be ringed with barricades, silicon valley/san jose business journal, available at �35 time and time again, the supreme court has prohibited government activities that interfere with verify that the passport card is authentic."85 according to the smart card alliance, these will safeguard the data gathered."119 tommy thompson, the former secretary of health and human privacy of the personal information on their government identification documents, guarding them information on the card. some individuals will undoubtedly lose the sleeve.") identification without sufficient cause"); mcintyre v. ohio elections comm'n, 514 u.s. 334 (1995) (striking down an ohio law but are shared by government organizations such as the government accountability office, by their identities. other states, such as california, provide even more extensive protection to http://www.sciam.com/article.cfm?articleid=00093b44-71db-1264-b1db83414b7f0000&sc=i100322. and transp sec policy (jan. 30, 2006), available at http://www.aeanet.org/governmentaffairs/aea_letter_jan_30_2006.asp. most modern threat to personal privacy.75 33 jack m. germain, rfid technology faced with privacy considerations, e-commerce times, july 11, 2005, capacities,"28 the verichip has not become harder to read and clone. since first cracking the cards securely locked away at home and at work." a second tip was to "not release social security or copyright � 2008 stanford technology law review. all rights reserved. 100 rfid-embedded passports started issuing on august 16, 2006. rfid and identification documents vi. the symbol of sutter representative of the school district, and answered the questions of concerned parents at school cards, and check books and many people can determine when and how their information was at http://www.gcn.com/online/vol1_no1/44338-1.html. verichip, westhues has shown that even smaller technology, costing as little as twenty dollars and vulnerable and be able to track the source of the identity theft.95 cite as: 2008 stan. tech. l. rev. 1 copyright � 2008 stanford technology law review. all rights reserved. than they think, supra note 90. people without their knowledge. since 9/11, there has also been widespread abuse of surveillance �25 elected officials are also becoming increasingly alarmed about the implications of rfid people learn about rfid." o'connor, supra note 4. �31 the supreme court has long found fourth amendment protection against searches that cannot to produce their identification documents, or technology must be utilized to penetrate an individual's of millions of similar cards have been issued.20 prior to rolling out these new cards to consumers, stored information. they also have a much longer read range of several hundred feet--some of up to the public. see united states v. knotts, 460 u.s. 276, 281 (1983) (tracking a car's movements with an electronic beeper did not also prohibits displaying a social security number on a license or other identity document130, 131 or membership lists). agencies achieve a greater security posture."141, however, in concert, these protections may be able to private affairs or to attempt to predict future activities by aggregating a person's movements or 34 matthew kazmierczak & josh james, rfid: security, privacy, and good public policy, additional $1 billion in money available through state grants). 37 kelly shermach, legoland rfid tracks lost kids, collects data, crmbuyer, oct. 28, 2004, millions of americans will potentially be compromised if they are forced to continue to use them. 84 "unlike a solution based on epc gen 2 technology, the contactless smart card-based solution supports features that can interpret the privacy amendment noted: one that society has long recognized as reasonable. individuals go to great lengths to preserve the collected inconspicuously, remotely, and by unknown, unauthorized, or unintended entities."48 it �34 the use of insecure rfid technology in identification documents not only impacts our three basic standards plus one or more of the following protections: (1) a secondary verification and like many aclu stories, this one is far from over. the letter from these parents unleashed a c. rfid and video surveillance 2. the real costs and benefits public transportation, or that confer a public benefit.136 these types of cards must implement the �29 individuals take actions to preserve the privacy of the personal information on government bin/postquery?bill_number=sb_30&sess=cur&house=b&author=simitian (last visited dec. 5, 2007). http://www.aimglobal.org/members/news/templates/rfidinsights.asp?articleid=433&zoneid=24; gregory lippe, legislation based data privacy & integrity advisory comm., supra note 44, at 10-11. but individuals should know the risks and the government should help protect them from these http://www.identityblog.com/?p=451. 42 id. at 3. inspection is simply more intrusive than purely visual inspection."71 in kyllo v. united states, the favor of anonymity [is] motivated by fear of economic or official retaliation, by concern about social �43 identity theft is already a significant and growing problem in the united states. in 2005-2006, 8.9 11, 2005, at a16. millions_of_americans.shtml. computerized database--including such personal information as motor vehicle records, police but also chills our ability to exercise our rights to free expression by preventing people from aclu (dec. 1, 2006), available at http://www.aclunc.org/news/press_releases/government_secretly_tracks_ 7 the hitachi "mu chip" is .4 mm square--small enough to be embedded in paper. hitachi corp., electronic numbering of http://www.leginfo.ca.gov/cgi-bin/postquery?bill_number=sb_768&sess=prev&house=b&author=simitian (last visited oct. 7, greeneneier, security researchers and vendors clash at black hat, users lose, information week, feb. 28, 2007, conference, in the presence of a state department official, just how easily data on an rfid tag could �30 an individual's expectation of privacy over the information on government identification �45 rfid and government id cards: even after all the evidence and reports between 2004 and briefing, it contacted ioactive, and demanded that the company refrain from presenting its findings at the black hat convention budget to put in a standard proximity-based access control system can afford to put in a smart card �10 in october 2006, researchers at the university of massachusetts amherst demonstrated a is, in fact, who or what it is declared to be. rfid products. a crop of new names for the technology has been developed, with segments of the authentication" that countries could elect to include as part of their technological protection would need to know how to decrypt the information (and would therefore need the encryption key); 2 developing national policies on the deployment of radio frequency identification (rfid) technology, feb. 17, 2006, 112 publicly available databases accessed by the government, such as choicepoint, collect and sell data on individuals that �61 additional layers of protections are built into the legislation when the rfid tag is embedded in 109 fran spielman, daley: by 2016, cameras on `almost every block', chi. sun times, oct.12, 2006, at 22. banned, stifled, or hindered that technology.153 some form of basic standards to protect individuals is http://www.informationweek.com/story/showarticle.jhtml?articleid=197700101. with the help of the aclu of northern �9 in november 2006, the technology protections on three million british e-passports were cracked aircraft, it emerged in the commercial sector in the 1970s to track products as they moved through businesses to make use of the card's infrastructure to create a parallel, private database, one that will be outside the reach of the http://faculty.ed.uiuc.edu/burbules/papers/privacy.html (last visited mar. 23, 2007), cited in slobogin, supra note 76, at 244. 153aim global, rfid legislation--protection or pause button?, aug. 29, 2005, available at http://www.adsx.com/pressreleases/2005-07-07.html. http://www.privacyrights.org/ar/chrondatabreaches.htm. discussed supra, the aea and leading technology companies also explained how rfid is "highly legoland in denmark, the park rents rfid bracelets to parents, marketing them as a tool for parents affiliates. see itaa homepage, http://www.itaa.org/ (last visited nov. 10, 2007). surveillance). 146 editorial, important little chips; rfid transmits valued data, but it needs some government safeguards, l.b. press-tel., aug. c. rfid is big money; relationships between industry and decision-makers identification documents and authorized readers securely challenge each other to verify authenticity and authorization of both frisk search if they have a particularized, objective, and reasonable basis for believing that criminal activity may be afoot or that a id. legislature and serving as a model for other state action. and independent and have inalienable rights. among these are enjoying and defending life and liberty, acquiring, possessing, and third parties who are also deploying rfid readers, to have intimate details of private lives, including government has quietly tried to dismiss the concerns of other nations and the aclu about the stanford technology law review recommendations for using secure contactless technology vs. rfid, supra note 84 ("the requirement for a protective sleeve is what advice did the largest study on identity theft provide to consumers to try to stem the rise of �70 as important as it is to pass basic standards, and as hard as many legislators and organizations the dhs tom ridge was appointed to the board of directors of rfid maker and dhs contractor possible, relationships are often even closer in smaller scale deployments. in sutter, the founders of under the circumstances.66 infringement on free speech and the right of association.80 as u.s. supreme court justice john paul government, industry, and public interest groups increasingly agree that without protections, the and pervasiveness of technologies that pinpoint an individual's identity and location--global discourages attendance at an organizational activity or membership in an organization is an improper possibility of data theft by easily concealable rfid scanners is very real. . . . these security problems uses."144 the los angeles times noted that "simitian is on the right track. neither government nor identity information protection act was reintroduced in december 2006, passed the california at johns hopkins also revealed the security vulnerabilities of anti-theft car devices that use similar senator joe simitian, rei onishi, legislative aide (former), office of california state senator joe simitian, david molnar, security issues concerning rfid in identification documents should not be "worked out" on a case- devices can help mitigate the privacy and security risks; (c) the location of readers intended to be coming years.108 chicago mayor richard m. daley expects cameras to be on "almost every block" of 132 cal. veh. code � 12801 (deering 2007); cal. civ. code � 1798.85(f) (deering 2007). 128 for example, california's state constitution grants its residents an inherent right to privacy: "all people are by nature free technology held an important cost advantage over smart cards; but that has changed. anyone with a 66 katz, 389 u.s. at 361. �62 the third and highest layers of protection are for identification documents with rfid tags that department of homeland security regarding what type of machine-readable technology should be b. western hemisphere travel initiative prevent the citizen's unique reference number from being tracked when it is outside of its protective io active's director of research and development, demonstrated how a handheld device the size of keeping information like their names and addresses private, from vulnerable populations like women, some of their neighbors to be engaged in "unfounded paranoia." william dean hinton, spy hunter: a south bay legislator is trying to �72 abuse of power: effective countermeasures would also require that all levels of government copyright � 2008 stanford technology law review. all rights reserved. information has been read, it will be difficult to ascertain whether the countermeasures have been http://www.youtube.com/watch?v=4jprfgdpwva. software engineers who are u.s. members of the ieee. the positions taken by ieee-usa do not necessarily reflect the views of 85 proposed passport card with rfid technology bad news for privacy and security, says smart card alliance, supra note 54. regarding what data are collected and how it will be used."126 the legislation also incorporates the 144 editorial, a moratorium on electronic id tags, orange county reg., aug. 21, 2005. �37 as the editors of scientific american wrote in response to learning about the use of rfid tags in storage or while being transmitted using an encryption algorithm implemented within a cryptographic module that has been 145 editorial, too much information, l.a. times, aug. 23, 2005, at b12. 26681prs20060907.html. for more information about ats, see press release, government secretly tracks millions of americans, it is designed simply to ensure that californians maintain the same level of control that they currently including (a) that the id can communicate information using radio waves; (b) that the use of shield the personal information on the rfid cards could then be copied and re-transmitted, "spoofing" the 1. government accountability office (gao) copyright � 2008 stanford technology law review. all rights reserved. constitution and further augmented by many state constitutions. http://www.wired.com/politics/security/news/2005/02/66554; passport needs to be opened. experts have also raised questions about the technological soundness of the shielding, even when the �2 the aclu of northern california has been a leader in generating public and legislative attention visited dec. 5, 2007). 50 amusement parks are already using rfid tags to determine what attractions are most popular.37 at rfid technology on privacy, financial security, and personal and public safety. these concerns are documents to ensure that personal information is kept safe. the act creates layered protections for not want their personal information accessed without their knowledge. even if the information on an licenses and government health and other benefit cards, with adequate levels of security to ensure �71 security failures: the ultimate success of using countermeasures to mitigate the threats identity information protection act are negligible. according to hid corporation, one of the major 137 see cal. s.b. 30, 2007 reg. sess. �1798.135(i) (cal. 2007) ("`encryption' means the protection of data in electronic form in oct. 8, 2007). number, or other random number--permits tracking of the movements and activities of an �57 the identity information protection act protects all state-issued documents, such as driver's technological protections. on the basis that "such presentation will subject you to further liability for infringement of hid's intellectual property." larry identification documents and the existence of ubiquitous readers would enable the gathering of copyright � 2008 stanford technology law review. all rights reserved. �26 groups from across the sectors are right to express alarm about the use of insecure rfid information; (2) the id implements mutual authentication to ensure as best as possible that only rfid technology has "ever increasing processing speeds, wider reading ranges, and larger memory on the rfid chips used in hid global proxcards.14 with the push of a button on the same device, http://www.aeanet.org/publications/idjj_rfid_grad_overview.asp (last visited oct. 8, 2007). 126 jack m. germain, rfid technology faced with privacy considerations, e-commerce times, july 11, 2005, counterfeited," westhues was able to read and clone the chip in the arm of a wired news reporter in aggregation and use for purposes other than those intended are possibilities that must also be are negative perceptions of the technology--especially among women. . . . since the first survey of the series, conducted in identification documents, the concerns remain and the facts are clearer as stories of rfid breaches remaining anonymous. forcing people to carry a government id with insecure rfid technology is 156 privacy rights clearinghouse, a chronology of data breaches, oct. 5, 2007, available at asian americans for civil rights and equality, the republican liberty caucus, and many more, a complete list of the supporters, public use, to explore details . . . that would previously have been unknowable without physical dollars.16 while the british home office had adopted the triple-data encryption standard ("3 des") fundamental rights to privacy afforded both by the u.s. constitution and some state constitutions, for data to be collected and aggregated.43 computer screen. the british government could have included a feature in the new e-passport that about sutter. see also press release, victory for students, parents and civil liberties groups--company announces it will end introduced in the california state legislature in february 2005, the bill was the first legislation in the nation to address rfid 94 in sixty-three percent of fraud cases, the point of compromise was either theft by close associates of the consumer (friends, information protection act.150 immediately during a transaction and can even be acquired following a transaction, the data forms of security protection for transmission of sensitive data. these chips are sophisticated enough tv and radio news surpassed the internet as the most common way people learn about rfid."). in the federal government 6 (2005), available at http://www.gao.gov/new.items/d05551.pdf (noting that testing conducted expanded on its concerns with tracking and profiling. it cautioned that: innovation. just as important, [the identity information protection act] will provide some needed their knowledge or consent. such information. article i, section 1 of the california constitution provides for an inalienable right http://www.state.gov/r/pa/prs/ps/2006/70433.htm. press release, new research shows identity fraud growth is contained and more control than they think (jan. 31, identify the person who misused their information. new research shows identity fraud growth is contained and more control from the new rfid-embedded credit card. a distance."98 however, rfid passports continue to roll out and other rfid travel documents are in 3. support across the aisles and up and down the state copyright � 2008 stanford technology law review. all rights reserved. will likely reach $24.5 billion by 2015. the rfid market is expected to rocket 120% just between 152 off'l cal. leg. info., bill documents, http://www.leginfo.ca.gov/cgi- california and the eagle forum of california.143 the legislation also received editorial support from 2006), available at http://www.bbbonline.org/idtheft/safetyquiz.asp (last visited january 8, 2007). abated, but have come into greater focus as government oversight organizations such as the necessary technological protections to "eliminate the risk of terrorists, criminals, or illegal aliens who 155 it is particularly difficult to catch bad actors in the rfid context since rfid tags do not alert an individual that their includes an explicit privacy provision in its code. d.c. code, � 1-4 (2001). the california privacy provision will be discussed later identities and locations were being monitored surreptitiously and records were maintained about their �19 concerns about how rfid technology could be used for inappropriate tracking and profiling seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and foundational technology lie several permutations of rfid tags--"passive" tags, "active" tags, and "best practices" recommended by the dhs data privacy & integrity advisory committee to not transmit through metal--only works when the passport is closed. the information can potentially be skimmed when the en/articles/00000169.asp. idtechex is a knowledge-based company specializing in rfid smart labels, smart packaging, and particularly describing the place to be searched, and the persons or things to be seized." u.s. const. amend. iv. the states of �74 difficulty of punishing wrongdoers: the structure of rfid technology also makes it difficult solicitors wear an identification badge because it "discourages participation in the petition circulation process by forcing name information that is transmitted remotely from the rfid tag--whether that is a name, social security real concerns for public safety. basic rfid technology enables the reading of information on the advancement of structured information standards, or any other similar standards setting body, rendering that data indecipherable 0050/sb_30_bill_20061204_introduced.pdf. copyright � 2008 stanford technology law review. all rights reserved. of control, privacy, safety, and security--creating basic standards for all government-issued plan undermines privacy, provides little security (sept. 7, 2006), available at http://www.aclu.org/safefree/general/ http://www.rfidjournal.com/article/articleview/2768/1/128/ (last visited jan. 8, 2007) ("the [identity information protection technology use by the government and commercial sectors.62 http://www.aclunc.org/docs/criminal_justice/police_practices/under_the_watchful_eye_the_proliferation_of_video_surveilla members developed this document to compare and contrast the applications and capabilities of the two technologies. the supreme court found that the use of thermal imaging technology to determine whether illegal the privacy, personal safety, and financial security of americans, the bottom line is that rfid developed a reader the size of a couple of paperback books and skimmed and stored the information border security: pass card fails on cost, privacy 4 (sept. 7, 2006), available at a. privacy and security issues not properly considered safeguarding privacy and security. however, governor schwarzenegger vetoed the legislation in the protection act of 2005, including a full legislative history, see off'l. cal. leg. info., bill documents � sb 768, inches can actually be awakened and read at distances of more than twenty feet, with others scientists actually be read from a distance six times as far--twenty-four inches--and could theoretically be read from more than three feet be conducted with mere observation, but require physical or technological intrusion. in bond v. united 111 moore, supra note 107. 40 u.s. gov't accountability office, supra note 8. copyright � 2008 stanford technology law review. all rights reserved. 53 smart card alliance identity council, contactless smart cards vs. epc gen 2 rfid tags: frequently asked questions, suspicion by law enforcement, have control over their personal information and the disclosure of 20 john schwartz, researches see privacy pitfalls in no-swipe credit cards, n.y. times, oct. 23, 2006, at c1. number was sighted at a particular place in time, can then be linked to the individual. it is important prolonged discussion at all levels of society."83 adequately protected with technological features that can resist compromise, the information can be modify the real id act. that is not exposed to the public and would not otherwise be accessible through naked-eye surveillance. thus, rfid should be small-navarro, aclu sacramento legislative office, michele tatro, lee tien, electronic frontier foundation, california state 6 gene j. koprowski, wireless industry defends rfid for passports, tech news world, april 25, 2005, department of computer science, university of california- berkeley, lenny goldberg, lenny goldberg and associates, and beth individual's id may be read surreptitiously as he or she walks through a doorway or hallway, sits at devised. only been used to identify individuals on a relatively small scale, mostly for building entry and road threaten individual u.s. citizen privacy."59 washington, d.c. demonstrating the cloner and releasing schematics about how it was built. when hid learned of its intended available; who knows what will happen in the ten-year lifespan of the chips now being used? see id. immense amounts of data. the aggregation of such data will enable the government, and potentially devices have never been deployed together in a mass contactless id system. their effectiveness has california, ioactive gave a modified presentation that successfully highlighted the vulnerabilities of insecure rfid technology. see ostracism, or merely by a desire to preserve as much of one's privacy as possible . . . [it] is an aspect 106 alice lipowicz, alliance: nist smart card evaluations insufficient, government computer news, may 24, 2007, available 773-775 (1975). thousands would also need to access the central database where that information was stored; they 83 editorial, human inventory control, scientific american (may 2005), available at in california.125 �12 in february 2006, the prototype for the rfid dutch e-passport was cracked on national implications of the rfid program, the parents understood them all too clearly, and they were right information."145 the long beach press-telegram told its readers that "rfid chips are an important rfid technology.60 senator john sununu (r-nh) and senator daniel akaka (d-hi) have also address rfid technology in identification documents. however, in essence, it is rather conservative. necessary when a technology exists that can lead to significant harm to a great number of people. 7349_3-6069287.html. for incom and against the identity information protection act, he was still the attorney for the school district. rfid tag is limited to a unique identifier number, a bad actor may gain more information about an copyright � 2008 stanford technology law review. all rights reserved. unless an individual swipes or displays a card for optical reading, many of the privacy and tracking "secret key" was not-so-secret--it was sequentially issued and constructed from information on the radio waves, not including a detachable shield device or bag.") passport number, the passport holder's date of birth, and the expiration date.17 once this not-so- information encoded on rfid tags is not secure. the bills have been written, and the protections are public's distrust of rfid technology, particularly when utilized by the government, is also prevalent stevens commented in mcintyre v. ohio elections commission, in which the court found it actually keeping private information safe and secure. to try to prevent conversations between the passport and the reader, researchers found that the searches. a search violates the fourth amendment if the government violates a subjective transmitting this information or to what reader this information has been sent. on top of this student badges in sutter, california, "tagging junior high school kids becomes a form of school badges--questions and concerns that had not been adequately answered by the school or the those who are supposed to have access to the data stored on the id can read it;140 (3) the id 108 for more information about public video surveillance, see nicole ozer & mark schlosberg, under the watchful eye: the 82 article 13 of the un declaration of human rights: "everyone has the right to freedom of movement." universal protecting property, and pursuing and obtaining safety, happiness, and privacy." cal. const. art. i, � 1. influenced by money and personal relationships. rfid in identification documents is big money and for use in government-issued identification documents like passports, driver's licenses, and student products and documents using the " -chip" (or mu-chip) supported by a networked database unleashes new business and life information prior to releasing the data."53 the rfid technology being considered by the federal �50 the rfid security vulnerabilities that have come to light, the research and policy papers 28 see verichip rfid 101, http://www.verichipcorp.com/content/company/rfid101 (last visited oct. 8, 2007). http://www.ecommercetimes.com/story/44406.html. core area of personal space. the privacy implications of rfid technology in identification privacy integrity committee, and concerns voiced even by portions of the rfid industry about the without the knowledge or consent of individuals, and that such rfid-enabled systems had the use rfid technology in identification documents, including whether another type of technology cardholder: "[b]ecause data in an rfid network has little human intervention and is acquired his city by 2016.109 savi technology.118 he stated at a conference that "rfid will make us safer" and that government 76 concerns with the use of rfid in identification documents. it wrote that rfid-embedded . . to any compatible reader, with no ability to authorize that the reader is allowed to access the personal information such as medical predispositions or personal health histories. on fear hurts progress, san fernando bus. j., july 4, 2005, available at http://www.allbusiness.com/government/advocacy-consumer- board decision and meetings or became a lobbyist for the company several months later. but while he was in sacramento lobbying b. concerns dismissed as exaggerated and paranoid susceptible to forgery" and how "very easily" this can be done.86 identification procedure that does not use radio waves, (2) a security protection, such as mutual �53 the best decisions about privacy and security are also less likely to be made when individuals are �38 personal safety: the use of rfid technology also has implications for both personal and used at many public and private buildings across the nation.13 at the rsa conference, chris paget, 65 kyllo v. united states, 533 u.s. 27, 33 (2001). kept under surveillance at school, s.f. chron., feb. 10, 2005, at b1, available at http://www.sfgate.com/cgi-bin/article.cgi?f=/ standards to try to reduce the chance that people's private information will be misused and provide security industry consultant, estimates that it will grow to $21 billion in 2010 and predicts that "pretty that people are able to decide who can access their information and when. it also requires that all card.106 alaska, arizona, california, florida, hawaii, illinois, louisiana, montana, south carolina, and washington have explicit 142 smart cards for access control advantages and technology choices, 2005, at 2, 2007). 15 flash video: rsa: door cards--the enterprise's weakest link, supra note 13. 63 "the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and more may be forced to carry them in the years to come.100 the federal government's original plan account numbers in response to e-mail, phone or in-person requests."91 if personal information is security breaches were not a worry, lengthy discussions resulted in both aea and the information (2) an authentication process to try to ensure that the identification document was legitimately issued affect individual privacy, data integrity, data interoperability and other privacy related issues. for more information, see july 2006, at 5, http://www.smartcardalliance.org/resources/pdf/epc_gen_2_faq_final.pdf. interplay of this technology with other surveillance infrastructure that is being developed and travel tracking systems, and attempted to authorize itself to open postal mail without a warrant--the a. identity information protection act the assembly with a strong bi-partisan vote of 49-26 on august 21, 2006. for more information about the identity information applications and capabilities 3, http://www.hidcorp.com/documents/tagsvssmartcards_wp_en.pdf ("smart card alliance these secrets could be kept for long. the government has not had a good history of database security. �27 privacy rights are guaranteed by the fourth amendment to the united states constitution and even more widespread profiling of individuals. profiling functions to create a picture of a person's access to a key or password to read the information. authentication is the process of determining whether someone or something 123 it is not clear whether paul boylan was a lobbyist for the sutter rfid company, incom, at the time of the initial school copyright � 2008 stanford technology law review. all rights reserved. the risks of rfid and fostered critical debate about whether it is an appropriate technology for use measures. the british government apparently chose not to do so.18 according to adam laurie, the uses by the government. further, "the number of u.s. consumers who are aware of rfid technology is growing steadily, but so time: the history of rfid, oct. 1, 2001, http://www.transcore.com/pdf/aim%20shrouds_of_time.pdf. person's association with others or with organizations. individuals have a right to protest, distribute authentication is very little. the hid corporation recently touted that "until now, proximity documents is also reasonable and supported both by state law and supreme court jurisprudence. technology has a very long read range, on the "order of 30 feet, or more," and would "perversely 43 id. at 22. passports issued by other countries under the same international e-passport standards have already the use of rfid technology in identification documents threatens this ability. legislature, sending an emphatic message to governor schwarzenegger that the privacy and security person's name, social security number, or account number, is encoded on an rfid chip and not �47 the federal government is also in the process of creating a new rfid-embedded travel 56 this january 30, 2006 letter was signed by aea, anteon international corporation, axalto inc., gemplus corporation, 140 declaration of human rights (1948), available at http://www.un.org/overview/rights.html. the public good and promote the careers and public policy interests of the more than 220,000 electrical, electronics, computer and be embedded in the chip with no encryption or other privacy or security protections.101 the united 96 for more information about the real id act, see real nightmare, http://www.realnightmare.org (last visited january 8, chips. once someone has read this information, they can use it to access unauthorized areas and 68 see va. code ann. � 46.2-104 (2007); wash. rev. code ann. � 46.20.037 (lexisnexis 2007); idaho code ann. � 49- �40 according to industry representatives themselves, basic rfid technology does not have the industry re-branded as "smart cards," "smart chips," and "contactless integrated technology."6 federal agencies for official purposes 30-1 (feb. 28, 2007) 76, available at many states have passed statutes which provide explicit authority to law enforcement to require readable, accessible, or otherwise operational under any circumstances, and only remotely readable, accessible, or operational while 58 id. copyright � 2008 stanford technology law review. all rights reserved. technology, its vulnerabilities, and its impact on civil liberties and consumer privacy. it will also 2006, http://www.internetnews.com/security/article.php/3582971. documents should be considered equally because the technology enables the remote and surreptitious to catch bad actors if countermeasures should fail. since rfid technology does not alert you that the industry are being short-sighted by trying to roll out more uses for rfid devices before their security document. the device shall only be remotely readable while the person intentionally enables the identification document to be 59 id. however, regardless of the name, all segments of the rfid market are based on the same core international concerns and pushed for radio chips in passports without security (2004), are encoded with personal information, such as a name, address, or social security number.139 these copyright � 2008 stanford technology law review. all rights reserved. as "smart" as the decision-makers who decide what types of protections should be built onto these transactions over a period of time. the deployment of rfid technology in government states government tried to quietly dismiss the concerns of other nations and the aclu about the records, employment history, travel and buying habits, and dna and drug testing records.112 in its protective sleeve. a cardholder may drive for miles within range of any reader capable of picking up and tracking the in government-issued identification documents. identification documents is inappropriate because of its chilling effect on the exercise of free speech. capitol building to be ringed with barricades. this work was completed in 2006. copyright � 2008 stanford technology law review. all rights reserved. 103 the metal shielding that has been woven into the cover to stop the information from being read--since radio waves do 104 laurie sullivan, new border-crossing card could boost rfid demand, intelligent enterprise, sept. 7, 2006, 4. insecure rfid technology impacts rights to free speech 22 abc 7 news: cloning rfid tags in sacramento (abc television broadcast aug. 2006), available at a. rfid passports http://www.smartcardalliance.org/alliance_activities/whti.cfm (last visited jan. 8, 2007). and security concerns and the gao has found only that "encryption and authentication can help 2006, at 3, http://www.smartcardalliance.org/resources/pdf/smart_card_alliance_response_passport_card_final.pdf. 122 catherine komp, parents fight `demeaning' school tracking technology, the new standard, feb. 14, 2005, 129 cal. civ. code � 1798.90.1 (deering 2007). researchers, and motivated criminals. in recent years, it is likely that some method for circumventing these protections can and will be also an issue. as drivers are speeding away from the border, they may not always remember to replace the pass card immediately the state department expressing her distress that the administration has not fully considered the data the pipeline.99 d. california capitol entry cards cracked by marc-anthony signorino, director and counsel for technology policy, aea, "[i]f it doesn't keep deployed in the new western hemisphere travel initiative ("whti") card, the trade organization type of product or its origin. these chips, some as small as a grain of rice, are then embedded in 2006 about the vulnerabilities of rfid technology, including those by the gao and the dhs 2007). from obscurity to being relatively well-known in the minds of many americans.4 along with firestorm over the privacy and security implications of a technology called radio frequency http://www.aclu.org/privacy/spying/15780res20050426.html. questions: (1) has the individual, by his or her conduct, "exhibited an actual (subjective) expectation tags to determine how families use the park, such as "gaug[ing] consumer interest in new rides, even �28 the use of insecure rfid in government identification documents facilitates unreasonable shown with the recent crack of rfid credit cards, basic rfid technology transmits information that tracking pilot program (feb. 16, 2005), available at http://www.aclunc.org/news/press_releases/victory_for_students,_parents the manufacturing sector and then to tag and track cattle and other livestock. prior to 9/11, it had 2006, the committee set forth a host of criteria for agencies to consider when deciding whether to ever-growing public surveillance systems, presents particularly grave concerns. public surveillance �6 some tags are called "smart" because they possess the technological capability to include some technique for intercepting the information being transmitted by an rfid-embedded credit card; tens engage in reckless driving. likewise, rfid bills are necessary to create basic privacy and safety 0050/sb_30_cfa_20070313_155055_sen_comm.html. 14 see paul f. roberts, black hat dispute stirs rfid security awareness, infoworld, feb. 28, 2007, 25 the dutch e-passport, also based on the icao standard, also failed to incorporate additional optional technological being protected. key privacy concerns include tracking an individual's movements and profiling an hundreds of hours of negotiations over nine months with representatives from aea and itaa and member companies, including mere hours with a reader the size of an mp3 player and an antenna about five inches long.27 while custom-designed anti-theft bmw's, by using software to spoof the rfid system.32 the security 31 peter weiss, outsmarting the electronic gatekeeper: code breakers beat security scheme of car locks, gas pumps, science news in its draft report, the committee found that rfid "appears to offer little benefit when compared 149 the bill's author and sponsors, including the aclus of california, eff, and privacy rights clearinghouse, engaged in copyright � 2008 stanford technology law review. all rights reserved. �8 in february 2007, io active, a small computer security firm based in seattle, washington, �24 the aea and leading technology companies have also echoed the concerns that core rfid reader, but are capable of initiating communication with a reader and continually broadcasting their video surveillance cameras has grown to over sixty cameras, with plans to seek dhs funding in the necessary distinctions between beneficial private uses of new technology and mandatory government style applications that facilitate innovative manufacturing, distribution, consumption, tracking and recycling operations, http://www.guardian.co.uk/idcards/story/0,,1950226,00.html. contained . . . and easily create a duplicate. the scenario can be imagined where a potential device. information. the rfid industry has admitted that shields are not a realistic solution to the privacy �55 because privacy and security issues are overlooked, concerns are often dismissed, and money and of privacy" by seeking to preserve something as private; and (2) whether the individual's subjective under terry v. ohio, 392 u.s. 1 (1968) (holding that police may only stop individuals on the public streets and conduct a limited 90 the 2006 identity fraud survey report--released by the council of better business bureaus and javelin strategy & and location information to be recorded for perpetuity, facilitates law enforcement actions that are technology in the federal government, supra note 8, at 3; see also western hemisphere travel initiative pass card: just a few hundred dollars. see westhues' home page, http://cq.cx/prox.pl (last visited oct. 8, 2007) (online tutorial). a quick 1. insecure rfid impacts privacy rights technology with the proliferation of national identification documents means that that the terrorist surreptitiously skims the epc number information . . . and then easily creates a the industry may not want legislation because "it tells the general public that rfid is too risky."154 http://www.cagw.org/site/docserver/whti_report__2_.pdf?docid=1721. individual by using that unique identifier to access a database, by video camera, or by close-range protects an individual's privacy and security5--so much so that some manufacturers and government people traveling between the united states and mexico, canada, bermuda, and the caribbean show a states, the court held that feeling soft luggage was a search, stating that "[p]hysically invasive http://www.intelligententerprise.com/channels/process/showarticle.jhtml?articleid=192600700. at the rsa security conference). people are given notice about the technology and the location of the rfid readers. the bill is a computer expert who helped crack the e-passport, the protections put in place to protect this need to know the name and personal information associated with the unique identifier number. there are adequate protections in place for the use of rfid tags in government-issued id documents homeland security in 2006 by its data privacy and integrity advisory committee ("privacy advisory children, and crime victims to people with public positions such as judges and doctors who might b. insecure rfid technology interferes with constitutional rights products" and "is not the appropriate technology to use for securing human identification vendors of rfid technology in the united states, the cost differential between largely unprotected theft is currently a problem, many people can often determine how their information became badges that appeared to have computer chips embedded inside. the parents had questions and individuals, which then lead to requests by law enforcement to display identification, must still be http://www.ecommercetimes.com/story/44406.html. 02 (2006), available at http://www.dhs.gov/xlibrary/assets/privacy/privacy_advcom_12-2006_rpt_rfid.pdf. nicholas c. burbules, privacy, surveillance, and classroom communication on the internet, access (1997), available at 110 networking/ip to drive video surveillance market growth, says isuppli, tekrati, mar. 20, 2007, over fifty rfid bills have been introduced in over thirty states.124 one of the most highly publicized http://www.ieeeusa.org/policy/positions/rfid.html; see also ass'n for automatic identification and data capture tech., shrouds of document prior to each transmission of data using radio waves, without which the identification document will not transmit data surreptitious surveillance tool and just hope that it will not be abused. have over the personal information on identification documents like their driver's licenses. as 135 cal. s.b. 30, 2007 reg. sess. �1798.10(9) (cal. 2007). http://semiconductors.tekrati.com/research/news.asp?id=8608. 67 the supreme court has held in some cases that there is no fourth amendment protection over information exposed to numbers, encryption, and mutual authentication since the core technology is actually developed to iii. the very real worries of the sutter parents and the public technology significantly threaten privacy. in its letter to the state department, the smart card the assembly with a strong bi-partisan vote of 49-26 on august 21, 2006. for more information about the identity information �17 profiling: the use of rfid technology in identification documents also lays the groundwork for a standard cell-phone, costing twenty dollars in parts, could read the personal information encoded stopped, or at least stalled, the plan to use rfid in all driver's licenses pursuant to the real id act. smart card alliance, rfid tags and contactless smart card technology: comparing and contrasting include the following categories: "claims history data, motor vehicle records, police records, credit information and modeling _and_civil_ liberties_groups_-_company_announces_it_will_end_tracking_pilot_program.shtml; greg lucas, sutter county: students �20 the gao continued by stating that "[a]mong the key privacy issues are notifying individuals of public safety. if information on identification documents can be skimmed or eavesdropped, a bad protections for sensitive information.21 however, researchers found that information such as the http://www.eweek.com/article2/0,1759,2073670,00.asp. proliferation of video surveillance in california, aug. 2007, step in the right direction. information encoded on an rfid tag can be read from distance. the study also said that while id chip our rights away, supra note 3; see also off'l. cal. leg. info., bill documents � sb 30, http://www.leginfo.ca.gov/cgi- contactless id system involving millions of ids, thousands of authorized persons and readers would 102 are e-passports more secure?, wall st. j., sept. 29, 2006, available at the information from the passports could be copied and pictures of the holders appeared on a copyright � 2008 stanford technology law review. all rights reserved. analysis: as introduced: sb 30:, mar. 13, 2007, available at http://www.leginfo.ca.gov/pub/07-08/bill/sen/sb_0001- c/a/2005/02/10/bagg0b8i4d1.dtl.; kim zetter, school rfid plan gets an f, wired, feb. 10, 2005, privacy act and contain much more information than government databases. the aclu has been firm in its opposition to 120 press release, applied digital, verichip corporation appoints former secretary of health & human services and 1 see press release, privacy rights are at risk--parents and civil liberties groups urge school district to terminate use of database and campaign management services . . . ." for more information, see choicepoint, mar. 14, 2006, the actual chip to spoof the transmission or clone the card. the data that is read could be easily homeland security, politicians, researchers, and industry organizations have looked more carefully at help maintain privacy, personal safety, and financial security. 148 itaa is the nation's largest information technology trade association, representing over 1100 member companies and copyright � 2008 stanford technology law review. all rights reserved. research was a surprise to many car owners, but probably not to many car thieves. police believe that hemisphere travel initiative pass card: recommendations for using secure contactless technology vs. rfid, privacy and security of californians. in his veto statement, governor schwarzenegger said that he committee").44 in its final report released in december 2006, the committee warned of several http://www.nytimes.com/packages/pdf/business/20061023_card/techreport.pdf. 51 the smart card alliance is a membership organization that "includes over 150 u.s.-based and international organizations protections. for example, the surreptitious monitoring and recording of identity and location �54 there also appear to be close relationships between the rfid industry and government [t]he moving force behind the new constitutional provision was a more focused privacy breached or whether the technology is being misused. individual. with tests revealing that rfid tags can actually be read at a distance of many feet, an electronics association (aea)12 no. 2006-02 10-11 (2006), available at http://www.dhs.gov/xlibrary/assets/privacy/privacy_advcom_12-2006_rpt_rfid.pdf; sacramento, sent a letter to the offices of the american civil liberties union (aclu) of northern 113 according to the rfid consumer buzz report, a quantitative survey conducted during december 2004 and january 2005 countless cases from the last few years of security breaches at such places as the department of into the public spotlight by these two unassuming sets of parents who had a few straightforward 36 online tutorials exist for counterfeiting rfid cards and rfid readers the size of cell phones can be purchased online for "appropriate layered levels of protection and security . . . as standard policy" and "clear notices accessed by another individual.94 since rfid technology does not alert an individual to when it has 79 naacp v. alabama, 357 u.s. 449 (1958) (forbidding the state of alabama from compelling the naacp to disclose its i. introduction been compromised, demonstrating that the passports can be cloned and the personal information of being temporarily switched on or otherwise intentionally activated by a person in physical possession of the identification important legislation that properly balances the potential benefits of emerging technology while 125 s.b. 30, 2007 leg. sess. (cal. 2006), available at http://www.leginfo.ca.gov/pub/07-08/bill/sen/sb_0001- reduce privacy rights because of its potential to be used for anonymous and invisible tracking. any associated with the use of rfid depends on maintaining the security of the systems. in a mass the proper exercise of free speech. laws requiring people to identify themselves when expressing to the original reason for carrying or using the rfid-embedded card, without the knowledge of the 29 for information on jonathan westhues' work, see westhues' home page, http://cq.cx/vchdiy.pl (last visited oct. 8, 2007). privacy and security of the new rfid-embedded passports, claiming that the technology was safe privacy and anonymity leads to a reduced willingness or opportunity to engage in unfettered speech than to satisfy a legal requirement.70 a liquor merchant can ask to see an individual's license to verify of fourth amendment protection, rfid readers, like thermal imagers, use a technology to invade a integrity, and availability of the data on the tags, in the databases, and in how this information is of public places and the right to anonymity, 72 miss. l.j. 213, 243 (2002). privacy and security in identification documents--the same government that has continually failed to 21 see id. ("american express has said its cards incorporate `128-bit encryption,' and j. p. morgan chase has said that its cards, technology in government identification documents. its use will have widespread impact on privacy enabled; rather, it calls them "contactless smart-cards . . . dhs avoids the term `rf' [radio frequency] like the plague . . . ."); see also standards: (1) tamper resistant features in order to prevent duplication, forgery, or cloning of the id; act must be followed at a bare minimum, with frequent tests to ensure that these documents are http://stlr.stanford.edu/pdf/ozer-rights-chipped-away.pdf representatives who are making decisions about new identification documents. former secretary of likely would have prevented this attack. the specification for the international e-passport developed rfid technology in government ids also uniquely depends on measures such as unique identifier addressed."50 subjects. by the u.s. state department showed that smart cards with passive chips that had an intended read range of only four inches could given the responsibility of formulating the security guidelines for all new international e-passports. ari juels et al., security and 30 see verichip's company page, http://www.verichipcorp.com/company.html (last visited oct. 8, 2007). over the course of two years of work with these extraordinary individuals on the identity information protection act. first visited. "then the system infers people's behaviors and deliver[s] information based on the inference california law to access that data or identification document.") and free speech rights. such rights are not aspirational, but are guaranteed by both the united states would mean, how far that letter would go, how it would impact their family, their town, and the membership as a result of surveillance); olagues v. russoniello, 797 f.2d 1511 (9th cir. 1986) (plaintiffs were targets of rfid technology takes place within the larger context of an extraordinary expansion in the number encoded on rfid chips, it will be increasingly difficult to maintain control over this information. identification documents. any of the other information on a license. vii. problems in need of solutions any discussion of the privacy or security issues before the school district decided to force children as that has been shown to be extremely vulnerable to spoofing and cloning and that allows people to press release, aclu of northern california, hid threatens patent lawsuit, silences important rfid presentation at national information about the e-passports is available here: http://travel.state.gov/passport/eppt/epptnew_2807.html. the use of rfid in identification documents does not "ban the technology," "stifle the technology," 114 u.s. gov't accountability office, supra note 8, at 17. be used to verify the authenticity of the pass card and eliminate the risk of terrorists, criminals, or illegal aliens who have a passing an instance of a security breach." a. all government documents joe simitian (d-palo alto) and recently reintroduced, it creates a comprehensive plan to ensure that available and cost very little to incorporate. yet insecure rfid technology is still being considered california. their daughters had come home from their public middle school with new identification �18 rfid-enabled profiling is already being deployed in the commercial sector. for example, stored on documents away from public view could, or should, be accessed from a distance without recognition. subsequent sightings of that identifier number, or stored records of when that identifier screen. he transmitted the information from his laptop and, with the high security door believing he �68 three years after the sutter story launched a national debate about the use of rfid in �5 "active" tags have their own battery source. they do not have to wait to be awakened by a required individuals to notify the post office of interest in certain political materials before receiving them in the mail); talley v. document, the people access security service ("pass") card.104 this new document is being use of tags and databases raises important security considerations related to the confidentiality, tags, the software running on the phones sends out information such as the stores that people motor vehicles, veteran's affairs, and universities cast serious doubt on whether the government ("`authentication' means the process of applying a machine-readable process to data or identification documents, or both, so as to safety, and financial security of their constituents by introducing rfid bills. in the last several years, act] also tells the general public that rfid is too risky--a growing perception already shaping the overall market for rfid 133 for more information about the identity information protection act, including the full text of the legislation, see don't impact on privacy and tracking.114 the department of homeland security.107 camera systems have been approved and instituted in actor may use this information for improper purposes. many people have important interests in breached," and the ieee, whose policy statements have stated that legislation must provide by the international civil aviation association ("icao") detailed a feature called "active 72 kyllo, 533 u.s. at 40. 87 id. (emphasis added). security fix, feb. 27, 2007, http://blog.washingtonpost.com/securityfix/2007/02/legal_threat_silences_rfid_sec.html; robert violence, california state parent teacher association (pta), consumer federation of california, privacy rights clearinghouse, using radio waves. (b) a data-carrying device, such as an integrated circuit or computer chip, that is normally not remotely these privacy issues . . . . tags can be read by any compatible reader. if readers and tags v. impact of surveillance infrastructure efficiency. since these other forms of machine-readable technology do not transmit information badges. this technology, which had been quietly creeping into the lives of americans, was blasted services, . . . employment background screenings and drug testing administration services, public record searches, vital record viii. three years after sutter 117 rfid market to reach $7.26bn in 2008, idtechex, apr. 10, 2005, http://www.idtechex.com/products/ documents. in its position paper adopted by the board of directors in 2006, the group stated that fourth amendment was not violated by requiring individuals to reveal identity to police officer in the course of reasonable stop potential to allow "widespread surveillance of individuals . . . without their knowledge or consent."45 positioning systems ("gps"), cell-site location tracking, and public video-surveillance technologies-- tantamount to requiring people to potentially identify themselves whenever they walk, speak, or meet cameron, homeland security privacy office slams rfid technology, kim cameron's identity weblog, may 19, 2006, _parents_and_civil_liberties_groups_urge_school_district_to_terminate_use_of_tracking_devices.shtml for more information . . . widespread adoption of human-tracking devices should never be embraced without serious and authentication; (3) a security protection, such as encryption;137 and (4) a security protection, such as long period of time. the airport, stands at a political rally, or visits a doctor's office or a gun show. rfid readers will also intercepted, stored, and then cracked. the crack allowed full access to all the information on the �59 the identity information protection act seeks to help californians maintain their present level 48 "this statement was developed by the committee on communications and information policy of the ieee-united states risks. in the case of automobiles, law both mandates protections, such as seatbelts and airbags, in see cal. s.b. 30, 2007 reg. sess. �1798.10(1-3) (cal. 2007); cal. s.b. 30, 2007 reg. sess. �1798.135(b) (cal. 2007) conservative and liberal newspapers up and down the state of california. the orange county register reached out to the aclu to try to get some answers. these parents had no idea what that letter unique patterns in their radio exchanges. and that is only what has been uncovered in the short time these chips have been �67 with the strong bipartisan passage, california legislators were again on the forefront of crafting activities were occurring inside a home, --information that would otherwise require physical prohibiting the distribution of anonymous campaign literature and taking note of "a respected tradition of anonymity in the 139 cal. s.b. 30, 2007 reg. sess. �1798(10)(3-5) (cal. 2007). �7 while industry representatives may claim that rfid technology is secure, the facts over many (1) the id implements robust encryption to protect against the unauthorized reading of transmitted refrain from abusing a tool that enables them to collect unprecedented quantities of information on 93 forty-seven percent of victims could identify the source of the data compromise. thirty-six percent of victims could 131 cal. civ. code � 1798.85(a)(2) (deering 2007). until they are awakened by receiving energy waves in the radio signal emitted by a reader. studies agencies to reconsider whether to use basic rfid technology because its use "would potentially information that is facilitated by insecure rfid in identification documents is exactly the type of senate with a vote of 33-3 on may 24, 2007, and is continuing to move through the california aclu, global identity cards, apr. 26, 2005, http://www.aclu.org/privacy/spying/15780res20050426.html. tracking devices (feb. 7, 2005), available at http://www.aclunc.org/news/press_releases/privacy_rights_are_at_risk_- been read or by what reader, it will likely become harder to determine when information has become iraq and tsunami appropriations bill, seeks to create a national id card and national database of information on practically data security, card durability, and memory storage, without the same privacy and security risks http://www.leginfo.ca.gov/pub/07-08/bill/sen/sb_0001-0050/sb_30_cfa_20070521_105105_sen_floor.html. individual's habits, among others."41 to the privacy, personal safety, and financial security risks associated with the use of rfid identification documents might enable unauthorized access to information through skimming and family, neighbors, etc.), lost or stolen wallets, cards and checkbooks, breached home computers or stolen mail or trash. trash as a to find their children if they get lost. but, meanwhile, the parks also collect the data from the rfid information on the tag could also be "surreptitiously skim[med]."58 the letter urged the government results."39 wiretapping, accessed the private call records of millions of innocent americans, utilized secret airline http://www.infoworld.com/video/archives/2007/02/rsa_ioactive.html (interviewing chris paget demonstrating the rfid cloner disfavored for identifying and tracking human beings."46 in its final report, released in december, include proper protections on rfid tags.151 following the governor's very short-sighted veto, the http://www.infoworld.com/article/07/02/28/hnblackhatrfid_1.html; see also brian krebs, rfid flap silences security researchers, rfid technology in id documents like driver's licenses, and the security risks associated with they are serious issues for any human identification application."55 dhs data privacy and integrity advisory committee that "[i]t's inappropriate to use rfid technology for tracking and copyright � 2008 stanford technology law review. all rights reserved. companies like american express and j.p. morgan chase claimed that the cards incorporated of america (ieee-usa) and represents the considered judgment of a group of u.s. ieee members with expertise in the subject secret key was known, the rfid tags in the passports could be read. within minutes of being read, authenticating identities of people." he further noted, "[y]ou can think of rfid as an insecure barcode with an antenna." see kim e. dutch e-passport prototype cracked identification documents, and their expectation of privacy for the information on these documents is 2. insecure rfid in government ids facilitates unreasonable search used by young people or are likely to be carried and used on a regular basis. 77 identification ("rfid"). first used during world war ii to differentiate between friend and foe soon, cameras will be like smoke detectors: they'll be everywhere."111 the coupling of rfid cities throughout the country without guidelines to guard against abuse and, in most circumstances, expectation of privacy that society recognizes as reasonable.65 the inquiry involves two discrete �1 in january 2005, parents from a small town named sutter, california, an hour north of sleeve."54 the smart card alliance concluded by stating that "while these vulnerabilities may not be 52 smart card alliance, comments on the smart card alliance to the department of state federal register notice, nov. 3, information from a license for any other purpose than to satisfy a legal requirement.129 california law http://www.vnunet.com/vnunet/news/2126853/rfid-set-growth-explosion. accountability office found that only one of the sixteen federal agencies that responded to its 2005- technology used in identification documents. senator hillary clinton (d-ny) submitted a letter to successfully cracked the encryption code on the texas instruments chips in thirty minutes. once �49 the video surveillance market is expected to be a $9 billion industry by 2011.110 j.p. freeman, a 55 smart card alliance identity council, supra note 53, at 5. in a database. http://www.aclu.org/images/general/asset_upload_file993_28735.pdf. to privacy,128 and the california civil code prohibits a business from retaining or using personal vulnerable.93 this is because a majority of identity theft occurs through lost or stolen wallets, credit resources either by spoofing the card and sending out the radio signal with the information from a secure the california state capitol, westhues read the rfid-embedded entry cards of two california �48 the further use of rfid technology in government identification documents, combined with 316 (2007). 2007). for more information about whti, see press release, aclu and allies oppose western hemisphere travel initiative, say lemos, legal threats scuttle rfid flaw demo, security focus feb. 27, 2007, http://www.securityfocus.com/news/11444. the expansion of government surveillance and data collection. the ballot argument in favor of the identification documents containing rfid tags.133 just like a lock on a door to keep things from insecure rfid technology in identification documents may also implicate state constitutional �46 some americans have already started to receive new rfid-embedded passports and millions amendment rights by facilitating unreasonable searches. some punishment for bad actors that can be caught.155 just like we mandate basic safety standards technology simply "does not support the necessary security safeguards to allow border officials to technology does not adequately protect privacy. in a 2006 letter to the department of state and school. they provided the rfid systems for free to the school and gave the school a donation of "a maximize the possibility . . . of an illicit actor `tracking' a person at very long ranges."57 the copyright � 2008 stanford technology law review. all rights reserved. online, feb. 5, 2005, http://www.sciencenews.org/articles/20050205/fob8.asp. 64 katz v. united states, 389 u.s. 347, 351 (1967) (reversing olmstead v. united states, 277 u.s. 438 (1928)) (holding that a applications for rfid technology.117 americans are paying for this rfid technology and fueling 13 flash video: rsa: door cards--the enterprise's weakest link, to destroy our traditional freedoms."74 in white v. davis, the first california supreme court to recorded by law enforcement with mere observation. individuals must either be stopped and forced billion in 2005 and is estimated to reach $7.26 billion by 2008. "driven by demand and new laws," it "rfid technology secures our privacy, prevents theft, and saves lives." couple thousand dollars."121 the company also promised to give royalties to the school district for proposition cited "the proliferation of government snooping and data collecting [that] is threatening "secret key" to open up the secure chip was actually published on the face of the passport--the existence of an entry card and gaining access to the very buildings or information that the rfid monitoring and recording who you were, where you were, and what you were doing. the loss of wrote that the bill was "a completely reasonable approach to the issue, one that would make "smart" tags. 2. department of homeland security data privacy and integrity advisory committee vulnerabilities lead to the possibility of both eavesdropping on the transmissions and tampering with 4. legislators thinking ahead, governor short-sighted national debate over personal privacy in post-9/11 america.1 aclu stories often start like that. and amendment. the court found that "where . . . the government uses a device that is not in general research--was reported to be the largest study ever on identity theft. it found that between 2005-2006, 8.9 million people were counterfeited. it is safe, secure . . . ." verichip rfid tags, http://www.verichipcorp.com/content/company/fridtags (last visited �52 industry and the government have also often tried to dismiss the concerns of individuals like the 750 feet, depending on battery power. the batteries in these tags normally last several years.9 technology in government-issued identification documents.3 this policy paper will discuss rfid laptop, as was done by jonathan westhues at the sacramento capitol, or cloning the card by taking http://www.wired.com/wired/archive/14.05/rfid_pr.html; susan kuchinskas, the new chip-erati, internetnews.com, feb. 6, http://www.dhs.gov/xlibrary/assets/privacy/privacy_advcom_rpt_rfid_draft.pdf. 134 nce_systems_in_california.pdf company selling the new technology. in the past few years, these questions and concerns have not --roxanne gould, senior vice president, ca government & public affairs, american services, authentication services and people and shareholder locator information searches, . . . print fulfillment, teleservices, 4. industry representatives rfid in identification documents, the protections delineated in the identity information protection x. next steps of insecure rfid technology in government identification documents interferes with fourth (a special report): consumer technology, wall st. j., apr. 25, 2006, at r11. access control protocol requiring the machine-readable or other nonradio frequency reading of information from the identification cameras are proliferating throughout the united states, funded in part by $800 million in grants from tests of using rfid to identify passengers and cargo at airports were a "success" and that the "feds --aea website, january 2, 200734 requirement may be satisfied by the implementation of one or more means including, but not limited to, the following:(a) an ("fda") for implantation into humans, was cracked by jonathan westhues in less than two hours.26 transmit information to anyone with a compatible reader without the knowledge or consent of the "there are more than 200 million of these security devices [rfid] used worldwide with not former governor of wisconsin tommy g. thompson to its board of directors (july 7, 2005), available at 12 hahn kim quach, id tech on fast track--for better or worse, orange county reg., aug. 7, 2005, available at sensitive information were the equivalent of "installing a solid steel front door to your house and 154 doug farry, supra note 5. participating in a political protest or attending a gun show if there was a possibility that their �36 liberty and human dignity: in addition to privacy and free speech considerations, rfid which it calls blink, use `the highest level of encryption allowed by the u.s. government.'"). �13 in february 2006, the verichip, an rfid tag approved by the federal drug administration passport is closed, and have pointed out that there are no protections that prevent tracking. rfid chips can still be identified by 78 buckley v. am. constitution law found., 525 u.s. 182 (1999) (striking down colorado's requirement that petition http://www.rfidjournal.com/article/articleview/1409/1/1/ (discussing a quantitative survey of more than 7,000 consumers and security--radio frequency identification technology in the federal government.40 the gao found that "the that individual. further, the increased presence of readers can provide more opportunities expectation of privacy is one that "society is prepared to recognize as `reasonable'" or justifiable straightforward example of the type of solution discussed by security professionals like those from activities. from political speech to daily activities, once individuals think they could be "observed and implements an additional security feature to ensure that the id cannot be read unless the id holder copyright � 2008 stanford technology law review. all rights reserved. 2007 and 2009.116 access cards for the financial, security, and safety markets are the key volume security (nov. 24, 2004), available at http://www.aclu.org/pdfs/privacy/nakeddata20041124.pdf.; important_rfid_presentation_at_national_conference.shtml. of individuals is astronomical, the costs to implement layered protections such as those in the 147 editorial, the right to be left alone, s.f. chron., aug. 25, 2005, at b8. an access control protocol that enables the holder to exercise direct control over any transmission of everyone over the age of sixteen. all national ids will have both personal information listed on the face of the card and in a identity theft? one of its "top tips" was to "keep all sensitive documents, checkbooks and credit away). scientists from los angeles-based flexilis showed at defcon in 2005 that passive rfid chips can be read at up to sixty- 115 aea says the concerns are "often exaggerated." kazmierczak, supra note 34, at 1. the parents in sutter were thought by of the technology industry itself that basic rfid technology allows for tracking individuals and �75 there are many concerns with basic rfid technology and also with the ability of right on target or perhaps not alarmist enough. for example, as discussed supra, the united states 81 mcintyre, 514 u.s. at 341-42. date of birth in order to satisfy the legal requirement to check drinking age, but cannot retain or use given suspect may be armed and dangerous). giesecke & devrient cardtech, inc, infineon technologies, oberthur card systems of american, philips electronics north to the consequences it brings for privacy and data integrity," and recommended that "rfid be some privacy and security protections. however, the aclu and computer security experts have told �63 individually, each of the layered protections is not likely adequate to protect personal the moment, i could walk past someone on the street, maybe stand next to them in an elevator, and i wiretap of a public telephone violated the fourth amendment). g. rfid gas cards and car keys cracked the data using radio waves.138 the additional protections are necessary because such cards are either 39 rfid in japan, sept. 11, 2006, http://ubiks.net/local/blog/jmt/archives3/005739.html. 91 id. provision's primary purpose is to afford individuals some measure of protection against this advised that "[t]he security provisions for data acquired using rfid technology must adequately �69 passing legislation to ensure that there are adequate privacy and security protections in place on products."). �23 industry representatives have also formally expressed worries that some forms of rfid continue to get more powerful, with greater read ranges fitting into smaller devices, making them privacy and security concerns with the use of epcglobal uhf generation 2 technology in the western hemisphere travel eavesdropping, that information transmitted might be reused or leveraged for a second purpose implementation of the real id act. legislation is moving through the federal government and in more than twenty-eight states to advocacy of a political cause"); lamont v. postmaster general, 381 u.s. 301 (1965) (striking down government measure that c. encoded with personal information concerns are "often exaggerated."115 while the sutter school board did not recognize the grave http://www.epic.org/privacy/choicepoint/. nine feet. brian krebs, leaving las vegas: so long defcon and blackhat, security fix, aug. 1, 2005, expressed in this article are not necessarily those of the aclu or the aclu of northern california. special thanks to valerie 16, 2004, http://www.icao.int/mrtd/download/documents/tr-pki%20mrtds%20icc%20read-only%20access%20v1_1.pdf. cause. this zone of control extends far beyond the front door of a home--it also protects places or copyright � 2008 stanford technology law review. all rights reserved. �11 in august 2006, security researcher jonathan westhues showed the vulnerability of high security could grab their card id and get into the building."15 currently printed on the face of united states passports, such as names and passport numbers, would 107 martha t. moore, cities opening more video surveillance eyes, usa today, july 18, 2005, at 3a (also mentioning an state legislators. in a matter of seconds, the information from the rfid tag popped up on his laptop 32 robert vamosi, gone in 60 seconds--the high tech version, cnet news, may 8, 2006, http://news.com.com/2100- habits, tastes, or predilections; and allowing for secondary uses of information."42 the gao �65 the identity information protection act received widespread support from a broad spectrum of b. british e-passports cracked individuals to display their driver's licenses for identification purposes.68 however, initial stops of nicole a. ozer embedding it on a machine-readable magnetic strip.132 4 see mary catherine o'connor, surveys reveal dubious consumers, rfid journal, feb. 17, 2005, specifically authorizes that reading; and (4) the id holder is notified of several pieces of information, �60 the first layer provides that every state-issued identification document must meet three basic address the fact that data can be collected at a distance, inconspicuously and even unintentionally."49 to time throughout history have been able to criticize oppressive practices and laws . . . anonymously"). questions and concerns about the privacy and security impact of rfid technology in their children's technology simply should not be used in government identification documents. if there is any use of travelers to show a passport or the approved document--a pass card. the smart card alliance, an million people were victims of identity theft. with average losses of more than $6000 dollars, total �56 legislators are starting to heed the necessity of taking action to protect the privacy, personal press release, department of state begins issuing electronic passports to the public (aug. 14, 2006), available at �33 state constitutional protections, like those in california and other states, should also be found to to worry. the aclu has also been right to worry about the use of rfid in identification read and used for improper purposes. further increase incidents of identity theft and reduce the financial security of americans. as was readers and documents before any data is exchanged, except such data as is necessary to carry out mutual authentication. mutual of californians should be protected and the rfid bill should be signed into law.152 see cal. s.b. 30, 2007 reg. sess. �1798(10)(m) (cal. 2007) ("`mutual authentication' means a process by which 75 id. cisco, philips, infineon, symbol, hid, and others. for a full list of the sponsors, see, cal. senate judiciary committee, bill �58 the identity information protection act was cutting-edge, being the first bill in the nation to in more depth. based on reasonable suspicion.69 thus, the default position is that individuals, absent reasonable the information and encoding it on another chip in a new card. http://blog.washingtonpost.com/securityfix/2005/08/leaving_las_vegas_so_long_defc.html. it has also been reported that young as five years old to carry rfid-embedded tags. on the national level, the government richard wasserstrom, privacy: some arguments and assumptions, philosophical dimensions of privacy 325-26 for more information about the history of the e-passport, see am. civil liberties union, naked data: how the u.s. ignored america, and texas instruments, inc. letter from aea to department of state and department of homeland security, re: tantamount to unreasonable stops, and enables unreasonable search. used to read the id; and (d) the information that is being collected or stored regarding the individual new e-passports, the western hemisphere travel initiative, and travel databases such as the is expected to grow even larger. according to idtechex, the global market for rfid was $1.94 provide notice, secure readers and data, and avoid secondary usages.127 jam the emerging use of rfid technology for personal tracking, metro, sept. 7, 2005, small towns to the highest levels of government, the privacy and security issues related to the use of available at http://www.dhs.gov/xinfoshare/committees/editorial_0512.shtm. liberty--rights that are further codified for americans in our founding documents and in the united �64 while the costs of unprotected rfid tags to the privacy, personal safety, and financial security identification documents and products have been shown by government offices, independent discuss the development and current status of rfid legislation that is moving though the california chips and how effective these protections actually are against privacy and security attacks.11 system instead."142 technical report. int'l civil aviation org., pki for machine readable travel documents offering icc read-only access at 15- �44 the privacy and security concerns associated with rfid technology itself are magnified by the �22 the institute of electrical and electronics engineers, a nonprofit group representing more than from the united states department of state have shown that tags envisioned to be read from a few 80 see also presbyterian church (u.s.a.) v. united states, 870 f.2d 518 (9th cir. 1989) (church suffered harm of diminished field. ieee-usa is an organizational unit of the institute of electrical and electronics engineers, inc., created in 1973 to advance issues are greatly diminished. by not transmitting the information via radio waves that can be picked was instead leaving it up to the federal government to set the technological standards to protect are embedded in retail stores or in the products being sold in those stores. when the phone reads the 3. institute of electrical and electronics engineers (ieee) resemblance to legitimate cardholders spoofing or counterfeiting pass cards to enter the united states undetected." western increased knowledge has also come increased skepticism about whether rfid technology adequately 130 cal. veh. code � 12801(b) (deering 2007). 54 press release, proposed passport card with rfid technology bad news for privacy and security, says smart card agencies have tried to distance themselves from the bad publicity that has been garnered by some cardholder's name and other data was being transmitted by the rfid tag without encryption and in be stolen from a distance.102 later, the state department finally agreed to revise its design to include victims of identity theft, at an average rate of 6383, total of $56.6 billion. have worked to pass such laws, they are still just steps. if rfid technology is deployed in mass up for spoofing and cloning, these alternative options are also more secure. optical scan cards, in � 2007, nicole a. ozer, technology and civil liberties director at the aclu of northern california. the opinions (ferdinand david schoeman, ed., cambridge univ. press 1984), cited in christopher slobogin, public privacy: camera surveillance a. tracking and profiling: concerns expressed by diverse groups rfid tags in identification documents is not being properly considered. in sutter, there was never researchers see the ease of cracking these rfid deployments as "a sign that the backers of the rfid in public. with insecure rfid in a document that you need to carry on a daily basis, it would be being stolen, the legislation seeks to put sensible locks on the rfid tags used in identification protections such as active authentication. for more information, see discussion infra part iii.b. bills and one that has been a model for the actions of many other states is the identity information more than fifty bills in twenty-seven states addressing privacy and security implications of rfid did things that would become part of the record."76 individuals might stop themselves from documents and objects.7 when an rfid reader is in the area, the chip transmits its stored on focus groups involving 40 of the respondents conducted during december 2004 and january 2005) ("the number of u.s. authentication accomplishes both of the following: (1) authorized readers, as defined in subdivision (c), can accurately assess and conservative organizations--from the aclu to the aarp to la raza to the gun owners of http://online.wsj.com/public/article/sb115938787873075826-6abupmiajvcs1i_ubvogrwp867k_20070929.html. http://www.aclunc.org/issues/technology/dont_chip_our_rights_away!.shtml (last visited dec. 5, 2007). passport or other dhs-approved document.105 starting january 2007, all air travelers between these http://www.bizjournals.com/sanjose/stories/2002/03/18/daily35.html. in 2002, the legislature voted to allocate funds for the they had the code, they used a laptop and a simple rfid device to fill up with gas for free. the work initiative card program, jan. 30, 2006, http://www.aeanet.org/governmentaffairs/aea_letter_jan_30_2006.asp. anti-theft devices.31 using a home-brewed device costing a few hundred dollars, the researchers safeguards."146 the san francisco chronicle wrote that "[the identity information protection act] developed pursuant to the western hemisphere travel initiative ("whti"), which requires that all 95 id. alliance, (oct. 19, 2006), http://www.marketwire.com/mw/release.do?id=708412. 11 see part iii for a discussion of some of the vulnerabilities of "smart" tags. 1. provisions of the legislation 04-24-06-print. approved by california voters in 1972, the privacy initiative was designed specifically to guard against technology also represents a real threat to the dignity of individuals in our society and reasonable 19 adam laurie is a computer expert and technical director of the bunker secure hosting, a kent-based computer security rfid industry group, has voiced direct concern over the technology being considered for the pass technology without the same privacy and security risks, are better options for government givens, privacy rights clearinghouse. many of the ideas and much of the information in this policy paper have been developed rfid technology in a range of government identification documents. fortunately, the work of purposes). however, in the circumstances surrounding rfid technology, law enforcement obtains access to identity information integrated contactless chip was not deemed an appropriate technology for this particular document, 151 the identity information protection act of 2005 passed the senate with a strong bipartisan vote of 30-7 and passed out of 46 the use of rfid for human identification, dhs (draft) 7, available at indoctrination into an emerging surveillance society that young minds should be learning to question �4 "passive" tags are so termed because they have no internal power source and perform no actions could accomplish the goals with fewer privacy and security risks.47 b. multiple uses, public schools, transport, public benefit not limited to organizations that advocate for civil rights, such as the aclu of northern california, and uneasiness about how one's activities might be perceived by others. "no matter how innocent district, who provided advice to the school board officials, commented to the press as a the ieee was also very concerned about information being used for secondary purposes unrelated and up and down the state, the california assembly and senate overwhelmingly passed the identity and privacy issues are addressed."33 2007, available at http://www.industryweek.com/readarticle.aspx?articleid=13371§ionid=4. something, instead of waiting until there is a privacy and security crisis. a potential illicit hacker could very easily read (again, from a distance) the unique id resolve losses, identity theft already impacts a significant segment of the american population.90 so, of more than 7000 consumers and also focus groups, "concerns over the use of rfid technology are still prevalent," particularly services, credential verification, due diligence information, uniform commercial code searches and filings, dna identification 88 id. worries about the privacy and tracking issues associated with the use of rfid in identification 60 alice lipowicz, clinton: pass card initiative needs `rigorous' review, government computer news, dec. 19, 2006, face of the passport, including its expiration date and passport number.25 future sales of the product to other schools.122 it also turned out that the attorney for the school [t]he widespread adoption of the technology can contribute to the increased occurrence of information has been read or by what reader. 5 doug farry, act now! rfid providers and users can influence public policies that impact the rfid industry, rfid journal, control around their bodies and possessions that the government cannot enter without reasonable dhs chief privacy officer on programmatic, policy, operational, administrative, and technological issues relevant to dhs that the responsible issuing state or local governmental body. (2) ensure that a reader, as defined in subdivision (p), is permitted under chips were intended to protect from unauthorized access. paget explained, "[a]s the system stands at http://www.ocregister.com/ocr/sections/news/news/article_625690.php. 97 department of homeland security, minimum standards for driver's licenses and identification cards acceptable by toll collection systems.2 but, in the past six years, rfid technology has been increasingly considered secrets known to potentially thousands of people, there would be good reason to doubt whether copyright � 2008 stanford technology law review. all rights reserved. board meetings, was (or would soon be) a lobbyist for the rfid company.123 identification documents. 136 cal. s.b. 30, 2007 reg. sess. �1798.10(7-8) (cal. 2007). nations declaration of human rights.82 �73 reliability of countermeasures: addressing the security and privacy risks associated with director of the technology liberty project at the national aclu, demonstrated at a large http://www.ncsl.org/programs/lis/privacy/stateconstpriv03.htm (last visited nov. 11, 2007). the district of columbia also 92 paul faber, rfid strategy--rfid privacy and security issues: a look at the evolving state of tag security, industry week, jan. 9, �3 rfid is a generic term for technologies that use radio waves to automatically identify people or �51 what happened in sutter is just a microcosm of what is happening on a national level. from 124 am. legislation exch. council, supra note 62, at 7. protect the privacy, personal safety, and financial security of individuals. now is the time to do particular, which the u.s. government uses successfully at the mexican border, offer unparalleled 45 department of homeland security, the use of rfid for human identity verification, report no. 2006- 61 renee boucher ferguson, senators question use of rfid in e-passports, national id cards, eweek, dec. 15, 2006, 74 id. at 774. readers can "eavesdrop" on legitimate reader-to-card communications from a distance of 30 feet. see heydt-benjamin et al., rfid 141 government accountability office, information security: radio frequency identification cloning tags all point to the fact that it is a risky technology to use in identification documents. the adopted or approved by the national institute of standards and technology, the institute of electrical and electronics engineers, light of both the facts about vulnerabilities and the widespread support from both sides of the aisle areas that rely on rfid-embedded card entry systems.22 in the shadow of workers installing the final deployed. the rfid reader phones are designed to read tags that people come into contact with that 26 annalee newitz, the rfid hacking underground, wired, may 16, 2006, company. 9 u.s. gov't accountability office, supra note 8, at 7-8. "modern threat" that was the focus of the california privacy amendment.73 overwhelmingly issued an rfid-embedded government identification document about rfid technology, the privacy 24 thomas ricker, dutch rfid e-passport cracked, us next?, engadget, feb. 3, 2006, and they would need the authentication key to authenticate the presenter of any id. with so many �66 while the aea started the 2005 legislative session standing in opposition to the bill, saying that new lego building sets."38 much more sophisticated systems that use mobile phones are now being one's intentions and actions at any given moment . . . persons would think more carefully before they �15 the truth is that there is widespread evidence and accompanying concern about the impact of 8 u.s. gov't accountability office, information security: radio frequency identification technology http://www.hidcorp.com/pdfs/hid_wp_smartcardac.pdf. automated tracking system ("ats").96 by accumulating and aggregating countless individual points more information is available at http://www.realnightmare.org. rsa who have urged that "what is needed . . . is the adoption of basic controls so no one's privacy is technology. rfid tags are comprised of tiny computer chips with antennas that can be encoded with http://www.crmbuyer.com/story/legoland-rfid-tracks-lost-kids-collects-data-37694.html; see also justin matlick, technology recorded, their habits change; they change."77 undermine critical homeland security border control programs and effectiveness."88 succinctly stated final hours of the session, eliminating the opportunity to take a proactive stance in protecting the intended for the initial chip, whether it be identifying a patient or accessing a secured location. 73 the election brochure provides insight into the legislative history of the amendment. see white v. davis, 13 cal. 3d 757, copyright � 2008 stanford technology law review. all rights reserved. devices widely deployed in automatic exxon mobil gasoline purchasing passes and in automobile protection act of 2005, including a full legislative history, see off'l. cal. leg. info., bill documents � sb 768, written to a blank tag, creating a duplicate tag. in its letter to the state department and dhs, the department of homeland security's draft regulations for real id recommended selection of a can properly safeguard personal information.156 must not be left up to the rfid industry. there need to be basic standards for rfid tags in conference (february 28, 2007), available at http://www.aclunc.org/news/press_releases/hid_threatens_patent_ lawsuit,_silences_ 2006 survey seemed aware that the use of rfid technology may give rise to legal issues such as its and companies explained that basic rfid designed for identifying pallets of goods and allowing represents a restrained, reasoned approach to regulating a technology with potential for abuse."147 private industry has given the public much reason to trust their ability to safeguard sensitive personal technology association of america (itaa)148 reaching a neutral position on the legislation.149 in 150 the identity information protection act of 2005 passed the senate with a strong bipartisan vote of 30-7 and passed out of crack the technology and gain access to identification information. where there is a strong enough completed by both government agencies and academic institutions, and the admissions by segments privacy issues in e-passports at 1 (2005), http://eprint.iacr.org/2005/095.pdf. active authentication is detailed in the icao pki duplicate card which could then be used . . . . all the potential terrorist need do is be sure privacy and security of the technology, the government is still moving forward with plans to embed intrusion into the home in order to discern--was also a search prohibited by the fourth a. mass-distributed building entry card system cracked the bad guys out, if it's easily spoofed, then what good is it?"89 many state constitutional provisions.63 the fourth amendment promises all americans a zone of homeland security, privacy office--dhs data privacy and integrity advisory committee (aug. 13, 2007), themselves in public are unconstitutional; the same is true for laws requiring identification of a alliance, a major "smart chip" industry group,51 explained that epc 2 global tags, a basic form of internet search for rfid card readers will reveal many readers priced at just a few hundred dollars that attach to your mobile http://www.technewsworld.com/story/42349.html (noting that the department of state is not calling the passports rfid- television.24 in less than two hours, the information transmitted between the chip and the reader was incentive to crack a technology, it will be cracked. as we have seen with smaller-scale rfid breaches �39 cloning and spoofing: the use of rfid technology in identification documents also presents requiring little skill to assemble, can be used to read and clone the chip.29 there are currently over deployed by the government and being marketed by the private sector. the current debate over copyright � 2008 stanford technology law review. all rights reserved. 89 michael arnone, beaming across the border, federal computer week, apr. 24, 2006, http://www.fcw.com/article94156- safeguard individuals against unreasonable incursions on their privacy due to insecure rfid in rights "chipped" away: and could only be read from a few centimeters away. it only relented when barry steinhart, the �16 tracking: the use of rfid technology in identification documents threatens to drastically accomplish either of the following: (1) establish that the data and the identification document containing the data were issued by (1986) (holding that aerial photography of chemical company's industrial complex was not a search for fourth amendment list goes on and on. now is not a good time to consider giving the government access to another rfid-embedded documents must implement the basic standards plus the following four security protections: chips. passive rfid tags are placed in keys that are authenticated by the steering column--if the 119 id. for individuals to be able to maintain control over the disclosure of their personal information, and demonstrating that they can be read at greater than sixty-nine feet.8 since these tags have no internal and financial security. expectation of privacy in his movements from one place to another"). see also dow chemical co. v. united states, 476 u.s. 227 newspapers and radio stations have reported about the privacy and security concerns of rfid, �76 given the readily available alternatives to rfid technology and the serious threat that it poses to 127 data privacy & integrity advisory comm., the use of rfid for human identity verification, report differences are important to keep in mind as the various forms of rf chip technology become pervasive in the market.") (last objects from a distance of several inches to hundreds of feet. in the past few years, as major government accountability office ("gao"), the privacy integrity committee of the department of individuals over the personal information on their identification documents. california law prohibits 16 steven boggan, cracked it!, guardian unlimited, nov. 17, 2006, the use or existence of the technology; tracking an individual's movements; profiling an individual's can be picked up by anyone with a compatible reader. if sensitive personal information, such as a distributed identification documents will create an even greater incentive to develop new ways to