Give Me Back My Sanity

Denise Richardson, author of "Give Me Back My Credit," is spreading a lot of false information about radio frequency identification.
Published: July 3, 2007

I got an e-mail the other day from a public relations person trying to promote the book Give Me Back My Credit, by Denise Richardson. The PR person sent me a link to a blog entry by Richardson entitled Will Radio-Frequency ID Technology Affect You? In All Likelihood—Yes!

I haven’t read the book, but I hope it’s not as uninformed as this blog entry. Richardson writes: “Criminals know that RFID readers that can ‘skim’ the information contained in the chip, can be easily found on the Web for less than $100.00. Once these RF reading devices are in their hands, they can steal you, your information and your privacy without your knowledge.”

Richardson supposedly backs up this scary claim by citing a news clip on her local ABC station in which a reporter puts an RFID reader in her purse, then goes around “stealing” information from her colleagues. She provides a link to the station, but I couldn’t find the video clip on the site, or even a related story. Richardson also provides a “view video” link that goes to YouTube, but again, I could not find the video she describes.

I don’t know of any portable RFID readers that sell for less than $100, but let’s get to the crux of the matter here: Richardson says the reporter successfully went around the newsroom, brushing close to co-workers and stealing their sensitive data. “Each audible beep meant she successfully hacked the unsuspecting target’s private information—information her targets believed was stowed safely away,” she writes.

Richardson never says what sensitive data was stolen. She simply insinuates that it’s sensitive information. The reader might have been reading a random serial number in the access control card used to get into the building—we don’t know.

As with many critics of RFID, they use the absence of fact to conjur up nightmare scenarios: “It’s hard to imagine just how much sensitive information can be ‘skimmed’ at airports, shopping malls, grocery stores, sporting events, universities, etc., without anyone being the wiser. And how much damage (or how many doors) will that stolen data open everyone up to?”

She’s right—it is hard to imagine, because sensitive data is rarely data stored on RFID cards in the first place. Often, in fact, reading RFID cards provides nothing more than random serial numbers. Some credit-card issuers do put credit-card numbers and expiration dates on RFID chips, but if that information is so incredibly sensitive, why is it printed on the face of the card?

In this Age of Ignorance about RFID, someone walking around with a reader going “beep” can be spun into a wild tale of identity threat and/or Big Brother watching your every move. But as consumers get more used to the technology, they realize that folks like Richardson are just scaring them to try to sell more books.