The Security-Privacy Trade-Off

What the recent capture of terrorists plotting to blow up American planes departing from London means for electronic passports.
Published: August 17, 2006

A friend of mine called me yesterday after he heard the news that the British authorities had thwarted a plot to blow up 10 American airliners over the Atlantic Ocean. “This is why we need electronic passports,” he said. “The concerns about potential privacy abuses are minor compared to the need to protect the public. It’s a trade-off.”

His point is valid, and I know a lot of people share this view. But I disagree that people have to give up their privacy in exchange for security, at least when it comes to RFID transponders in passports. I understand that people have concerns that their identity or other data on their passport could be compromised if someone could remotely read the data from their e-passport without their knowledge. But the industry can solve this problem and ensure that the data on the tag could not be read when the passport is not open.

I don’t think the RFID industry should argue that people have to sacrifice some privacy for security. Vendors should focus on developing foolproof solutions that protect people’s privacy while providing greater security. It would also help to know whether RFID-enabled passports do, in fact, improve security. It would be good for vendors of RFID’s potential impact on border security. Right now, RFID is getting a lot of bad press, and no one is studying the potential to use e-passports to identify potential terrorists and thwart plots like the one in England this week.