Researching RFID’s Surveillance Potential

By Mark Roberti

Consultant Ross Stapleton-Gray has launched a project called the Sorting Door to examine how RFID will affect personal privacy.

  • TAGS

In the Harry Potter series of books, a Sorting Hat is used to divine the characteristics of students attending the Hogwarts School of Witchcraft and Wizardry and assign them to different houses within the school. Ross Stapleton-Gray, founder of Stapleton-Gray and Associates, an information technology and policy consulting firm, is launching a project to study the potential use of radio frequency identification to "sort" consumers or citizens.

The Sorting Door project aims to examine the potential for RFID’s application to surveillance, and to assess the resulting impact on privacy of such an application. The research will focus on surveillance of individuals based on RFID tags embedded in clothing they are wearing, or in devices or objects they are carrying, such as building access badges and contactless payment cards.

"The goal of the Sorting Door work is to make it readily apparent how RFID might or might not be applied to surveillance, and what impact those capabilities might have on personal privacy. We want to inform the debate already occurring on policy, regulation and industry best practices, and [to] demystify a rather mysterious new technology that has potentially serious implications for surveillance and privacy," says Stapleton-Gray.

"RFID has several key features that make it a significant leap beyond previous means of identification, such as machine-readable bar codes," he explains. "Tags can be read at a longer distance, RFID doesn't require line of sight and the technology is effectively invisible to people. These features make RFID a potential tool for surveillance."

Stapleton-Gray says the short range of passive RFID tags will constrain RFID-based surveillance to narrow portals or doorways. Doorways are logical places to want to monitor individuals. For example, a company might want to install readers at a store entrance to prevent a potential criminal from entering, or to welcome a valued customer.

If and when individuals are carrying or wearing RFID-tagged items, they’ll be visible to RFID readers, or interrogators. RFID readers, in turn, will be widely deployed for a host of applications, including antitheft monitoring in stores and libraries, facility access and supermarket checkout terminals. The Sorting Door project will try to determine how possible RFID-based surveillance may be once RFID tags become ubiquitous

"I'm expecting that research will range from the theoretical (imagine every door on a college campus instrumented; what could we say about activities on campus, and could we detect potential dangerous situations?) to the empirical (putting a reader in a public place and recording what goes by), subject to research guidelines on dealing with human subjects," Stapleton-Gray explains. "Ideally, the Sorting Door project becomes a confederation of a lot of participants, contributing data and tools, so it's possible to understand how common—or not—tags are within different populations, including both U.S. and foreign, and the project accumulates a certain collective intelligence."

Another of the project’s goals will be to examine how inferences might be made from tag data. "For example, if a reader sees the same unique ID on repeated occasions, that would allow a company or government agency to construct a John Doe dossier on an individual," he says. "The organization could then associate a individual with that dossier if, for example, the individual scanned for RFID tags also provided a credit card or driver’s license in making a purchase, or being carded when entering a bar. The next time that tag is read, one can infer that the same individual is present."

It would also be possible to read and use information about products to make additional inferences. If someone were to pass through a doorway carrying or wearing a size-four Donna Karan dress, for example, software could be set up to infer that the person was more likely to be a petite woman than a tall man.

"Some RFID proponents have been dismissive of privacy concerns, noting, for instance, that it might cost upwards of a trillion dollars for the U.S. government to pay to outfit every door in the country’s malls, bus stations, airports, commercial and government buildings and so on with RFID readers, then network them into a single surveillance grid," says Stapleton-Gray. "But just as the Internet grew from a collective interest in interconnecting private pieces of what became a global network, pure self-interest might lead to a similar 'RFID Internet.' When a great many organizations have fielded RFID readers for their own applications, networking them and aggregating data for new purposes may be quite cost-effective."

Some of the research would use volunteers. "We'll want to have some readers in public spaces, such as malls or campus libraries, and in those cases, make use of a kiosk to allow people to understand what the Door is seeing. So you could walk through the Door, and then see a report that includes information on any recognized items (e.g., 'You are carrying a Green Day CD') and any inferences attempted ('You are probably a male, age 18-27’)," Stapleton-Gray explains. "When I talked to folks from the Electronic Frontier Foundation, this was the part they found most appealing: Such a tool would allow people to 'scrub' themselves for any tags they might be carrying or wearing."

Stapleton-Gray says he is in discussions with prospective project sponsors, including government agencies concerned with security and commercial companies interested in understanding just what these technologies can and can't do. "The work done thus far has been in raising a lot of questions, and developing some answers," he explains. "For example, what limits will there be on experimenting with Doors with or without informed volunteers, and what benefits might accrue from multiple collaborating Doors? We've also given a lot of thought to what sort of data to collect, how to share it, or not, among participants, and what sorts of tools and data might be needed to make the inferences. The next phase would be to sign up some Door implementers, and begin pooling and analyzing experimental data, and see what starts percolating up."