Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

University of Washington Tracking the Edge of Privacy

Zonk posted more than 6 years ago | from the hey-there-big-brother-how-ya-doin dept.

Privacy 77

Roland Piquepaille writes "We've been told for several years that RFID tags would eventually be everywhere. This isn't the case yet, but researchers at the University of Washington would like to know if the future of social networking could be affected by these tags and check the balance between privacy and utility. They've deployed 200 antennas in one UW building and a dozen researchers are carrying RFID tags on them. According to the Seattle Times, all their moves are tracked every second in the building. Of course, it can be practical to know if a colleague is available for a cup of coffee but this kind of system (if in widespread use) has some serious implications. As the lead researcher said, 'what we want to understand is what makes it useful, what makes it threatening and how to balance the two.'"

cancel ×

77 comments

Comparison to social networking (5, Insightful)

Ethanol-fueled (1125189) | more than 6 years ago | (#22974122)

As long as carrying an RFID tag is 100% opt-in and semi-passive or active RFID tags are used so that the user could switch it off at any time if privacy is desired. This would be a good way to make RFID tracking analogous to social networking(as stated in the summary) -- that is, I can choose not to "install" the "software". If I choose to "install" the "software", then I should also be able to set it to "privacy" or "stealth" mode so that nobody could track or bother me while I'm coding.

I do support 100% RFID-style monitoring in sensitive places(such as the NSA) which are involved with national security...and AT&T dosen't count :P

Re:Comparison to social networking (4, Insightful)

geekboy642 (799087) | more than 6 years ago | (#22974288)

Oh. That's a fantastic idea. Equip every worker in a highly sensitive secure area with a device that immediately reveals who they are to anyone with $20 of equipment once they leave the secure area. Because, you know, I think it's great if some random NSA worker gets off work, wants to grab a tasty Starbucks' non-coffee beverage on the way home, and is assailed by ${RANDOM-ANTI-US-RADICAL} because she was carrying a tag that electronically identified her.

Re:Comparison to social networking (1)

The_DoubleU (603071) | more than 6 years ago | (#22974336)

Because, you know, I think it's great if some random NSA worker gets off work, wants to grab a tasty Starbucks' non-coffee beverage on the way home, and is assailed by ${RANDOM-ANTI-US-RADICAL} because she was carrying a tag that electronically identified her.
Yeah!
And if you could include some more government agencies, members of parliament, etc*. Then the US might have a future.

*I would include AT&T

You can't hide from technology. (1)

gnutoo (1154137) | more than 6 years ago | (#22974586)

This stuff is here and can not be stopped, but you can hide [slashdot.org] and this is the only way to minimize abuse. Governments and companies have a huge advantage over the rest of us in this because they own your currency, create you ID cards and supply things you will have to buy unless you are very rich. You could exterminate everyone in power today but their replacements will do the same things.

Re:Comparison to social networking (1)

icebike (68054) | more than 6 years ago | (#22975222)

Why would tagging members of Parliament affect the US's future?

Do you really think some county's Parliament some how affects the US, or are you so stupid you think the US has a Parliament?

Re:Comparison to social networking (1)

Brian Gordon (987471) | more than 6 years ago | (#22974434)

Not to mention the pressure not to deactivate it. If you have 4000 workers submitting to be tracked, why did 1 just turn theirs off before entering a secure area? Make the arrest first, ask questions later.

And what language is ${THAT}?

Re:Comparison to social networking (1)

JFitzsimmons (764599) | more than 6 years ago | (#22974484)

Shellscript.

Re:Comparison to social networking (1)

tftp (111690) | more than 6 years ago | (#22974544)

And what language is ${THAT}?

That is shell (bash). Useful if you want something like this:

foo=bar
echo "Where is the ${foo}tender?"

Re:Comparison to social networking (1)

Screaming Cactus (1230848) | more than 6 years ago | (#22983458)

It's amazing how quickly discussion topics can turn to coding.

Re:Comparison to social networking (1)

Ambiguous Puzuma (1134017) | more than 6 years ago | (#22974448)

Presumably people in highly sensitive areas already need to identify themselves anytime they enter the premises. What if, after identifying themselves, they were given badges (selected at random) with RFID chips containing random numbers, and leaving meant dropping off said badges? Without access to the database tracking which people were assigned which badges, it would be impossible to tell which number is associated with which person at any given time. So the content stored by the RFID chip would be useless (assuming that the database is properly secured), and detecting just the presence of an RFID chip wouldn't necessarily give away information about that person.

Re:Comparison to social networking (1)

unlametheweak (1102159) | more than 6 years ago | (#22974478)

The fact is, in my experience dealing with managers, politicians, and other professionals (as a truly asswipe nobody as I am), I have noticed an extreme lack of intelligence or concern with what could possibly go wrong with their rather simplistic systems, laws, beliefs, etc.

Yes, to the Manager I will always be one of those people who has a "bad" attitude because I am intelligent enough to notice the discrepancies between logic and practice. Don't get me wrong; my tact is pleasant outside of slashdot, but my logic is deviant (outside of the statistical boundaries of average). For this reason, nobody average enough to become a Manager (a person with any degree of power), will ever likely 'get it'.

Re:Comparison to social networking (1)

Sanat (702) | more than 6 years ago | (#22975610)

There is nothing wrong with being able to think four or five steps ahead of others... except that others will disagree with what you say until it begins to occur then they will "You were right"... but then the next time they will will not have learned.

I imagine that there are lots of individuals on Slashdot who can envision more steps ahead than most others in their organization and it is painful sometimes to watch occur exactly what you predicted would occur.

Software design is especially like this... A department head says they want "only this" but you see as soon as they get "this" then the next evolutionary step is that they will want "that and other" also. I usually build it into the program with switches to keep it off until they ask for it.

Don't discredit yourself because you think out of the "box" so to speak. You may be wired differently for a purpose more than you can imagine.

Re:Comparison to social networking (1)

unlametheweak (1102159) | more than 6 years ago | (#22976262)

Don't discredit yourself because you think out of the "box" so to speak.
In many respects I am not discrediting myself; I am just making an observation. As a very, very young child I was always doubting people (and myself for that matter). I think that is both a product of my genes and my somewhat unique upbringing (environment that is... where there were many, many contradictory forces at play)... I will only give a hint at them (like old-world traditional values vs. new world Western values)... that's just a very small hint of the contradictions I faced when growing up, and I think helped forge my personality. I was ALWAYS examining and questioning reality, and the way people think of things. And I was always able to anticipate the way people would react to my own behavior. Perhaps this was a defensive mechanism that started my thinking of Logic on a vary conscious level at a VERY, VERY young age. I know that I will always ask myself "what can go wrong" whenever some politician has a Utopian plan to improve society, or a Manager has some cheese-cake feel-good idea that looks good on the surface. People, and in my experience, almost ALL people will only look at the surface of their ideas and will only think of people who question them as being Cynics.

I've always thought of the concept of "thinking outside the box" as a very good and idealistic concept, but taken in reality; people who truly think-outside-the-box will ultimately be outsiders, and therefore be on the shortlist for being fired or "laid-off".

In many respects, you've (unintentionally) hit a 'nerve' with me, and so I have deleted the last few paragraphs of my reply (I felt in many ways I was starting to get too personal and less objective). I appreciate your comment very much. Thanks.

Best regards,

UTW

Re:Comparison to social networking (1)

chunk08 (1229574) | more than 6 years ago | (#22976464)

I've always thought of the concept of "thinking outside the box" as a very good and idealistic concept, but taken in reality; people who truly think-outside-the-box will ultimately be outsiders, and therefore be on the shortlist for being fired or "laid-off".
Yes, too true. I question a lot of things, and I fear I am outside the box even at /.

The government wants too much control of citizens, and unfortunately, most people have been raised to think that's their job. Good to see that someone is willing to question that.

Re:Comparison to social networking (1)

Sanat (702) | more than 6 years ago | (#22976498)

Nice Feedback

The times... they are a changin. I sense that those wired differently from the average human will find themselves sought after by many in the upcoming years. Whether it will be with guns or job offers... that I can not say.

I remember when I was in the 3rd grade (50's) and the teacher pulled down a map of Earth that showed the seven continents. I said "Looks Mrs. Beard, if you push all the continents together they fit together like a puzzle". Her retort was "Don't be ridiculous that is a stupid thing to say" and for years i thought my insights were stupid and kept them to myself.

I imagine that there are many who post here have also experienced put downs and learned just to keep quiet. Eventually though one is forced to speak out against the obvious... but i have always wondered why what i saw as obvious went un-noticed by the majority.

One of the reasons i read Slashdot is the insights posted by the posters here often are equal or exceed my own imagination. I do not get fed by any other site except this one in that manner. I believe that Slashdot is unique in that way with all of the intelligent and "wired differently" people who read and post here.

Your comments are appreciated and thanks for replying

Re:Comparison to social networking (1)

p0tat03 (985078) | more than 6 years ago | (#22974612)

Eliminating RFID tags won't solve your problem either. If an extremist wanted to assassinate/kidnap someone, they could EASILY obtain photographs of him/her and do very much the same thing. It's not as if tailing someone home is a recent invention. With sites like Facebook and MySpace it's easier than ever before. In fact, photographs/stalking is lower tech and probably much easier than carrying around an RFID tag reader and randomly scanning people hoping you find your target.

Re:Comparison to social networking (0)

Anonymous Coward | more than 6 years ago | (#22974988)

Well sure, when you look at it like that it actually doesn't seem like a bad idea.

Re:Comparison to social networking (1)

justinlee37 (993373) | more than 6 years ago | (#22975968)

Simple, leave the tag with a receptionist at the entrance to the "highly sensitive secure area," who also has a file of all the employees (with their names and photos) on her computer. Heck, if you wanted to get really fancy, you could make them enter a PIN code and scan their handprint as well in order to receive their tag from the receptionist.

You thought of a problem, but didn't consider the solution, and therefore didn't realize how simple it was.

Re:Comparison to social networking (1)

geekboy642 (799087) | more than 6 years ago | (#22976122)

Your solution is quite lacking. Here's why:

Current situation: Everybody has some kind of badge with a mag-stripe for access. These must be issued and collected when people are hired or leave the unit.

First proposal: everybody has some kind of badge with an rfid for access. These must be issued and collected when people are hired or leave the unit, as well as being sniffable by $20 of Radio Shack junk.

Your proposal: everybody has some kind of badge with a mag-stripe for access. These must be issued and collected when people are hired or leave the unit. Once the employee arrives in the building, he/she must sign out some kind of tracking badge from a receptionist. These must also be issued and collected when people are hired or leave the unit, but they're maintained in a central location (theoretically). You have to pay the salary for somewhere around 6-8 receptionists, to ensure there's always somebody there to pass out and take in badges. (Remember, these people work every hour of every day, holidays included. Did you know that? Of course you did.) These receptionists have to be cleared to access the same quality of information and equipment as everybody else who works there. Oh, and they will also need a database architect, IT support, and the purchase of minimum two computers plus specialized hardware to manage the tracking badges. Your receptionists will also need to be trained to do the job. Some of these infrastructure costs can be absorbed...but it's still an increase in costs.

Your solution, assuming a standard $75k minimum compensation for a government employee, adds roughly half a million dollars yearly in tax-payer waste PER office, PER site. Do you know how many government offices there are? I don't, but I do know there are a LOT.

Re:Comparison to social networking (1)

justinlee37 (993373) | more than 6 years ago | (#22982900)

First off, receptionists don't get paid $75,000/year. Most police officers don't even get paid that much.

Second, this is obviously not a system worth implementing unless there are serious security concerns -- it might make sense to install a system like this in a nuclear missile silo, but it wouldn't make sense at the courthouse. To imply that such a system is unreasonable because it would cost too much to install at every government facility in existence is just fishing for a problem that isn't there -- only an idiot would do that.

Third, a receptionist is the only reliable facial-recognition system on the market today. If secure areas like nuclear missile silos don't already have a receptionist who inspects everyone entering the area, then bypassing the area's security is as simple as stealing someone's mag-stripe badge. If you really think that single-factor authentication is secure, you need to wake up. We need double-factor, and when we're talking about things as dangerous as nuclear missiles, quadruple-factor authentication is not unreasonable.

Fourth, the receptionists do not have to be cleared to access the same quality of information as everyone else. The receptionists don't even have to know what is beyond the door that they protect.

Finally, the facility should already have IT support. Additionally, two computers is not a huge expense, and a software architect should be a one-time expense (assuming he does his job correctly).

Re:Comparison to social networking (1)

geekboy642 (799087) | more than 6 years ago | (#22983124)

First off, receptionists don't get paid $75,000/year.

Did you read what I wrote? Or are you being deliberately obtuse? I specifically and intentionally wrote "compensation". In a government job, the total compensation for an entry-level receptionist will cost roughly $75k yearly. My source [govexec.com] claims $106k total yearly compensation for the average government employee.

Third, a receptionist is the only reliable facial-recognition system on the market today.

Not true. A person is the most reliable facial-recognition system. However that person has to already know whoever it is gaining entry to the facility. The facilities that I am most concerned with protecting are places like the NSA, where you might have more than two thousand employees in a single building. It is manifestly impossible for a secretary to have every person's face committed to memory. As for a missile silo? By all means. Have the 12 soldiers that guard that location tracked. I'm sure you'll find that they play a lot of cards and smoke a lot of cigarettes.
I never said a word about single-factor or two-factor or infinity-factor authentication. My entire post was specifically and only directed at the insane demand to have minute-by-minute rfid tracking of every government employee.

Fourth, the receptionists do not have to be cleared to access the same quality of information as everyone else.

Bullshit, bullshit, BULLSHIT. If you are controlling access to a facility containing sensitive information or equipment, you must be cleared to a level that can access that information. Why? Because the clearance is an assurance for the government that you will not intentionally release that information to a foe. If you don't clear your secretaries, and they control access to the information, what's to prevent Mr.Spy from being hired as a secretary and then letting his friend into the building?

Finally, the facility should already have IT support. Additionally, two computers is not a huge expense, and a software architect should be a one-time expense (assuming he does his job correctly).

I mentioned something about "Some of these infrastructure costs can be absorbed". That obviously implies that the infrastructure costs are not a huge expense, merely an additional expense that must be dealt with.

You're really grasping for straws to support this somewhat maniacal demand to have minute-by-minute tracking of when government employees go to the bathroom. Why?

You could have worded that differently (0)

Anonymous Coward | more than 6 years ago | (#22976118)

Your attitude is repulsive, and your annoying geek sarcasm has probably closed a lot of doors for you IRL. The GP didn't say anything to deserve such a nasty response. The internet is worse off for you being on it. Sorry :\

Re:You could have worded that differently (1)

geekboy642 (799087) | more than 6 years ago | (#22977746)

"annoying geek sarcasm"?

I'm sorry, am I no longer on SLASHDOT, the BASTION of GEEKS? What you mean as an insult, you anonymous sniveling worm, I proudly wear as a BADGE OF HONOR!

Re:Comparison to social networking (1)

itlurksbeneath (952654) | more than 6 years ago | (#22979716)

I don't think you understood GP at all. In his example, NSA worker would have their tag on during the day while at work and once they left work they could CHOOSE to turn their tag off for privacy (no need for the boss to know you were stopping by the nudie bar on the way home).

Re:Comparison to social networking (1)

unlametheweak (1102159) | more than 6 years ago | (#22974374)

As long as carrying an RFID tag is 100% opt-in and semi-passive
Don't count on it. In places like the US, they are sometimes mandatory, assuming that having a certain job is not "100% opt-in". But really, it all depends on how prevalent they become. I can imagine that they will eventually become prevalent in places like the US based on their previous history on privacy matters; I'm thinking of the seemingly arbitrary and ubiquitous use of drug testing in the US, among other issues. Companies that you would expect to have no interest or relevance in drug testing (like Best Buy) make it a common practice. This seems to be taken for granted (from the perspective of a more privacy conscious country like Canada).

If you have nothing to hide or be afraid of, so the argument goes, I suppose you shouldn't oppose such measures. With me at least, it is the potential that is the concern. If it can be abused, then (eventually) it will be. Get a country like the US or Britain (the British are one of the most spied-upon people in the 'free' world) accustomed to the fact that spying on themselves is for their own good, and you will have a true modern democracy: subservient and very culturally and politically monotheistic except in the most shallowest of interpretations.

Re:Comparison to social networking (1)

Screaming Cactus (1230848) | more than 6 years ago | (#22983608)

Agreed. Just because someone feels that having to pass a drug test for employement is a violation of their privacy doesn't automatically make them guilty. I imagine most of the people who feel that way have never had to stand in a bathroom with the door open, pissing in a cup, just to watch it get bottled up and sent off to a lab somewhere to be analyzed. It's actually kinda creepy. And it's all part of this trust-no-one, cover-your-ass, follow-the-dollar-signs mentality that the whole country, especially coporations and the government, are guilty of. Because of this, individuals will continue to be treated more and more like criminals until they can prove they aren't, which in turn will become harder and hard to do. And this whole business of being able to prove your identity is getting ridiculously out of control. If you've heard of TWIC [wikipedia.org] then you know what I'm talking about. I already carry 5 forms of picture ID, and now they want me to get another one with all of my fingerprints?

Privacy must be active. (1)

gnutoo (1154137) | more than 6 years ago | (#22974462)

The people behind The RFID Privacy Guard [rfidguardian.org] saw all of this coming a long way off. When it comes to RFIDs you can't trust other people to do what they should. Even if reasonable laws [theregister.co.uk] are passed over violent industry opposition [slashdot.org] , any store clerk can make a mistake. Recent ISP behavior, the choice point scandal and the still active TIA program all show that government and big dumb companies are able and willing to break the law. Anyone who wants to guard their privacy will be forced to monitor themselves.

The obvious things to block are drivers licenses, credit cards and other identifiers. Less obvious things are inventory tags for clothes and gadgets. Even if RFID tags are made less than unique, more like ordinary barcodes, the combination of things you carry will be unique.

Laws should be passed to eliminate things like ChoicePoint and greatly reduce ISP snooping and point of sale records. Even if you have nothing to hide you will suffer when those who would stand up for your rights are identified and neutralized.

Re:Comparison to social networking (1)

CrimsonAvenger (580665) | more than 6 years ago | (#22974762)

As long as carrying an RFID tag is 100% opt-in and semi-passive or active RFID tags are used so that the user could switch it off at any time if privacy is desired. This would be a good way to make RFID tracking analogous to social networking(as stated in the summary) -- that is, I can choose not to "install" the "software". If I choose to "install" the "software", then I should also be able to set it to "privacy" or "stealth" mode so that nobody could track or bother me while I'm coding.

A corollary of this should be that you cannot track other people unless your own tracking tag is enabled. Being able to spy on others (even with their tacit consent) should be forbidden if you, yourself, are refusing to allow others to monitor you.

Re:Comparison to social networking (1)

spearway (169040) | more than 6 years ago | (#22976698)

You are making several very large assumption there.

First one is why does a democracy need secrecy? Anything that is paid by the public (i.e. you and me) we should have access right? We paid for it. How do you justify public secret? Even the efficiency argument is bogus how did our secret service not know what Saddam Hussein was doing?

Second you are assuming that some agency will be able to behave itself with the worker mostly private data. This is also an incredibly big assumption. Data is very hard to destroy (ask anyone convicted on email evidence, Bill Gates for example) which mean that we will have to protect any collected data for a very long time to insure its privacy.

Re:Comparison to social networking (1)

geekboy642 (799087) | more than 6 years ago | (#22983180)

First one is why does a democracy need secrecy?

This is a straw-man argument, but I'll respond anyways.
From time to time, the US has fought wars, some of them good, some of them bad. In all cases, we kept secrets about the wars. Would you prefer the North Koreans to know every weakness of our missile defense? Would you prefer that the U.S.S.R. had known exactly what our defensive arsenal was during the Cuban nuclear crisis? Would you prefer that Muslim extremists know our exact travel routes and troop densities in Iraq?

If your answer to any of those questions is "yes", you are directly stating your wish for American citizens to die.

Re:Comparison to social networking (1)

supersat (639745) | more than 6 years ago | (#22978186)

Carrying a tag is 100% opt-in. Only the researchers are carrying the tags right now, but once other people are recruited to do so, participants will be given a very clear informed consent form to sign stating all of the potential privacy issues. The projects has been heavily scrutinized by the UW Human Subjects Institutional Review Board. The tags are completely passive, but you can easily take them off, cover them in foil, or physically destroy them.

Even if they did have an on/off switch, I suspect most people would forget to turn it off. I know that the researchers (including myself) sometimes forget we're carrying around tags. That's one of the reasons why people can go in and delete tag read events after the fact, and events generated by those tag reads will be deleted as well.

Re:Comparison to social networking (1)

Ben Hutchings (4651) | more than 6 years ago | (#22988682)

Speaking of AT&T, AT&T Research Lab in Cambridge was doing something very similar to this 10 years ago. The system was called Active Badge.

Double Edged Sword (4, Interesting)

eldavojohn (898314) | more than 6 years ago | (#22974134)

Of course, it can be practical to know if a colleague is available for a cup of coffee but this kind of system (if in widespread use) has some serious implications. As the lead researcher said, 'what we want to understand is what makes it useful, what makes it threatening and how to balance the two.
Um, I kind of view this technology as being inherently double edged. You give someone the power to find you at any time. This can be used for convenience often. This can be used for your boss to track you down on Saturday. This can be used to set you up or murder you. There's a whole rainbow of possibilities, the latter listed are probably less probable but quite scary.

Me, I hate it when people call me on my cell phone. Oftentimes I don't answer, my phone has never been off vibrate. I wouldn't opt for this technology at any point in my life for any reason. Other people may feel differently and more power to them. I don't understand why research is needed to see that, perhaps there are more caveats I don't see. But if you're thinking about making this mandatory under the guise of security or comfort, you're going to be tracking my RFID tag in a garbage can.

Re:Double Edged Sword (4, Funny)

CowboyNealOption (1262194) | more than 6 years ago | (#22974238)

As a network administrator, I think having users come find me in the bathroom when their email isn't working would be just dandy. Though I have to admit removing my rfid tag out and gluing it to a cockroach and letting it go in the ceiling could be amusing.

Re:Double Edged Sword (5, Funny)

eldavojohn (898314) | more than 6 years ago | (#22974272)

Though I have to admit removing my rfid tag out and gluing it to a cockroach and letting it go in the ceiling could be amusing.
User A: "Goddamnit, he's in the vents again!"
User B: "But the system just showed the system administrator crawling in between the rafters!"
User A: "I know, but maybe if we left some Jack Daniels in a dish, he would smell it and come out?"
User B: "Ok, we better hurry though, my own personal internets keep getting slower and the Vista is asking me if I should accept or deny some application named MSBlastWorm32.exe that hasn't signed the proper forms yet ... what do I do?"

You want people to come into the can and strike up a conversation with you about an inane obvious problem? Either you're joking or you're a masochist ...

Re:Double Edged Sword (1)

DudeTheMath (522264) | more than 6 years ago | (#22974522)

What about employers measuring time spent in the bathroom and bringing that up on a performance review? Some of us have more, ah, contemplative digestive tracts, and, well, sometimes ya gotta go at work.

Of course, if you post Google's "Testing on the Toilet" blogs in the stalls, you could say you were still working.

Re:Double Edged Sword (1)

b4upoo (166390) | more than 6 years ago | (#22974402)

Right now there are so many false accusations abounding in society that having proof of exactly where one was and when could be a real lifesaver. Male teachers are becoming extinct in the lower school grades due to fears of being falsely accused. Having these tags on both students and teachers sounds like a good idea to me.

Re:Double Edged Sword (1)

LingNoi (1066278) | more than 6 years ago | (#22974438)

Except it would just lead to more false prosecutions, "The ID tags were in the same room at the time of the incident, THE SYSTEM NEVER LIES! Guilty!"

Re:Double Edged Sword (1)

mfnickster (182520) | more than 6 years ago | (#22974502)

It all depends on who you trust to keep the information.

Even though you don't usually answer your cell phone, the service provider can tell where you are pretty much any time they want. Possibly even when your phone is turned 'off.'

Do you trust your mobile company not to help track you down on a Saturday, or not to set you up and murder you?

Re:Double Edged Sword (1)

WaltBusterkeys (1156557) | more than 6 years ago | (#22974666)

Keeping the information is the hardest part. If U-Was keeps the info then it has every incentive in the world to protect the privacy of its employees: Angry employees make bad employees and tend to leave their jobs. But, if an identity data broker [reputation...erblog.com] keeps the information then they have every incentive to sell the data to the highest bidder, AND they are nothing but a giant target for dedicated identity thieves.

To address your other point, most (if not all) cell phones are truly "off" when they are off -- the cell company knows the last place where you connected to the network, but if you turn the phone off then you aren't tracked. The easy way to verify this is to put any SIM-based phone near your car radio and drive around a little bit. Every time you leave a cell tower's range you'll hear a burst of interference as the phone communicates with the new tower. If you turn the phone off, no bursts of interference.

Re:Double Edged Sword (1)

Skavookie (3659) | more than 6 years ago | (#22979824)

I know (using this sort of test) that my cell (a really old Samsung SGH-R225M) is never really "off." This is slightly off topic (sorry) but not entirely. Does anyone know of a database of cell models that do/don't do this? It might be interesting to compile such a database.

Re:Double Edged Sword (1)

Original Replica (908688) | more than 6 years ago | (#22974550)

this technology as being inherently double edged.

Of course it is, but these academics will go ahead and develope this tech and then be all suprised five to ten years down the road when Real ID cards with complete live tracking become a required "National Security" measure. I'm far less concerned with the idea of some random psycho using this to track me as I am with the government and other dataminers (marketing, transit, credit agencies, insurance) tracking me. "if you're thinking about making this mandatory under the guise of security or comfort, you're going to be tracking my RFID tag in a garbage can." Unfortunately when this tech becomes about "National Security" you won't have much choice, unless you are prepared to be denied access to most public buildings and transit for failure to carry proper ID. Or possibly you'll just get arrested. [papersplease.org] All that's really required is that a failure to produce a RealID RFID response becomes reasonable suspicion. [findlaw.com]

Re:Double Edged Sword (0)

Anonymous Coward | more than 6 years ago | (#22975116)

Did you know that your cell phone's position is tracked to within about 30 metres?

In the UK, police requests for the location of a particular phone are now so common that one UK phone company has an intranet site that resolves a phone number into that phone's location, almost instantly. If the phone has been switched off, historical data is also available. I don't know how far back it goes. It surprised me to find this out, because such a system could only be implemented if the GSM network was calculating the position of each phone every minute or so, then reporting this information to a central database, as a matter of routine. I knew it would be tracking phones to the nearest cell, but it turned out to give a far higher resolution than that. And almost everyone in the company has access to this system; it's a useful way to find other employees, as well as anyone else in the country who has a cell phone.

I guess RFID tracking would give a finer grain on the same data. But whether it would be much different, I don't know. I don't think most people understand how technology can be used to spy on them. I've heard people worrying that their (passive, receive only) satellite navigation gear is tracking them, simply because it knows where they are! It had never occurred to them that their mobile phone had already been reporting their position for years.

Re:Double Edged Sword (1)

Screaming Cactus (1230848) | more than 6 years ago | (#22983768)

Cell phone tracking is unreliable; the system uses triangulation by measuring the signal strength of the phone to various towers. Since there are plenty of things to interfere with those signals, it can only be effective to that kind of accuracy in highly redundant areas (ie, downtown) and even then, the position is still unreliable. I know that the American systems keep information regarding the last HLR your phone was registered with, but I'm surprised to hear that they keep signal data for all the towers. I wonder if that's how the Boost Mobile system works (which I can't understand why ANYBODY would want that anyway).

See also: The Bat Ultrasonic Location System (3, Informative)

26199 (577806) | more than 6 years ago | (#22974136)

This sounds not entirely unlike the bat [cam.ac.uk] system worked on in Cambridge, UK.

IIRC one very simple approach to privacy was to notify people when someone checked on their position, and who it was.

Re:See also: The Bat Ultrasonic Location System (0)

Anonymous Coward | more than 6 years ago | (#22974214)

Agreed, but add to that the privacy features we already have with instant messaging. With various statuses (e.g. invisible, available...) and allowed/denied lists people could control their own privacy.

Re:See also: The Bat Ultrasonic Location System (0)

Anonymous Coward | more than 6 years ago | (#22974246)

Well, scratch that school off my fall list!

Re:See also: The Bat Ultrasonic Location System (1)

Ambush Commander (871525) | more than 6 years ago | (#22975654)

IIRC one very simple approach to privacy was to notify people when someone checked on their position, and who it was.

From my understanding of RFID, this is not technically feasible...


Re:See also: The Bat Ultrasonic Location System (1)

26199 (577806) | more than 6 years ago | (#22978512)

It wouldn't be via the RFID tags. But the RFID tags can't do the position check on other tags, either, so there has to be some separate UI for that. And it could notify...

Re:See also: The Bat Ultrasonic Location System (1)

Skavookie (3659) | more than 6 years ago | (#22979850)

And you trust that system?

Re:See also: The Bat Ultrasonic Location System (1)

datatrash (522537) | more than 6 years ago | (#22983876)

Interesting. The UW RFID project reminded me of Steve Mann's [wearcam.org] work with cameras, particularly his concept of sousveillance. I think there is a quite a bit of good use to be had with RFID tags, especially for a plastic tag you could put on luggage, or other shipping issues. I'm glad they conducted this study, there is some scholarship on what the effect of privacy might be in a "web of things" but scientific-ish research is always nice to pull out to bolster your argument when these issues are being legislated on.

When anonymity is outlawed..... (1)

himurabattousai (985656) | more than 6 years ago | (#22974200)

only outlaws will have anonymity? (worst case scenario, I know, but one that far too many people are in favor of).

Tinfoil hat time... (4, Interesting)

$RANDOMLUSER (804576) | more than 6 years ago | (#22974206)

There's an interesting 2-page ad for the U.S. Air Force running in magazines this month - page 1 is a picture of a crowd, mother carrying a baby, etc., caption reads "How do you fight an enemy who hides among the innocent?". Turn the page, there's a picture of a Predator [wikipedia.org] UAV flying over a city, caption reads: "Never let them out of your sight".

I'll leave you to decide who "them" is.

tinfoil wallet. (1)

Mactrope (1256892) | more than 6 years ago | (#22974546)

Tinfoil wallets make sense if you have a device to check like the RFID Privacy Guard that's been talked about here so often.

As for the "how to catch a thief" problem, you would hope the answer would be police work and a trial, but the grim reality is that all too often the answer it to throw a missile at the suspect in a crowd. Shamefully, some people think this kind of terrorism is a fine substitute for justice [haaretz.com] . Observation is only the first part of this kind of crime.

StephenGillie (3, Interesting)

StephenGillie (1268134) | more than 6 years ago | (#22974242)

The University of Washington (UW) has other plans involving RFID. Currently, UW sells bus passes to students; these are represented by a sticker that is applied to a student's "Husky Card". The Husky Card is a magnetic swipe card that controls building access and also provides dining card functionality to students. The plan is to replace the current Husky Cards with an RFID-implanted one. This would allow the cards to integrate into the local Seattle Metro and Community Transit bus services' ORCA system, which uses an RFID system to track fares and passes. A little-mentioned affect on privacy is how RFID antennas could easily be placed around campus and around Seattle, tracking students as they go about their lives.

Re:StephenGillie (1)

despeaux (1254096) | more than 6 years ago | (#22974298)

How is that a "little-mentioned affect"? (effect, btw)

That's ALL that's mentioned.

Re:StephenGillie (1)

b4upoo (166390) | more than 6 years ago | (#22974436)

I can see it giving way too much power to the parents of older students. For example if you see that girl you won be going back to college this year. Then simply charting the girlÅ tracks along side your sons tracks would let you know in a hurry. The catch is that this might be applied to a 23 year old student as easily as to a 13 year old.
        Yet even though I can see potential for abuse we can also simply believe in always letting the truth being seen by all people, all the time.

Re:StephenGillie (1)

Thomasje (709120) | more than 6 years ago | (#22974560)

A little-mentioned affect on privacy is how RFID antennas could easily be placed around campus and around Seattle, tracking students as they go about their lives.
That effect is painfully easy to prevent: just wrap the card in tinfoil (not just useful for making hats (TM)) and only take it out when you actually use it. Want to ride the bus anonymously? Pay cash.


N.B. The EZ-Pass system we use here in the Northeast, which uses RFID chips to identify cars for toll collection purposes, actually explains how to disable the tag by storing it in a conducting plastic bag, which they provide.

Re:StephenGillie (4, Funny)

badboy_tw2002 (524611) | more than 6 years ago | (#22974850)

" A little-mentioned affect on privacy is how RFID antennas could easily be placed around campus and around Seattle, tracking students as they go about their lives."

Yes, it certainly would be easy, wouldn't it! All one would have to do is get some budgeting approved for a few thousand antennas, then ensure that you have the proper paperwork to install the antennas on private/public property. Next lets make sure we can run power to these suckers (they need some juice to go full time), and of course we'll need to either get them running on a cell network or else run some cable to get back the data. Finally, I'll need some easy simple software to combine all the data streams I'm getting, cross-reference them against the student database, and then plot everyone's movements out on my giant command and control station. Yes, yes, ALL too easy! I've got you now Johnny Q. Student! You're going to ... the Library! Ah-ha! Now I can...uh...know where you are!

Re:StephenGillie (0)

Anonymous Coward | more than 6 years ago | (#22974876)

there is a group of mostly cs grad students who are actively looking at the orca card. http://soctech.cs.washington.edu/wiki/ORCA/ORCA [washington.edu]

ORCA cards and Enhanced Drivers Licenses (1)

supersat (639745) | more than 6 years ago | (#22978108)

Tracking students by placing antennas everywhere isn't that feasible. The ORCA cards use the ISO 14443 standard (they're Mifare DESFire cards), so their read range maxes out at about 10 cm.

The more problematic parts of the system include the fact that your last 10 rides per transit agency (there are 7 in ORCA) are stored on the card, and a database of your bus rides will exist. That database is subject to records retention laws, and the media (under certain conditions) and law enforcement can request the data using Washington's public records law. Finally, as it stands now, the institution selling you the discounted passes will be able to access this database as well, although we're hoping that there will be some policies developed to limit access.

A more practical way to track people with a large deployment of RFID antennas is to use the new Washington Enhanced Drivers License. Washington was content on using a barcode as a way for customs to index into the EDL database, but DHS insisted on implanting long-rage, EPC Gen2 tags into these cards. This is exactly the same technology used in the RFID Ecosystem.

Re:ORCA cards and Enhanced Drivers Licenses (1)

Skavookie (3659) | more than 6 years ago | (#22979940)

Just to point out that you don't have to install antennas all over the place, just at choke points (doors, etc).

Balance? (0)

Anonymous Coward | more than 6 years ago | (#22974282)

Here's a good balance: Stop doing it; even under the guise of "Research".

Just doing this as "Research" has already set up the Slippery Slope to doing it by weight of law.

N.B. I believe the Slippery Slope is, existentially, a total fallacy. However in the day-to-day world it looks like an immutable law because politicians are avaricious and weak, and the general public is quick on their heels. The world's obsession with wealth and object-based prosperity is grinding humans to a nub; by their own choosing. (Yes, I'm a cynic. But a hopeful one).

Zonk 3 Roland (1)

lennyhell (869433) | more than 6 years ago | (#22974290)

Can you guys please get out of my internets?

long ago at the media lab (2, Interesting)

bobkoure (701950) | more than 6 years ago | (#22974420)

The MIT Media Lab had a tracking system in the '80s (and may or may not still have it).
It was used mostly for telephone routing - if you were in a room and the phone rang, it was for you.

Re:long ago at the media lab (1)

icebike (68054) | more than 6 years ago | (#22975380)

What if it was for her?

Just on the chance, neither of us answered.

Re:long ago at the media lab (1)

museumpeace (735109) | more than 6 years ago | (#22975818)

MIT also had a system to track people in AI/comp sci buildings and it was hated or at least hacked. Sussman's ID was duplicated and everyone used the copies...it began to look like there was only one person and he was simultaneously everywhere [that hack had the desired effect and the system promptly went out of use.]

Re:long ago at the media lab (1)

Froggie (1154) | more than 6 years ago | (#22991174)

Cambridge Uni, 90s, same principle. Desktop sessions would follow you around using VNC...

Use very sparingly (1)

JamesRose (1062530) | more than 6 years ago | (#22974492)

Honestly, we all know it, the truth hurts- its just not helpful, when you're trying to avoid that person who really bugs you by constantly asking useless questions, or you're on your lunchbreak and you want to just quietly sit round the office, you really dont want people knowing where you are most of the time. It just isnt necessary, it breeds an air of distrust and interfere's more than anything.
Having said that, having the office first aider on an RFID tag, or maybe even insisting on RFID tags in desgnated high security areas, definitely makes alot of sense. Again though all this technology really does seem to be struggling to find a problem.

Re:Use very sparingly (0)

Anonymous Coward | more than 6 years ago | (#22975006)

when you're trying to avoid that person who really bugs you by constantly asking useless questions, or you're on your lunchbreak and you want to just quietly sit round the office

Personally, I just tell them to fuck off.
It works for me.

UW-MS collaboration? (1)

zen-theorist (930637) | more than 6 years ago | (#22974514)

At some level, this certainly is one given their close ties [washington.edu] and MS's (dis?)interest in individual privacy.

Opt-in, and friends network (1)

Midnight Thunder (17205) | more than 6 years ago | (#22974828)

I think that while this type of people tracking has its uses, the biggest concern is that of personal privacy. For me these things should work like buddy lists, where you decide who can discover your location (not some third-party) and you decide whether you use this. You could also make it so that when someone asks where you are, the device notifies you and you press a button to accept discovery. You wouldn't even need to worry about being tracked, since you could make it that the RFID is not transmitted until you press the button, so until then the device is in receive only mode, listening for broadcasts.

That explains it (1)

93 Escort Wagon (326346) | more than 6 years ago | (#22975048)

I was wondering why Professor Boriello was so chummy the last couple times I ran into him, patting me on the back and such.

Guess the staff participants don't necessarily know they're part of the project...

I hate technology (1)

sijucm (688348) | more than 6 years ago | (#22975120)

I love my privacy.

Let's face the facts... (1)

Jane Q. Public (1010737) | more than 6 years ago | (#22977224)

The utility of RFID to consumers or end-users is minimal. The vast majority of the utility is to marketers, advertisers, and possibly employers. On the other hand, the intrusion, and risk of privacy invasion and loss of freedom is overwhelmingly on the side of the consumer or end-user.

To the private citizen, 90% or more of the possible uses of RFID would be VERY BAD things if implemented. Others would gain by their loss.

I wish I could impress this concept on more people.

RFID IS everywhere... (1)

TheGreatOrangePeel (618581) | more than 6 years ago | (#22980046)

...or at least it is in Chicago. The majority of people here have what are called the "Chicago Card" which are RFID badges to get on the public transportation system. What's more, I've 3 just to get into work. One for the "L", one for lobby security and one for floor security. Heck, these days, my mom even carries one to get into the kitchen where she works. She calls it her magic name badge. I'm not even started on the credit cards that have them.
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...