Shostack + Friends Blog Archive

 

Homeland Security Privacy Office Slams RFID

Via Kim Cameron (“Homeland Security Privacy Office Slams RFID Technology“), I read about “The Use of RFID for Human Identification.” [link to http://www.dhs.gov/interweb/assetlibrary/privacy_advcom_rpt_rfid_draft.pdf no longer works]

This is an important report. The money quote is useful because it comes out of DHS:

Against these small incremental benefits of RFID are arrayed a large number of privacy concerns. RFID deployments’ digitally communicated information is easier to collect, save, store, and process, and is, therefore, more easily converted to surveillance than other methods. The silent, unnoticeable operation of radio waves means that individuals will always have difficulty knowing when they are being identified and what information is being communicated, leaving them vulnerable to increased security risks such as skimming and eavesdropping.

Comments are due by Monday, noon Eastern. I’ll be sending a short note (draft after the break, comments welcome) discussing the fact that many documents are carried internationally, and may not be subject to any of the mitigating factors discussed.

I’ve also urged stronger conclusions, but really, this seems to me to outline risks and alternatives well. It’s what we hope our civil servants produce, and so I can’t even be snarky about the title of the office that produced it.

Dear Committee,

Thank you for the opportunity to comment on the draft report “Use Of RFID For Human Identification.”

I have a long background as professional in information security and privacy. I have no commercial interest in any of the technologies being discussed. I have been a strong and regular critic of many DHS and TSA initiatives, and expected to be highly critical of this report as well. Instead, I would like to commend you on a job well done, and urge you to follow up on many of the areas that the authors did not have time to cover, such as section IV, the laws which may limit the use of RFID, or section V.A., how well identifying people achieves the security mission.

To the particulars of the report:

The selection of RFID technology is one that has broad societal impact. Mitigations suggested, such as Notice and Securing Readers and Data may well provide some protection within the United States. However, many documents, including passports, transportation worker identification cards and I-94 forms, are carried outside the United States. The negative impact of RFID technology imposed by DHS carries through to other jurisdictions. Many countries lack basic privacy law or western conceptions of human rights. The risks and costs of these impacts on personal security and privacy are imposed apon those who have little choice in the matter. I urge you to formally treat the broad scope of identity documents in its proper global context.

I would also urge you to make positive recommendations. Section VII is currently titled “RFID Should be disfavored for human tracking.” I would urge you to make a positive recommendation, such as “2D Bar codes can effectively meet (most if not all) RFID functions for tracking people.” Similarly, in VII.A., you suggest “Choosing Whether to Use RFID to Track Individuals.” I suggest changing this to “Avoid Using RFID to Track People,” and changing VII.C. to “Mitigating the Poor Choice of RFID to Track and Identify Individuals.”

Thank you again for the opportunity to comment on the report, and I hope that you will find these suggestions useful.