It seems that legislators in the Texas house have taken time from their busy tax-raising schedule to send HB2893 out of committee.

What is HB2983? First, iIt requires the insurance companies to report all automobile insurance policy purchases, renewals, and cancellations to the state.

Sec. 601.502.  REPORTING REQUIREMENTS. (a) The motor vehicle liability insurance compliance program shall require that, on or after the effective date of this subchapter, when an insurance company authorized to write motor vehicle liability insurance in this state or its designated agent issues or renews a motor vehicle liability insurance policy that provides the minimum coverages required by this chapter to a person who is required to maintain insurance under this chapter and who is the holder of a Texas driver’s license or a Texas commercial driver’s license, or terminates or cancels such a policy, the insurance company or its designated agent shall furnish to the department or administering entity the following information:
          (1)  the insurance policy number;
          (2)  the effective date of the policy;
          (3)  the make, model, license plate number, and vehicle identification number of each vehicle covered by the policy; and
          (4)  any other information reasonably required by the department.
     (b)  The required information relating to an insurance policy that is issued or renewed shall be provided to the department or administering entity not later than the third business day after the date of issuance or renewal.
     (c)  The required information relating to an insurance policy that is terminated or canceled shall be provided to the department before the effective date of the termination or cancellation.

But once the state has its grubby paws on the data, they plan to do far more with it than just check vehicles at registration renewal.  The bill would also add RFID tags to inspection stickers, such that these tags could be read by existing toll-tag readers as well as any other readers that our “friends” in Austin decide to set up.

Sec. 601.507.  SPECIAL INSPECTION CERTIFICATES. (a) Commencing not later than January 1, 2006, the department shall issue or contract for the issuance of special inspection certificates to be affixed to motor vehicles that are inspected and found to be in proper and safe condition under Chapter 548.
     (b)  An inspection certificate under this section must contain a tamper-resistant transponder, and at a minimum, be capable of storing:
          (1)  the transponder’s unique identification number; and
          (2)  the make, model, and vehicle identification number of the vehicle to which the certificate is affixed.
     (c)  In addition, the transponder must be compatible with:
          (1)  the automated vehicle registration and certificate of title system established by the Texas Department of Transportation; and
          (2)  interoperability standards established by the Texas Department of Transportation and other entities for use of the system of toll roads and toll facilities in this state.

By the way, the next section of the bill establishes that if a vehicle is spotted via tag reader that doesn’t have current insurance, the system automatically mails a $250 ticket to the registered owner of the vehicle.

Here’s the full text (PDF) for those who may be interested.

The bill calls for “tamper-resistant” transponders.  Would it be tampering to hit it with an EM pulse?  After all, you didn’t actually touch the device.  Of course, the downside is that a strong EM pulse is difficult to generate and would also fry your car’s electronics.

Maybe a clear metal-film layer applied over the glass instead?

It looks like RFID tags may make it onto store shelves sooner than we had been led to believe.  The industry had been trying to say that this could be as much as ten years away and that their current efforts were geared towards case and palette tracking.  However, Wal-Mart is already running a trial with HP printers in the Dallas area.  Additionally, a major national clothing retailer appears ready to bring this out as early as next year on all of their retail clothing items.

As I’ve mentioned before, I have serious privacy concerns about the use of RFID tags on individual items that we purchase.  If it’s just on the packaging, and we throw away the packaging, that would probably be OK (which is what Wal-Mart claims is the case with the HP printers; Hmm…  I still have my packaging from the last HP printer I bought, just in case I need to send it back, although I bought it at Fry’s).  It’s when the RFID tag is embedded in the item and can’t be removed that things get nasty.

The problem with RFID tags is that they don’t just identify what something is (i.e. a particular brand/size of a known brand item), they also give a unique identifier for that instance of the object (a serial number).  If you can read the tag to get the serial number and cross-reference that with sales data you can tell a lot about a person. 

The RFID industry is desperate to debunk these “concerns” as not realistic or to reassure us that any purchase databases will be protected.  Let’s examine the potential problems.

Privacy activists worry that consumers could leave stores broadcasting all kinds of information about their belongings. They fear that, with the right tools, anyone—including thieves—could detect what’s in your purse or pockets. Another concern is that people’s things would leave an electronic trail of their whereabouts and shopping habits for law enforcement officials, investigators, lawyers or marketers to collect.

RFID defenders say such concerns are overblown—a common theme at this conference. One argument is that the only information companies are interested in storing on RFID tags are serial numbers, which are meaningless without access to the database where all the information about the item lives. Only the privileged eyes of certain employees would have access to that database, executives say. Another argument is that RFID tags only submit signals only when prompted by a reader within close range, generally a few feet at most.

Concerning this database of serial numbers, I simply don’t trust these companies to run such a thing without the potential for privacy leaks.  Further, even if they do manage to put in place a decent and effective privacy policy today, there’s nothing to stop them from changing the terms later on, after they’ve amassed a tremendous database (“I am altering the terms of our deal.  Pray I do not alter them further.”).  If you think I’m paranoid, you may want to revisit the original debates on the establishment of Social Security Numbers.  People who were concerned about this were given assurances that the SSN would never be used for any purpose other than providing Social Security.  Heck, it’s even in the law that the SSN is not to be used for identification purposes.  That really did a lot of good, didn’t it?

As noted above, the RFID industry claims that these tags can only be read from a few feet away.  Even that’s not sufficient if you can get people to pass through some kind of chokepoint where they pass a few feet from a reader.  Ever notice those vertical “dividers” placed between doors in most retail stores these days?  Those are magnetic readers for current loss-prevention systems.  That kind of chokepoint could be readily adapted for RFID purposes. 

But even given that these devices are limited to short ranges today, how can we definitely say that there will never be technology capable of activating and reading the tag at greater ranges?  I wouldn’t take that bet.  I wonder if the original inventors of the CRT ever thought about van Eck Phreaking?

So, to sum it up, I don’t trust the companies to guard my privacy in the future with regard to the serial numbers of products I’ve purchased, and I don’t trust that technology won’t be found that allows reading the tags at longer ranges.  However, there is a simple solution to my concerns.  Simply kill the tags at the time of purchase. 

Of course, the RFID industry is quick to resist this solution.  They give a variety of reasons, but my suspicion is that they ultimately do want to be able to track everything at some point in the future (even if they won’t admit it to themselves). 

Here’s their current set of excuses:

Retailers and consumer-goods companies are hesitant to agree to removing tags from items at the time of purchase for several reasons. One reason is that RFID tags could help with returns by exposing people trying to get a refund for a product they never really bought, or one they purchased from another store. In the future, technology proponents envision medicine cabinets and home appliances equipped with RFID readers, alerting people to expired drugs and automatically selecting the gentle cycle on the washing machine for delicate clothing.

Frankly, I don’t give a damn about these problems.  I’m willing to pay the slightly higher prices that refund scams generate in exchange for privacy.  Frankly, there are non-RFID methods for dealing with fraud, though, so I find this an unpersuasive point.  As far as these “smart home” concepts, the industry’s own research shows that people don’t care about these things (although they keep hammering on this; in my more cynical moments I think they hope it will be the sugar that helps people to swallow RFIDs).

All the industry needs to do is make sure the tags are killable and that people are fully informed about how to make sure they’re dead before leaving the store.  That one thing would mollify me.  As long as they resist this, I will regard them with a high level of suspicion.  Resisting what seems to me to be such a reasonable request makes me very wary of their ultimate motives.

Some previous items I’ve written on the subject of RFID tags:
The basic problem.
RFID and cameras.
Implanting RFID chips.

Here we go again.

Applied Digital Solutions of Palm Beach, Fla., is hoping that Americans can be persuaded to implant RFID chips under their skin to identify themselves when going to a cash machine or in place of using a credit card. The surgical procedure, which is performed with local anesthetic, embeds a 12-by-2.1mm RFID tag in the flesh of a human arm.

I don’t forsee myself ever doing something like this.  I can just imagine that criminals will start using RFID scanners to digitally pick your pocket arm.  Or worse, hacking off someone’s limb to get at their RFID tag.  Applied Digital Solutions has been working really hard to come up with a use for this implantable technology, but so far no one has really bought into it (their first product was an implantable tracking device).  This sounds like another attempt to get some traction.  Frankly, I wouldn’t shed any tears for them if they flopped and went out of business.  I consider them distasteful in the extreme.

I’ve previously written about RFID tags and their privacy implications.  Today, Slashdot had this article that includes details of a scheme being introduced in England that would snap your picture when you remove a tagged item from the shelf and then use that to identify you at checkout (supposedly to match you to the item to prevent shoplifting).

Alan Robinson, manager at the Tesco store on Newmarket Street, Cambridge, seems excited about this store’s current trials of RFID tags in Gillette Mach3 razorblades. Speaking to Smart Labels Analyst magazine in April this year, he said: “We are cooperating with this trial in every way we can – we would like to be a test bed for many more trials of this kind.” He adds: “We haven’t had a single customer ask what the tag is doing in their packet of razors!” Notoriously subject to theft (small, expensive and easily resold), these blades were tagged by Gillette, which earlier this year ordered 500m radio-frequency ID tags from the aptly named Alien Technology Corp. At the Tesco Cambridge store, reports the magazine, a camera trained on the Gillette blade shelf, and triggered by the tags, captures a photo of each customer who removes a Mach3 pack. Another photo is taken at the checkout and security staff compare the two images to ensure they always have a pair.

A spokesman for Tesco confirmed that this set-up is in operation. He says: “Generally in retailing, razorblades are stolen more than other products, but that is not why we are doing the trial. We have plenty of security measures in place to stop things being stolen. [This trial] is not to do with security or theft, it is a supply chain trial.” According to the spokesman,”there are certainly not any privacy concerns” in relation to these tags. He adds that there is plenty of in-store signage indicating the supermarket’s use of CCTV cameras.

Still, customers might not infer from this information that these cameras are being used to take a digital photo of them each time they lift a Gillette razorblade from the store’s shelf – it only takes one to prompt the camera – and again when they present the pack at the checkout. Tesco says that the photos are “temporarily stored”, but does not specify for how long. However, Smart Labels Analyst magazine explains that this system enables the store to “blacklist certain shoppers and keep an eye on them”. In his interview with the magazine, Alan Robinson recounts an occasion when his Cambridge store was able to show the police a photograph of a shoplifter in the act of removing two packets of razors from the shelf: “The police were completely flabbergasted, having never seen anything like it in their lives.”

The two passages I’ve added emphasis to are quite telling.  No privacy concerns my ass.  These guys are the perfect examples of retailers who are eager to track your every move and link it all together to either market more crap to you or blacklist you from their stores.  And don’t think that the blacklisting will be confined to just shoplifters for long.  Complained about the service the other day and caused an employee to take too much time (but you don’t usually buy a lot of stuff in the store)?  You will be flagged as a costly complainer.  When you show up at the store next time they may try to drive you away, since you’re not worth enough for them to waste their time with you.  I know one person that Fry’s would probably love to keep out of their computer section (since he is known to them for questioning them about every sale item; which is quite aggravating to them, since their sales are often deceptive).

I just hope this never makes it here, but I’m not confident that the people in England will make enough fuss about it to make the trial unsuccessful.  They’ve gotten so used to meekly submitting to surveillance schemes that I fear for them as a people.

The rest of the article has more information about loyalty cards, which also makes for interesting reading.

I’ve been meaning to write about RFID tags since I got an email on Monday about a security hole on the Auto-ID center’s website that allowed anyone to access their confidential documents.  These documents related to market studies on RFID tags and how they would “pacify” consumers with regards to their “emotional” privacy fears.  CASPIAN’s email might be a bit breathless and overblown concerning the issue, but the documents are still somewhat damning to the industry.  They have since pulled the documents (or fixed the hole), but not before Cryptome mirrored them.

For those that haven’t been following the issue, an RFID tag is a small (imagine a grain of rice or smaller) passive (non-powered) microchip that emits a radio signal with a unique identifier when it is hit by a radio transmission in a certain frequency range (it varies for each device).  The signal is of very low power and can only be read (at present) within a few feet (once again, this varies by device from approximately 3 to 15 feet).  The idea is that these tags can be used to track inventory in stores and warehouses.  If you had a case of razors, simply moving the box by an RFID scanner would tell you how many you had in the case.  Stores are interested in this technology as a replacement to barcodes (both for automated checkout and for “smart shelves” that could manage inventory).

At this point you may be wondering what the big deal about all this is.  After all, it’s just a way of tracking products.  And at present the trials are just in warehouses (with tags attached to pallets and boxes).  However, the industry direction is to push the price of these tags down to less than one cent per tag so that the tags can be embedded in the product (or in its packaging).  This level of tracking would be required to realize the goals of automated checkout and smart shelves.

It’s at this point that people like me who worry about privacy get concerned.  If the tag is not deactivated (in a way that we can trust is permanent) at the point of sale, it leads to the possibility of tracking on a scale that boggles the mind.  The RFID tag is different from a bar code in that each and every RFID tag emits a unique identifier.  This means that not only does the RFID tag identify the type of an object, it identifies the specific instance of that object (like a serial number).  If this is linked to purchase records, it means that anyone with a scanner and access to the records could identify you and everything you have on or about your person.

Of course, the RFID people claim that they would never do this.  And I think they may actually mean it.  However, I don’t trust that the businesses that get their hands on this technology won’t abuse it in the future.  Also, the RFID people claim that the tags can only be read from a short distance, so it’s unlikely that you could be easily scanned.  Once again, I find this unpersuasive.  Most stores these days have scanners at their entrances and exits that work with the existing inventory control system.  In some cases, they force you to walk though a choke-point where the scanner is only a few feet from you.  It wouldn’t take much to convert one of these to an RFID scanner.

Can you imagine a business that wouldn’t drool over the ability to know who you are and what you’re carrying when you walk into a store?  While some would say that this is good, I don’t agree.  The potential for misuse is far too high.

Another concern is that criminals could obtain scanners and could instantly know what you’re carrying if they got near you.  Also, there is concern that new technology could be developed that increased the range of the scanners.  The RFID industry tries to downplay this angle by saying that the power of the chips is so low that they can’t be read at a distance.  And it’s true that the chips rely on the EM from the scanner to be activated.  However, advances in technology of the receiver might someday allow for greater ranges (or even for the signal to be read through a wall).  If that ever happens, and you have a houseful of RFID equipped stuff (provided they aren’t premanently deactivated), a criminal could scan your house and know what you had without having to come in. 

Or even if the privacy issue is ignored, the potential for wrongful harassment by “loss prevention” types is still there.  Imagine if the system wasn’t coded correctly (or lost data) and thought that the pair of pants you bought there last week weren’t actually sold.  You’d be detained by security on the way out and have to prove that you bought the pants you’re wearing.  If you don’t think it can happen, I experienced something similar when I was in college concerning the library’s security system and a textbook that I legally owned.

At this point, though, it appears that the technology is still too immature to use on store shelves.  Wal-Mart, which championed bar codes in the 80’s, was hot to use RFID tags, but they’ve cancelled a trial in one of their stores.  They will now focus on warehouse operations.  But this doesn’t mean that they’ve given up.  It just means that it has been delayed.  And I suspect that we’ll see a public relations campaign to “pacify” the public’s privacy fears in the meantime.

What I find interesting is that while the industry had paid lip service to privacy concerns, they don’t seem really interested in killing the RFID tag at the point of sale.  They’re adding a “kill” feature to some of the new chips, but they want to make you “opt-out” of using the tag, rather than having you opt-in to leaving it active.  For me, I want them all dead when I leave the store, and this will be yet another hassle to deal with at checkout.  They keep talking about a “smart house” concept where your pantry keeps track of the food and your washer knows the right settings for the clothes, but their own market research (which they conveniently left open for us to read) shows that people think that the concept is ridiculous.  If I was prone to conspiracy theories, I’d think that they are looking for a way to spin the technology so that we’ll accept keeping the tags alive.  Then they would be able to implement the other tracking features that worry people like me.  But that’s only if I were to buy into conspiracy theories. 

In the meantime, I’m going to keep watching this issue.  If it comes to market, and I don’t trust their implementation of it, I’ll have to examine how to disable them myself (they say that microwaving works, but that it could set the object on fire, which would be a definite drawback).  I suspect that there will come a day when we won’t be able to buy an object without an RFID tag in it.  We need to be vigilant to make sure that the RFID tags are handled on our terms.