Security & Privacy
RFID Privacy
Freshness Warning
This blog post is over 20 years old. It's possible that the information you read below isn't current and the links no longer work.
23 Dec 2003
RFID News has an excellent analysis of a recent USA Today column on hypothetical nightmarish privacy violations by companies utilizing RFID tags. The gist of the analysis is that USA Today is sensationalizing the concept. Companies, governments, and individuals already have far easier and more effective ways of gathering information about you than RFID can provide.
One example of the “sky is falling” reporting is their scenario of marketers watching what you are interested in:
A department store’s RFID system recognizes that you’re carrying an item you bought there last week. Now it knows who you are. And if there are readers scattered about, it knows where you’re going. Come home to a phone call, “Mr. Kantor, we noticed you were shopping for a television…”
Retailers are smarter than that. They tend to avoid behavior that consumers are going to find creepy. When I worked for a telecomunications company I found that when someone called our call center, the systems automatically looked up the phone number of the incoming call (this was before caller ID was popular or widespread), looked up the corresponding account, and displayed the account details on the operator’s screen.
They had initially experimented with answering the phone, “Thank you for calling us Mr. Johnson. How can we help you today?” Callers understandably found this a little spooky, so the operators began answering the phone as if they had no idea who was on the other end.
If a retailer were to use RFID or any other method of identification to discover who was browsing for what products, they would likely use this information in a way that was much less overt. Email offers sent would magically include deals on products that the consumer was interested in. Direct mail would be targeted with products that a large number of people in a particular zip code had shown interest in.
It’s also important to note that, at this point at least, most companies don’t have their databases integrated to the point that they can target marketing in this method. Retailers spend billions of dollars on products that don’t sell, merchandising that doesn’t work, and marketing that falls flat. Many of these companies have the data that could have prevented these problems but are unable to properly analyze it to extract valuable information.
At least right now, that’s what’s going to prevent wholesale intrusions into our privacy — the inefficiencies and ineptitude of corporate data operations. Companies are already drowing in data. Turning that data into useful information is a lot harder than it sounds.