University of Washington Tracking the Edge of Privacy

Roland Piquepaille writes "We've been told for several years that RFID tags would eventually be everywhere. This isn't the case yet, but researchers at the University of Washington would like to know if the future of social networking could be affected by these tags and check the balance between privacy and utility. They've deployed 200 antennas in one UW building and a dozen researchers are carrying RFID tags on them. According to the Seattle Times, all their moves are tracked every second in the building. Of course, it can be practical to know if a colleague is available for a cup of coffee but this kind of system (if in widespread use) has some serious implications. As the lead researcher said, 'what we want to understand is what makes it useful, what makes it threatening and how to balance the two.'"

Comparison to social networking

[Ethanol-fueled]

As long as carrying an RFID tag is 100% opt-in and semi-passive or active RFID tags are used so that the user could switch it off at any time if privacy is desired. This would be a good way to make RFID tracking analogous to social networking(as stated in the summary) -- that is, I can choose not to "install" the "software". If I choose to "install" the "software", then I should also be able to set it to "privacy" or "stealth" mode so that nobody could track or bother me while I'm coding.

I do support 100% RFID-style monitoring in sensitive places(such as the NSA) which are involved with national security...and AT&T dosen't count :P

Re:Comparison to social networking

[geekboy642]

Oh. That's a fantastic idea. Equip every worker in a highly sensitive secure area with a device that immediately reveals who they are to anyone with $20 of equipment once they leave the secure area. Because, you know, I think it's great if some random NSA worker gets off work, wants to grab a tasty Starbucks' non-coffee beverage on the way home, and is assailed by ${RANDOM-ANTI-US-RADICAL} because she was carrying a tag that electronically identified her.

Re:

[The_DoubleU]

Because, you know, I think it's great if some random NSA worker gets off work, wants to grab a tasty Starbucks' non-coffee beverage on the way home, and is assailed by ${RANDOM-ANTI-US-RADICAL} because she was carrying a tag that electronically identified her.

Yeah!
And if you could include some more government agencies, members of parliament, etc*. Then the US might have a future.

*I would include AT&T

You can't hide from technology.

[gnutoo]

This stuff is here and can not be stopped, but you can hide [slashdot.org] and this is the only way to minimize abuse. Governments and companies have a huge advantage over the rest of us in this because they own your currency, create you ID cards and supply things you will have to buy unless you are very rich. You could exterminate everyone in power today but their replacements will do the same things.

Re:

[icebike]

Why would tagging members of Parliament affect the US's future?

Do you really think some county's Parliament some how affects the US, or are you so stupid you think the US has a Parliament?

Re:

[Brian Gordon]

Not to mention the pressure not to deactivate it. If you have 4000 workers submitting to be tracked, why did 1 just turn theirs off before entering a secure area? Make the arrest first, ask questions later.

And what language is ${THAT}?

Re:

[JFitzsimmons]

Shellscript.

Re:

[tftp]

And what language is ${THAT}?

That is shell (bash). Useful if you want something like this:

foo=bar
echo "Where is the ${foo}tender?"

Re:

[Ambiguous Puzuma]

Presumably people in highly sensitive areas already need to identify themselves anytime they enter the premises. What if, after identifying themselves, they were given badges (selected at random) with RFID chips containing random numbers, and leaving meant dropping off said badges? Without access to the database tracking which people were assigned which badges, it would be impossible to tell which number is associated with which person at any given time. So the content stored by the RFID chip would be us

Re:

[unlametheweak]

The fact is, in my experience dealing with managers, politicians, and other professionals (as a truly asswipe nobody as I am), I have noticed an extreme lack of intelligence or concern with what could possibly go wrong with their rather simplistic systems, laws, beliefs, etc.

Yes, to the Manager I will always be one of those people who has a "bad" attitude because I am intelligent enough to notice the discrepancies between logic and practice. Don't get me wrong; my tact is pleasant outside of slashdot, but m

Re:

[Sanat]

There is nothing wrong with being able to think four or five steps ahead of others... except that others will disagree with what you say until it begins to occur then they will "You were right"... but then the next time they will will not have learned.

I imagine that there are lots of individuals on Slashdot who can envision more steps ahead than most others in their organization and it is painful sometimes to watch occur exactly what you predicted would occur.

Software design is especially like this... A dep

Re:

[unlametheweak]

Don't discredit yourself because you think out of the "box" so to speak.

In many respects I am not discrediting myself; I am just making an observation. As a very, very young child I was always doubting people (and myself for that matter). I think that is both a product of my genes and my somewhat unique upbringing (environment that is... where there were many, many contradictory forces at play)... I will only give a hint at them (like old-world traditional values vs. new world Western values)... that's just a very small hint of the contradictions I faced when growing up, and I

Re:

[chunk08]

I've always thought of the concept of "thinking outside the box" as a very good and idealistic concept, but taken in reality; people who truly think-outside-the-box will ultimately be outsiders, and therefore be on the shortlist for being fired or "laid-off".

Yes, too true. I question a lot of things, and I fear I am outside the box even at /.

The government wants too much control of citizens, and unfortunately, most people have been raised to think that's their job. Good to see that someone is willing to q

Re:

[Sanat]

Nice Feedback

The times... they are a changin. I sense that those wired differently from the average human will find themselves sought after by many in the upcoming years. Whether it will be with guns or job offers... that I can not say.

I remember when I was in the 3rd grade (50's) and the teacher pulled down a map of Earth that showed the seven continents. I said "Looks Mrs. Beard, if you push all the continents together they fit together like a puzzle". Her retort was "Don't be ridiculous that is a stupid

Re:

[p0tat03]

Eliminating RFID tags won't solve your problem either. If an extremist wanted to assassinate/kidnap someone, they could EASILY obtain photographs of him/her and do very much the same thing. It's not as if tailing someone home is a recent invention. With sites like Facebook and MySpace it's easier than ever before. In fact, photographs/stalking is lower tech and probably much easier than carrying around an RFID tag reader and randomly scanning people hoping you find your target.

Re:

[justinlee37]

Simple, leave the tag with a receptionist at the entrance to the "highly sensitive secure area," who also has a file of all the employees (with their names and photos) on her computer. Heck, if you wanted to get really fancy, you could make them enter a PIN code and scan their handprint as well in order to receive their tag from the receptionist.

You thought of a problem, but didn't consider the solution, and therefore didn't realize how simple it was.

Re:

[geekboy642]

Your solution is quite lacking. Here's why:

Current situation: Everybody has some kind of badge with a mag-stripe for access. These must be issued and collected when people are hired or leave the unit.

First proposal: everybody has some kind of badge with an rfid for access. These must be issued and collected when people are hired or leave the unit, as well as being sniffable by $20 of Radio Shack junk.

Your proposal: everybody has some kind of badge with a mag-stripe for access. These must be issued and colle

Re:

[justinlee37]

First off, receptionists don't get paid $75,000/year. Most police officers don't even get paid that much.

Second, this is obviously not a system worth implementing unless there are serious security concerns -- it might make sense to install a system like this in a nuclear missile silo, but it wouldn't make sense at the courthouse. To imply that such a system is unreasonable because it would cost too much to install at every government facility in existence is just fishing for a problem that isn't there -- o

Re:

[geekboy642]

First off, receptionists don't get paid $75,000/year.

Did you read what I wrote? Or are you being deliberately obtuse? I specifically and intentionally wrote "compensation". In a government job, the total compensation for an entry-level receptionist will cost roughly $75k yearly. My source [govexec.com] claims $106k total yearly compensation for the average government employee.

Third, a receptionist is the only reliable facial-recognition system on the market today.

Not true. A person is the most reliable facial-recognition

Re:

[geekboy642]

"annoying geek sarcasm"?

I'm sorry, am I no longer on SLASHDOT, the BASTION of GEEKS? What you mean as an insult, you anonymous sniveling worm, I proudly wear as a BADGE OF HONOR!

Re:

[itlurksbeneath]

I don't think you understood GP at all. In his example, NSA worker would have their tag on during the day while at work and once they left work they could CHOOSE to turn their tag off for privacy (no need for the boss to know you were stopping by the nudie bar on the way home).

Re:

[unlametheweak]

As long as carrying an RFID tag is 100% opt-in and semi-passive

Don't count on it. In places like the US, they are sometimes mandatory, assuming that having a certain job is not "100% opt-in". But really, it all depends on how prevalent they become. I can imagine that they will eventually become prevalent in places like the US based on their previous history on privacy matters; I'm thinking of the seemingly arbitrary and ubiquitous use of drug testing in the US, among other issues. Companies that you would expect to have no interest or relevance in drug testing (like B

Privacy must be active.

[gnutoo]

The people behind The RFID Privacy Guard [rfidguardian.org] saw all of this coming a long way off. When it comes to RFIDs you can't trust other people to do what they should. Even if reasonable laws [theregister.co.uk] are passed over violent industry opposition [slashdot.org], any store clerk can make a mistake. Recent ISP behavior, the choice point scandal and the still active TIA program all show that government and big dumb companies are able and willing to break the law. Anyone who wants to guard their privacy will be forced to monitor themselves.

T

Re:

[CrimsonAvenger]

As long as carrying an RFID tag is 100% opt-in and semi-passive or active RFID tags are used so that the user could switch it off at any time if privacy is desired. This would be a good way to make RFID tracking analogous to social networking(as stated in the summary) -- that is, I can choose not to "install" the "software". If I choose to "install" the "software", then I should also be able to set it to "privacy" or "stealth" mode so that nobody could track or bother me while I'm coding.

A corollary of th

Re:

[spearway]

You are making several very large assumption there.

First one is why does a democracy need secrecy? Anything that is paid by the public (i.e. you and me) we should have access right? We paid for it. How do you justify public secret? Even the efficiency argument is bogus how did our secret service not know what Saddam Hussein was doing?

Second you are assuming that some agency will be able to behave itself with the worker mostly private data. This is also an incredibly big assumption. Data is very hard to dest

Re:

[geekboy642]

First one is why does a democracy need secrecy?

This is a straw-man argument, but I'll respond anyways.
From time to time, the US has fought wars, some of them good, some of them bad. In all cases, we kept secrets about the wars. Would you prefer the North Koreans to know every weakness of our missile defense? Would you prefer that the U.S.S.R. had known exactly what our defensive arsenal was during the Cuban nuclear crisis? Would you prefer that Muslim extremists know our exact travel routes and troop densit

Re:

[supersat]

Carrying a tag is 100% opt-in. Only the researchers are carrying the tags right now, but once other people are recruited to do so, participants will be given a very clear informed consent form to sign stating all of the potential privacy issues. The projects has been heavily scrutinized by the UW Human Subjects Institutional Review Board. The tags are completely passive, but you can easily take them off, cover them in foil, or physically destroy them.

Even if they did have an on/off switch, I suspect most pe

Re:

[Ben Hutchings]

Speaking of AT&T, AT&T Research Lab in Cambridge was doing something very similar to this 10 years ago. The system was called Active Badge.

Double Edged Sword

[eldavojohn]

Of course, it can be practical to know if a colleague is available for a cup of coffee but this kind of system (if in widespread use) has some serious implications. As the lead researcher said, 'what we want to understand is what makes it useful, what makes it threatening and how to balance the two.

Um, I kind of view this technology as being inherently double edged. You give someone the power to find you at any time. This can be used for convenience often. This can be used for your boss to track you down on Saturday. This can be used to set you up or murder you. There's a whole rainbow of possibilities, the latter listed are probably less probable but quite scary.

Me, I hate it when people call me on my cell phone. Oftentimes I don't answer, my phone has never been off vibrate. I wouldn't opt for this technology at any point in my life for any reason. Other people may feel differently and more power to them. I don't understand why research is needed to see that, perhaps there are more caveats I don't see. But if you're thinking about making this mandatory under the guise of security or comfort, you're going to be tracking my RFID tag in a garbage can.

Re:Double Edged Sword

[CowboyNealOption]

As a network administrator, I think having users come find me in the bathroom when their email isn't working would be just dandy. Though I have to admit removing my rfid tag out and gluing it to a cockroach and letting it go in the ceiling could be amusing.

Re:Double Edged Sword

[eldavojohn]

Though I have to admit removing my rfid tag out and gluing it to a cockroach and letting it go in the ceiling could be amusing.

User A: "Goddamnit, he's in the vents again!"
User B: "But the system just showed the system administrator crawling in between the rafters!"
User A: "I know, but maybe if we left some Jack Daniels in a dish, he would smell it and come out?"
User B: "Ok, we better hurry though, my own personal internets keep getting slower and the Vista is asking me if I should accept or deny some application named MSBlastWorm32.exe that hasn't signed the proper forms yet ... what do I do?"

You want people to come into the can and strike up a conversation with you about an inane obvious problem? Either you're joking or you're a masochist ...

Re:

[DudeTheMath]

What about employers measuring time spent in the bathroom and bringing that up on a performance review? Some of us have more, ah, contemplative digestive tracts, and, well, sometimes ya gotta go at work.

Of course, if you post Google's "Testing on the Toilet" blogs in the stalls, you could say you were still working.

Re:

[b4upoo]

Right now there are so many false accusations abounding in society that having proof of exactly where one was and when could be a real lifesaver. Male teachers are becoming extinct in the lower school grades due to fears of being falsely accused. Having these tags on both students and teachers sounds like a good idea to me.

Re:

[LingNoi]

Except it would just lead to more false prosecutions, "The ID tags were in the same room at the time of the incident, THE SYSTEM NEVER LIES! Guilty!"

Re:

[mfnickster]

It all depends on who you trust to keep the information.

Even though you don't usually answer your cell phone, the service provider can tell where you are pretty much any time they want. Possibly even when your phone is turned 'off.'

Do you trust your mobile company not to help track you down on a Saturday, or not to set you up and murder you?

Re:

[WaltBusterkeys]

Keeping the information is the hardest part. If U-Was keeps the info then it has every incentive in the world to protect the privacy of its employees: Angry employees make bad employees and tend to leave their jobs. But, if an identity data broker [reputation...erblog.com] keeps the information then they have every incentive to sell the data to the highest bidder, AND they are nothing but a giant target for dedicated identity thieves.

To address your other point, most (if not all) cell phones are truly "off" when they are off -- t

Re:

[Skavookie]

I know (using this sort of test) that my cell (a really old Samsung SGH-R225M) is never really "off." This is slightly off topic (sorry) but not entirely. Does anyone know of a database of cell models that do/don't do this? It might be interesting to compile such a database.

Re:

[Original Replica]

this technology as being inherently double edged.

Of course it is, but these academics will go ahead and develope this tech and then be all suprised five to ten years down the road when Real ID cards with complete live tracking become a required "National Security" measure. I'm far less concerned with the idea of some random psycho using this to track me as I am with the government and other dataminers (marketing, transit, credit agencies, insurance) tracking me. "if you're thinking about making this manda

See also: The Bat Ultrasonic Location System

[26199]

This sounds not entirely unlike the bat [cam.ac.uk] system worked on in Cambridge, UK.

IIRC one very simple approach to privacy was to notify people when someone checked on their position, and who it was.

Re:

[Ambush Commander]

IIRC one very simple approach to privacy was to notify people when someone checked on their position, and who it was.

From my understanding of RFID, this is not technically feasible...

Re:

[26199]

It wouldn't be via the RFID tags. But the RFID tags can't do the position check on other tags, either, so there has to be some separate UI for that. And it could notify...

Re:

[Skavookie]

And you trust that system?

Re:

[datatrash]

Interesting. The UW RFID project reminded me of Steve Mann's [wearcam.org] work with cameras, particularly his concept of sousveillance. I think there is a quite a bit of good use to be had with RFID tags, especially for a plastic tag you could put on luggage, or other shipping issues. I'm glad they conducted this study, there is some scholarship on what the effect of privacy might be in a "web of things" but scientific-ish research is always nice to pull out to bolster your argument when these issues are being legislate

When anonymity is outlawed.....

[himurabattousai]

only outlaws will have anonymity? (worst case scenario, I know, but one that far too many people are in favor of).

Tinfoil hat time...

[$RANDOMLUSER]

There's an interesting 2-page ad for the U.S. Air Force running in magazines this month - page 1 is a picture of a crowd, mother carrying a baby, etc., caption reads "How do you fight an enemy who hides among the innocent?". Turn the page, there's a picture of a Predator [wikipedia.org] UAV flying over a city, caption reads: "Never let them out of your sight".

I'll leave you to decide who "them" is.

tinfoil wallet.

[Mactrope]

Tinfoil wallets make sense if you have a device to check like the RFID Privacy Guard that's been talked about here so often.

As for the "how to catch a thief" problem, you would hope the answer would be police work and a trial, but the grim reality is that all too often the answer it to throw a missile at the suspect in a crowd. Shamefully, some people think this kind of terrorism is a fine substitute for justice [haaretz.com]. Observation is only the first part of this kind of crime.

StephenGillie

[StephenGillie]

The University of Washington (UW) has other plans involving RFID. Currently, UW sells bus passes to students; these are represented by a sticker that is applied to a student's "Husky Card". The Husky Card is a magnetic swipe card that controls building access and also provides dining card functionality to students. The plan is to replace the current Husky Cards with an RFID-implanted one. This would allow the cards to integrate into the local Seattle Metro and Community Transit bus services' ORCA system, which uses an RFID system to track fares and passes. A little-mentioned affect on privacy is how RFID antennas could easily be placed around campus and around Seattle, tracking students as they go about their lives.

Re:

[b4upoo]

I can see it giving way too much power to the parents of older students. For example if you see that girl you won be going back to college this year. Then simply charting the girlÅ tracks along side your sons tracks would let you know in a hurry. The catch is that this might be applied to a 23 year old student as easily as to a 13 year old.
Yet even though I can see potential for abuse we can also simply believe in always letting the truth being seen by all people, all

Re:

[Thomasje]

A little-mentioned affect on privacy is how RFID antennas could easily be placed around campus and around Seattle, tracking students as they go about their lives.

That effect is painfully easy to prevent: just wrap the card in tinfoil (not just useful for making hats (TM)) and only take it out when you actually use it. Want to ride the bus anonymously? Pay cash.

N.B. The EZ-Pass system we use here in the Northeast, which uses RFID chips to identify cars for toll collection purposes, actually explains how to disable the tag by storing it in a conducting plastic bag, which they provide.

Re:StephenGillie

[badboy_tw2002]

" A little-mentioned affect on privacy is how RFID antennas could easily be placed around campus and around Seattle, tracking students as they go about their lives."

Yes, it certainly would be easy, wouldn't it! All one would have to do is get some budgeting approved for a few thousand antennas, then ensure that you have the proper paperwork to install the antennas on private/public property. Next lets make sure we can run power to these suckers (they need some juice to go full time), and of course we'll need to either get them running on a cell network or else run some cable to get back the data. Finally, I'll need some easy simple software to combine all the data streams I'm getting, cross-reference them against the student database, and then plot everyone's movements out on my giant command and control station. Yes, yes, ALL too easy! I've got you now Johnny Q. Student! You're going to ... the Library! Ah-ha! Now I can...uh...know where you are!

ORCA cards and Enhanced Drivers Licenses

[supersat]

Tracking students by placing antennas everywhere isn't that feasible. The ORCA cards use the ISO 14443 standard (they're Mifare DESFire cards), so their read range maxes out at about 10 cm.

The more problematic parts of the system include the fact that your last 10 rides per transit agency (there are 7 in ORCA) are stored on the card, and a database of your bus rides will exist. That database is subject to records retention laws, and the media (under certain conditions) and law enforcement can request the da

Re:

[Skavookie]

Just to point out that you don't have to install antennas all over the place, just at choke points (doors, etc).

long ago at the media lab

[bobkoure]

The MIT Media Lab had a tracking system in the '80s (and may or may not still have it).
It was used mostly for telephone routing - if you were in a room and the phone rang, it was for you.

Re:

[icebike]

What if it was for her?

Just on the chance, neither of us answered.

Re:

[museumpeace]

MIT also had a system to track people in AI/comp sci buildings and it was hated or at least hacked. Sussman's ID was duplicated and everyone used the copies...it began to look like there was only one person and he was simultaneously everywhere [that hack had the desired effect and the system promptly went out of use.]

Re:

[Froggie]

Cambridge Uni, 90s, same principle. Desktop sessions would follow you around using VNC...

Use very sparingly

[JamesRose]

Honestly, we all know it, the truth hurts- its just not helpful, when you're trying to avoid that person who really bugs you by constantly asking useless questions, or you're on your lunchbreak and you want to just quietly sit round the office, you really dont want people knowing where you are most of the time. It just isnt necessary, it breeds an air of distrust and interfere's more than anything.
Having said that, having the office first aider on an RFID tag, or maybe even insisting on RFID tags in desgnat

UW-MS collaboration?

[zen-theorist]

At some level, this certainly is one given their close ties [washington.edu] and MS's (dis?)interest in individual privacy.

Opt-in, and friends network

[Midnight Thunder]

I think that while this type of people tracking has its uses, the biggest concern is that of personal privacy. For me these things should work like buddy lists, where you decide who can discover your location (not some third-party) and you decide whether you use this. You could also make it so that when someone asks where you are, the device notifies you and you press a button to accept discovery. You wouldn't even need to worry about being tracked, since you could make it that the RFID is not transmitted u

That explains it

[93 Escort Wagon]

I was wondering why Professor Boriello was so chummy the last couple times I ran into him, patting me on the back and such.

Guess the staff participants don't necessarily know they're part of the project...

I hate technology

[sijucm]

I love my privacy.

Let's face the facts...

[Jane Q. Public]

The utility of RFID to consumers or end-users is minimal. The vast majority of the utility is to marketers, advertisers, and possibly employers. On the other hand, the intrusion, and risk of privacy invasion and loss of freedom is overwhelmingly on the side of the consumer or end-user.

To the private citizen, 90% or more of the possible uses of RFID would be VERY BAD things if implemented. Others would gain by their loss.

I wish I could impress this concept on more people.

RFID IS everywhere...

[TheGreatOrangePeel]

...or at least it is in Chicago. The majority of people here have what are called the "Chicago Card" which are RFID badges to get on the public transportation system. What's more, I've 3 just to get into work. One for the "L", one for lobby security and one for floor security. Heck, these days, my mom even carries one to get into the kitchen where she works. She calls it her magic name badge. I'm not even started on the credit cards that have them.