WASHINGTON—A leading industry group blasted a Department of Homeland Security draft report that highlighted potential privacy problems with radio frequency identification technology and downplayed the value of the wireless technology.
“RFID technology may have a small benefit in terms of speeding identification processes, but it is no more resistant to forgery or tampering than any other digital technology,” concluded DHS’ Emerging Applications and Technology Subcommittee in a 15-page report. “The use of RFID would predispose identification systems to surveillance uses. Use of RFID in identification would tend to deprive individuals of the ability to control when they are identified and what information identification processes transfer. Finally, RFID exposes identification processes to security weaknesses that non-radio-based processes do not share.”
The report, which has yet to be considered by senior DHS officials and therefore does not constitute agency policy, is at least a temporary setback for high-tech and electronic firms hoping to do business with the federal government—especially a massive agency like the DHS. President Bush requested $42.7 billion for DHS in fiscal 2007. The Department of Defense and State Department are poised to be major government RFID users. Neither agency is believed to have voiced as strong concerns about RFID privacy as has DHS.
The American Electronics Association, whose members are players in the mobile-phone and wireless broadband space, said the DHS draft report makes “many sweeping, unsubstantiated and incorrect generalizations made without pointing to scientific data, field tests or published reports.”
AeA also said the report:
-
Disparages RF-enabled technologies through conclusory statements without the support of quantitative data.
-
Uses generic definitions of ‘RFID,’ which are detrimental to evaluating technologies and creating best practices.
-
Misstates the fact that ‘tracking of human beings’ is endemic to RFID. “In fact, technology by itself is neutral—only those who control the data may track people,” AeA stated.
-
Fails to note that certain RF-enabled technologies actually enhance the security and privacy of Americans’ personal information and data.
“Although the high-tech industry takes great exception to the tenor and tone of the draft report,” said Marc-Anthony Signorino, director and counsel for tech policy at AeA, “we nevertheless applaud DHS’ efforts to establish a solid policy foundation and strong best practices when implementing any technology for use in identification credentials. Any policy statement should reinforce, ‘Don’t ban technology, ban bad behavior.’ “
The DHS Emerging Applications and Technology Subcommittee said the agency should closely examine whether RFID technology should be used to identify and track people in light of the fact other technologies may accomplish the same goals with less risk to privacy.
“Should DHS go forward with RFID to identify and track individuals, a number of practices and recommendations exist to guide program managers,” the DHS panel said. “More analysis would be needed of specific RFID-based identification programs, particularly as to collection, maintenance and use of information collected via RFID.”