TCS Daily

Big Brother in Your Shopping Cart?

By Louis James - July 23, 2004 12:00 AM

An emerging controversy that does not seem to be getting as much attention in Europe as it is in the U.S. is that surrounding Radio Frequency ID chips (RFID). Perhaps this is for the best, as the technology has enormous beneficial potential for personalizing service and products, and it is largely private parties that are pushing the development. But, despite the views of some observers, there appear to be some very dark storm clouds that come with all that silver lining, and they are worth examining.

What is RFID?

RFID chips are tiny computer chips that can be embedded in almost any product. Unlike the UPC bar code pasted outside many products today, which identify the category of product for cash registers, the RFID chip emits an EPC (Electronic Price Code) that identifies the specific item. That's right, each Mars bar or pack of cigarettes can be individually tracked from its manufacture, through its sale, to your home, and the land-fill where the packaging ends up (if the chip is in the packaging).

Why would anyone want to do that?

This technology allows merchants and manufacturers to better track what happens to their goods, quite believably allowing them to offer better service to their customers. For example, RFID Journal reports in July of 2004 that European retailer Metro Group opened an RFID demonstration facility. At the facility, a company called MCRL ...

" showcasing an interactive kiosk using RFID technology to provide consumers with a way to quickly retrieve data on the meat they are about to purchase. ... [P]repackaged meat items, each bearing a smart label, can be presented to the RFID reader in the kiosk. The kiosk's screen can then display a detailed account of that item's history in the supply chain, such as the animal's date of birth and the farm where it was raised, as well as perhaps the kinds of food it was fed, the date and place of its slaughter, and the name of the wholesale butcher. According to the company, there is almost no limit to the amount of and type detail that could be displayed at the kiosk."

Pretty cool, huh?

Some people think so. Professor Ken Sakamura of the University of Tokyo recently unveiled a "UC-Watch," an RFID reader developed by the YRP Ubiquitous Networking Laboratory that Sakamura directs. The UC-Watch features a function to read data based on "ucode," an RFID numbering system. Information pulled from RFID chips is displayed on a 120x160 pixel screen.

So, what is the controversy about?

Enabling a customer to access detailed information on products they are about to buy could be a great service. One day, with RFID, people will be able to walk into stores, take whatever they want, and walk out without having to stop at a cash register, their purchases being deducted automatically from their credit or debit accounts. However, the same technology allows merchants, potentially manufacturers, and at some point, probably governments, to turn the tables and track consumers. Consider: supermarkets already compile shopping-pattern dossiers on their customers, thanks to customer loyalty and discount cards. They are known to sell this information. With RFID, tracking can go beyond the point of sale; the chip remains embedded in the product. Merchants interested in reducing theft are excited by the prospect of being able to track stolen goods outside their stores, right into people's homes, but privacy advocates are less enthused.

If it was just one-time tracking, it might not be so bad. The problems arise from two main sources: a) the chips don't go away, and b) the databases filling with information about which products went where, were associated with which individual bank accounts, etc., also won't go away. Some people might like to walk into a store and be greeted by a computerized voice, letting them know about the discounted prices on products they purchased on their last visit. Others will not, and they won't like having information on their shopping patterns amassed by retailers and sold to whomever will pay.

Equally important is what governments could do with such data. Any information is subject to subpoena, or simple seizure by government agents with a good enough excuse -- fighting crime or terrorism, for example. However, the now-infamous Jet Blue incident shows us that many businesses have no concern at all for their customer's privacy, and do not hesitate in the least to hand over their databases without so much as a simple warrant.

What happens when countless government agents, inspectors, detectives, etc. can have instant access to the most detailed information imaginable about every single item every single individual buys? Do I really want hordes of faceless bureaucrats with clipboards poring over databases that can tell them what style, color, size, and individual item of sexy lingerie I bought my wife? What if she gives one she does not like to a friend, whose police officer husband gets jealous, scans the RFID chip and links the garment to my credit card? What happens when someone buys a pack of cigarettes, leaves it on a park bench, and it gets picked up later by someone who has it on his person when he gets arrested for a crime? What if the Health Nazis just don't want Citizen X smoking so much, and can tell when he is buying more than he "should," even if he pays with cash?

Proponents point to the benefits. Opponents point to all the potential abuse databases filled with such exhaustive and intimate details are prone to. This is not mere scare-mongering, but the issuance of warnings highly consistent with how bureaucratic corporations and governments have acted in the past. Be that as it may, it is primarily the market place that is driving this technology forward, not the government, and it seems unlikely privacy advocates will be able to motivate people to reject it, en masse. Time will tell, all too soon.


TCS Daily Archives