Good
This is Good.
RFID tags used in retail products will have to be deactivated at the point of sale to protect consumers’ privacy under draft guidelines drawn up by the European Commission (EC). A public consultation has been launched that will run until 25 April 2008. The EC hopes its recommendations will be adopted by all 27 member states by …
"She recommends that retailers automatically deactivate the RFID tags at point of sale unless the consumer chooses to leave it active"
Read by retailers as "Put a small sign up in the shop informing people that by buying something they are agreeing to have an active RFID tag, please ask a member of staff to have it deactivated."
Dust won't settle on this as retailers state that "having the ability to deactivate the rfid won't help us fight shop lifting."
Mines the one under the tinfoil hat.
What the Hell do people think an RFID tag is?? It's nothing more than a passive transmitter of a unique code, just like a UPC label is a unique code for a particular brand and type of toothpaste. You take your product with the RFID tag, remove it from the box and discard the box/wrapper/tags and the RFID tag goes with them.
People act like they're going to be running around like tagged polar bears or something with a blip on a government screen tracking their location in real-time.
"Just because you're paranoid doesn't necessarily mean that nobody's out to get you, but there's no reason to be ridiculous about it, either." - Anon
Well that's next year's entertainment nipped in the bud then. I was rather looking forward to being able to scan people's shopping while walking down the street and take the piss 'cos they'd bought Tesco's pikey beans rather than Heinz.
Bit of harmless fun.....my tax euro......grumble, grumble......
1) Pick up a garment in a store with RFID tags.
2) Purchase with credit card.
3) Name now linked to RFID tag.
4) Sell data mined to marketing companies.
5) ...
6) Profit!
Please bare in mind that that clothing often does not come in packages, and therefore will require to have the tag woven into the label or the fabric itself.
I fully intent to build the RFID-killing disposable camera if shops evere start using these systems, and paying by cash when I buy the item.
fantastic news! for once the EU is actually proposing something that is intended to give us back some freedoms and privacy.
however, i for one can't see this actually becomming reality, especially here in UK. my reasoning? simple...
i've been watching closely how the UK government are pushing very hard for more RFID tracking of it's citizens/residents. (like the new passports and oyster cards for example)..
and that's nothing. the UK gvt want us all to have rfid chips implanted into us, and are currently pushing to make it law that anyone convicted of a crime must be 'tagged' with one... and that's just the beginning!
the UK gvt need general acceptance of this technology to eventually get away with this plan, and this porposed EU law (especially the part about any RFID enabled product be clearly labelled) does exactly the opposite.
it opens people's eyes to the fact that rfid tracking is unethical invasion of privacy, and very undesirable.
ok, i realise that they're talking about consumer products and not 'government' ID and such (which will no doubt be exempt from this), however my point about the general 'acceptance' of the technology is valid.
Not that I want to get into a fight about this, but just for the record...
Many RFID tags are not just on/in the packaging. Have a look at the size / washing instructions label of a recently bought item of clothing and you will often find an RFID tag glued behind/inside it. You have to look for it though; they are not in plain sight. I'm not being paranoid here - I'm just pointing it out.
"...for once the EU is actually proposing something that is intended to give us back some freedoms and privacy..."
well, i'm no fan of giant transnational bureaucracies myself but - compared to the human rights trampling, american arse-licking domestic government we have here in the UK - the EU has a pretty good track record of standing up for the rights of the individual citizen IMHO.
of course the tabloid press - pandering as usual to those great british traits, 'xenophobia' and 'ignorance', loves to portray the EU as some kind of cross between nazi germany and the keystone cops; faceless bureaucrats in brussels who want to force us to drive on the right, eat metrically square bananas and fart in french.
but if it comes to a choice between the EU and this blair/brown administration of the 51st state of america, i know who i'd be more willing to trust with safeguarding [what's left of] my civil liberties.
----
coat because some day the last person to leave britain will have to turn out the lights.
Buying something in store which isn't tagged, with a credit card would produce the exact same data trail as someone buying RFID tagged items with a credit card. Haven't you ever read a till receipt. It tells you exactly what you've bought and what you paid with......
Fair enough, I can understand wanting to have them deactivated once you left the shop, but if I understand correctly, isn't a RFID tag just a barcode that can be scanned without having to physically move the item over the reader. So as long as the tag is deactivated or wiped as it passes through the scanner, then what's the problem?
Mines the coat with the logo "Scan me, I really don't care"
Not quite, the RFID tags are individual to each item, so each tube of toothpaste will have it's own number.
The tracking implications are quite big, especially if used with a card payment.
All they need is a RFID destroying/deactivating system that shoppers can use after sale. (but not shoplifters)
Generally retailers are simply encoding the equivalent of a SKU in tags. This definitely causes privacy problems...even if I rip off the tag and throw it away some enterprising person will scan the rubbish to discover what I've just bought.
Fundamentally, the problem is encoding information in the tag rather than associating a random identifier with lookup information in a database. So long as there is no info encoded in the tag, privacy concerns can be address.
Trick is that computationally, that's going to be expensive for quite a while...that's a whole lot of lookups...
Wal-Mart RFID trials already tie back debit/credit card purchases with the customer and the products purchased. All data is captured and stored but private info is obfuscated (for now) to prevent internal users from harvesting it.
At a symposium Wal-Mart put on a few months ago they said that while they did not currently use this data, they might in the future, but they wanted to start collecting it now to test system integrity and security. I was there and I was scared.
Always PAY CASH!
Deactivate Brussels would make everyone happier? It's just a big quango inventing importance for itself and doing it badly.
And with sticky fingers in the till, too. No wonder Tony's sniffing around the tradesman's entrance.
Firefox tells me I've used this title before, but it's a good one so here goes anyway:
I don't know whether to laugh or weep over the ceaseless efforts of the MW's (marketing wonks) to psychoanalyze us via data mining. They think that if they can fully log all the online ads you click on, the web pages you visit, and the products you buy, the inner details of your loathsome psyche will be dragged kicking and screaming into the daylight, the better to force unwanted further purchases on you. Or brainwash you into voting for Huckabee (are RFID's biblical?). Or something.
The TJX mess appears to have been due to marketing wonks hanging on to personal information, but I suspect TJX has learned a lesson: buying a couple of bags of coffee beans at my local TJX outlet the other day, I mentioned TJX's security woes to the cashier; she replied that they no longer keep any personal information on file at all.
Marketing wonks = stupidity, nosiness, and unsubstantiated snake oil.
Question: has anyone ever had anything effectively marketed to them via this kind of strategy? I suspect that there are very few positive results, but of course the MW's won't admit it and then have to go get an honest job selling their bodies or digging ditches.
"Please bare in mind that that clothing often does not come in packages, and therefore will require to have the tag woven into the label or the fabric itself."
I purchased a jacket at WalMart which had a security tag tucked away in the lining. The cashier failed to de-activate it at purchase time and for a year after that every time I exited a store which used the same security system, I triggered the alarm until I was in an HMV, triggered the alarm and the store manager located the tag and we removed it. the tag was simply tucked in, it was not woven into the fabric.
I vote for decativing
RFIDs that are left in your clothes can track which stores you go into and even where you are in the store. By putting RFID readers in each rack of clothes, they can tell how long you were browsing, and later if you actually purchased it. That's great info for a retailer.
Now, if several retailers get together and link their databases, they now know that you spent 30 minutes in the coffee shop, 45 browsing for new jeans (but didn't buy any), 15 looking for new non-fiction books, 30 in the erotic novels section, 5 looking at hemorrhoid cremes... sure you can pay for cash, but if you've got one RFID connected to one credit card purchase, then they can track everything you do.
"You take your product with the RFID tag, remove it from the box and discard the box/wrapper/tags and the RFID tag goes with them."
D'er, yeah! That's the point, everything you buy has a unique serial number tied to your debit card/loyalty card/ID card, this opens up all sorts of issues, as a single example, rubbish - Councils charging you a penalty if they don't like what you've put in your bin *as most of us know, they have introduced this technology into bins and bin lorries). Insurance companies will ask you to sign a Permissions to Disclose Bin Contents form much as they do with medical records. How about the Council's Community Enforcement Team sending round communist officials to help you devise a life-plan based on what you buy or your diet (which they collected from your bin RFID chip and packaging RFID).
Firstly, shouldn't you all have your knickers in a knot about being subjected to all the RF needed to trigger a response from an RFID tag instead of the possibility of overlooking one of the little buggers when you ready your purchases for first use? Or has all the RF from your cell phones already impaired your brain function?
Nobody is going to bother serializing the entire universe of tubes of Crest just so they can identify exactly which one you bought. The expense of creating unique RFID tags and then recording the serialized history of a product in that fashion would far outweigh any perceivable marketing benefits. It's just got the product's SKU encoded in it.
There's a whole shit-load of privacy and civil-liberty issues you really should be concerned about. Not trivial b.s. like this.
If all the tags are deactivated, how will my kitchen know what I just bought or just used. I need those tags to continue working until they leave the house in a trash bin.
The trash bin can deactivate the tags. Can't people knowing what I had for dinner without forcing them to rummage through filth. Fair's fair.
Well, I think, these companies, don't know what they are in for....
in an attempt to harvest more information and they don't realize, that they are making an an inherently insecure system available to thieves and basically inviting them to steal goods.
And any judge who has some sort of brains should let the thieves get away with it.
Additionally the decision makers should be sued for gross negligence.
Anything that does not require a wired connection has far more break-in potential.
The transmitters are currently double the size of a wireless router.
soon you'll have them at the size of a cigarette box and then connect them via bluetooth to a PDA and off you go. some nice hacking software, the lack of encryption in these chips makes life even easier (currently they do not support any decent encryption).
Anyone get my drift here!
for crying out loud, it's like a willing prostitute standing in the public, in full nudity, and telling every male to f***beeeep*** her for free.
after the deed is done she goes to the police and claims it was rape.
I know the comparison doesn't quite match up, but I am sure most people understand what I mean.
bar codes are generally far more difficult to manipulate, since usually this can be seen. (yes I know....blablabla...you can replace the sticker etc....).
I change profession when they do this.... *grin*
there are 2 types of RFID use
the first is to put individual codes in each item to allow you to track each item, this is the type most people talk about. this s what most people think about when someone mentions RFID, and these are typically used in warehouses to track pallets etc.
then there are basic tags that just contain the same information at the barcode, or indeed some contain nothing - these are used simply for anti-theft purposes. the reason that you can't just have the tills scan your basket and pay for it automatically is because the stores do not have this capability. Just take a tag from one store that hasn't been deactivated and walk in to a different store that doesn't even sell that product and watch their alarms go off to prove this.
one person I work with had a B&Q visitors badge in the bottom of his bag for a year, they have an RFID chip to stop you accidentally walking out with it (guess it worked well considering the number of B&Q stores he walked in to and out of again with the thing still in there). this visitors badge also triggered the alarms for several other stores as well - if they were able to identify the exact product in the type of detail many think they can then they wouldn't be trying to claim he had stolen a B&Q visitors badge from a clothes shop!
companies use RFID to stop theft not to track people, it's too expensive and has no extra benefits so they use a cheap system that just tells them someone is walking out with a product that hasn't been deactivated
the fact that companies (like M&S mentioned above) pay thousands a year per store to have a stock take done (which involves scanning barcodes), just goes to show how uneconomical it is to use RFID tags for stock control purposes in such situations - which is why it will stay confined to the warehouses. not to mention the issues with putting complete faith in RFID data being reliable is a bad idea when thieves have access to the products to remove/break the tags.
AC because as you can guess I am one of those that does the stock takes for both B&Q and M&S (as well as others) - I wish a stock take was just walking around with an RFID scanner, would be a lot easier than a team of people scanning every barcode!
although I did find it humerus when we were called in to one store to do 4 stock takes in a row to asses the effect of an RFID trial on thefts, considering the primary purpose of RFID tags was meant to be to eliminate the need to do stock takes.
For of all, ignore the moronic and utterly stupid adverts that IBM chose to foist on everybody recently where, through the "magic" of RFID, the packages knew that the truck was in the wrong place. An RFID tag itself, can track nothing, it can do squat diddley.
Broadly there are two types of RFID tags - "active" and "passive". Passive tags rely on inducing power in the circuit using an external device, when powered in this way the tag will broadcast its data. The range of passive tags is quite limited due to the obvious problems in getting power efficiently to the device, then the amount of power that can be induced into the emitter. Active tags come with some form of power source and, due to the relative power of this power supply compared to that available in passive tags, have a much longer range.
So what's the difference between RFID tags and barcodes? Both store data, an ID of some form - with barcodes we're used to seeing the code itself, however many products have multiple barcodes or 2-D barcodes that store more information. This extra information is usually a unique identifying ID for the product, batch number, expiry date or something similar.
The trouble with barcodes is that they require direct line of sight to read them. RFID scanners don't require direct line of sight, although they have their own problems (metallic objects, water, etc). Barcodes are very cheap and reliable and if the barcode itself cannot be machine read, the code can be typed in manually. RFID tags are nowhere near as cheap and aren't especially reliable and there's no manual fall back.
So where does this really leave us? Yes, if you have RFID tags on you and somebody comes by with a reader, they can read them. Given the range of passive readers it'd be a bit obvious and the perpetrator would have to wave an item like a security wand over you - not exactly subtle. Naturally, things are changing and more sensitive / higher powered / more directional devices are being manufactured all the time. Of course, standing there with an "iStore" bag does make it equally obvious where you've been shopping. Active RFID tags *should* actually be less of an issue as they should only respond and transmit when they receive defined broadcast keys - needless to say if you got hold of these keys then you could trigger the RFID broadcast anyway. These are the possible security issues with RFID tags - not any "magical" linking of purchases and real time locations.
That's the additional tracking the RFID allows - marketing profiling has been going on all the time anyway and it won't get any worse or better with RFID tags.
By the time the stuff hits the door -- Tesco (et. al.) have already beamed your details, including your credit card or bank card, account numbers, and list of everything you have bought to the central database.
Once there, the records of EVERYTHING you have ever purchased is happily data mined to figure out what you are likely to purchase in the future, or what you may need to 'compliment' what you already have so that 'relevent advertising' can be pushed in your face. (Sounds a lot like Google, doesn't it!)
Now that several ISPs in the UK are planning to 'inject' advertising onto web pages AS YOU SURF them -- we have a very handy way to have Tesco (and other retailers) partner with the ISPs to REALLY be able to push the ads in your face.
The worst is yet to come - stay tuned!
3 problems:
1) They probably won't be green as being hidden, they will just be disposed of... unless the sheer volume of chips requires some sort of recycling / revalorisation of the chip's materials
2) number depletion: How big a number is stored on an chip? In my online sales shop, with about 30 purchases a day, I use a 32 bit unsigned autoincrement number... but large retail store chains could smoke that limit quite quickly - especially on a worldwide basis...
3) With the ambiant horror surrounding health harming
- GSM emissions,
- Power cable emissions,
- Wifi emissions,
How long until some eco-nazi starts going on about the dangers of being in constant proximity of an rfid emitter for 8 hours a day.
Godwin invoked. Mine's the long black trenchcoat and I'll goosestep home.
Smartstores are stores that use smart shelves, smart cards, smart carts, and dumb consumers.
They will be like Amazon in that they can recommend this and that and this info is too valuable for retailers to not use.
You can bet your bottom dollar/credit that retailers will identify you as much as the law allows. Competition will see to it.
Welcome to the future. "Would you like to purchase this product based on your previous purchases?"
I hope something does.. but here's me being pessimistic.
RFID's can be incredibly small and there are plans to make them even smaller still.
They don't have to be very smart to be cost effective. All you need is something like a 128 bit number, which for all intents and purposes are large enough to ensure a unique identity for each goddamn RFID.
Ultimately, you could be tagged and not even know.
The main advantage of deactivating RFID tags is that if I buy items in one shop, then I go into another with an RFID scanner on the checkout, if they have access tot eh database of tag codes, they will be able to correlate purchases of items in ther shop with other products, and if I pay with credit/debit/EFTPOS, then this enables them to build up a better picture of what I buy. This is a fairly small thing, but some people don't want everyone who cares to find out what I have bought.
One other advantage, which affects everyone, not just the tinfoil-hat brigade, is that if a criminal could use a portable scanner then they could identify people potnetially worth mugging by just walking past them, since even without the database of codes, most RFID-protected items are small or expensive, and that the carrier of many such items is likely to be worth robbing.