Feeds

US.gov tunes out scathing RFID privacy report

DHS committee study 'disavowed'

Choosing a cloud hosting partner with confidence

An external security advisory committee reporting to the US Department of Homeland Security has produced a highlight critical report (PDF) advising against the use of RFID technology in government documents.

But the scathing analysis remains stuck in limbo, as a draft report, while the government pushes ahead with plans to include RFID tags in everything from passport and diving licences to library cards.

The Data Privacy and Integrity Advisory Committee of the DHS concludes that RFID chips are useful in inventory management but aren't suitable for human identification, where privacy issues remain a concern. Using RFID tags to identify miners or firefighters more quickly may be a sensible use the technology. Where the technology falls down is where it's used to verify identity, where the experts reckon it offers little advantage over previous technology while creating the possibility that data held on RFID chips might be intercepted by undesirables.

"RFID appears to offer little benefit when compared to the consequences it brings for privacy and data integrity. Instead, it increases risks to personal privacy and security, with no commensurate benefit for performance or national security," the report states.

The experts advise that "RFID be disfavored for identifying and tracking human beings. When DHS does choose to use RFID to identify and track individuals, we recommend the implementation of the specific security and privacy safeguards".

The draft report was criticised by the RFID lobby when it came out in summer but a Homeland Security spokesman denied suggestions that anyone is trying to spike the study. "The committee is still soliciting input and the draft report is on its website, so I guess they are proceeding," he said.

Civil liberties group the Center for Democracy and Technology is also critical of the report because of its failure to recognise the reality that RFID technology is already widely deployed. The committee needs to produce suggestions on how the RFID-chips can be more securely deployed instead of advising government to avoid the technology. Jim Dempsey, the policy director for the CDT, told Wired that the report was "off-target".

Jim Harper, a Cato Institute fellow and member of the advisory committee, remains hopeful that the committee will vote to publish the report so that it can influence the PASS card, an RFID-based system designed to act as an alternative to passports for US citizens returning from neighbouring countries such as Mexico and Canada from 2008. "If we don't have a report out before the (PASS card) comment period ends, then we are irrelevant," Harper told Wired. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.