Feeds

US.gov tunes out scathing RFID privacy report

DHS committee study 'disavowed'

Choosing a cloud hosting partner with confidence

An external security advisory committee reporting to the US Department of Homeland Security has produced a highlight critical report (PDF) advising against the use of RFID technology in government documents.

But the scathing analysis remains stuck in limbo, as a draft report, while the government pushes ahead with plans to include RFID tags in everything from passport and diving licences to library cards.

The Data Privacy and Integrity Advisory Committee of the DHS concludes that RFID chips are useful in inventory management but aren't suitable for human identification, where privacy issues remain a concern. Using RFID tags to identify miners or firefighters more quickly may be a sensible use the technology. Where the technology falls down is where it's used to verify identity, where the experts reckon it offers little advantage over previous technology while creating the possibility that data held on RFID chips might be intercepted by undesirables.

"RFID appears to offer little benefit when compared to the consequences it brings for privacy and data integrity. Instead, it increases risks to personal privacy and security, with no commensurate benefit for performance or national security," the report states.

The experts advise that "RFID be disfavored for identifying and tracking human beings. When DHS does choose to use RFID to identify and track individuals, we recommend the implementation of the specific security and privacy safeguards".

The draft report was criticised by the RFID lobby when it came out in summer but a Homeland Security spokesman denied suggestions that anyone is trying to spike the study. "The committee is still soliciting input and the draft report is on its website, so I guess they are proceeding," he said.

Civil liberties group the Center for Democracy and Technology is also critical of the report because of its failure to recognise the reality that RFID technology is already widely deployed. The committee needs to produce suggestions on how the RFID-chips can be more securely deployed instead of advising government to avoid the technology. Jim Dempsey, the policy director for the CDT, told Wired that the report was "off-target".

Jim Harper, a Cato Institute fellow and member of the advisory committee, remains hopeful that the committee will vote to publish the report so that it can influence the PASS card, an RFID-based system designed to act as an alternative to passports for US citizens returning from neighbouring countries such as Mexico and Canada from 2008. "If we don't have a report out before the (PASS card) comment period ends, then we are irrelevant," Harper told Wired. ®

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
Carders punch holes through Staples
Investigation launched into East Coast stores
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.