You are probably already familiar with some RFID applications like E-Z Pass: the device on your windshield that allows you to pass through a toll booth without stopping to toss a token in the basket. Your probably don't give it much thought, but here's how it works. The tag "transmits" a unique ID number to the toll both receiver. This ID is matched to your account, and the toll is debited. Of course, the time and date is also recorded in a database so it can be listed on your monthly statement. E-Z Pass is very convenient. You probably enjoy zooming past all those chumps backed-up in the cash lanes. But… unless those cash-payers and their license plates are being photographed (possible), they are traveling anonymously. You're not. For sure, there's a permanent record of your passage, accessible to the police, government agencies, private investigators, divorce lawyers, and other unsavory characters. Most people never consider this. I have. But I use E-Z Pass anyway. I also love my Mobil SpeedPass (but keep it in the car ashtray instead of on my keyring – you'll see why in this article).

While I like to keep my private life private (you can read my last article on privacy here), I recognize there's a trade off when driving. I'm willing to give up a little bit of privacy in exchange for the convenience. But I do it with full awareness. Same thing with a cell phone. Even without one of the newer GPS-enabled phones, your whereabouts can be determined with a fair amount of precision by triangulating between cell towers. Any time your phone is on (even if you're not on a call), it's transmitting your ESN (Electronic Serial Number), which can be traced back to you. But you know this. You have the option to go into "stealth mode" by shielding the E-Z Pass tag, switching off your cell phone, paying with cash instead of plastic, using coins in the payphone instead of a calling card, etc. RFID's are different. You have no control over whether they're on or off. You probably don't even know they're there in the first place. An RFID has no on/off switch. Most have no batteries and as a totally "passive device," can "live" forever.

Passive device. What does that mean? Think of a church bell. Most of the time it just hangs there, silently. However if Quasimodo comes up and strikes the bell with a clanger, it will ring out. The peal is a vibration at the bell's natural frequency. A larger bell will have a lower pitch (frequency) and a smaller bell a higher one. This resonant frequency is a fundamental physical property of the bell. RFID's are the electronic equivalent. Most of the time, they just sit there. However, when "struck" by a radio signal, the RFID will "ring out" its own unique ID code. Clever, no? Manufacturers love high tech RFID's. They're cheap – about a dollar apiece now, although rapid advances in technology will bring them down to a penny or less shortly – and enable products to be tracked all the way through the supply chain. From factory to rail car to warehouse to truck to store, each individual inventory item could be monitored. I have no problem with this part of it. Think about how helpful this could have been during the Tylenol poisoning incident many years ago. Besides, I'm all for making businesses run more efficiently.

The problem exists after the sale. If the RFID is not removed or deactivated at the point of sale, it will live on forever. If the purchase information was recorded, that ID code could easily be linked to your name, address, or even the other items you bought at the pharmacy that day. Does this bother you? It can get much worse in the near future. Luckily, serialized RFID's are not yet widespread (although non-uniquely identified RF devices have been used for years as anti-theft devices). I'm talking about the high-tech varieties in this article. Mass privacy-invading initiatives have not been widely deployed – so far. But all the technological bits and pieces are now in place. Tests are underway, and they're disturbing. The British supermarket chain Tesco has admitted using RFID's embedded in certain products to track customers through its stores. Anyone picking up a pack of Gillette Mach3 razors at the Tesco in Cambridge will have his or her picture taken. The RFID triggers a closed circuit TV camera when a package is removed from the shelf. At checkout, the RFID triggers a second camera. Security staff then compare the images, ostensibly as an anti-theft measure.

Current miniature RFID's have limited "data storage," so they're mainly used like the UPC bar codes on a box of corn flakes. Like a model number rather than a unique serial number. However recent advances have upped this storage capability to enable each item to be individually identified.

One frightening aspect of these individualized RFID tags is that they can be read, silently, by almost "anyone" for any reason they choose. It's not like the original manufacturer has any special key to read the tags. They're in the open. A private investigator, for example, could place a detector in a doorway and covertly track people who revisit an area.

Surely, once large numbers of "live" (i.e. not deactivated/zeroed) RFID's escape into the wild, marketers and database compilers will start to capture and use our personal information – in ways we consumers wouldn't want – if we knew what was happening. Wearing my "marketing guy" hat now, I can tell you this prospect is very appealing, and we marketing-oriented folk are a crafty lot. We'll toe right up to the legal line (if you let us) seeking any competitive advantage available. Putting my consumer hat back on, I can tell you that strongly worded legislation is needed to protect us from potential abuse of this technology. RFID's must be permanently and irreversibly deactivated at the point of sale and/or they must be attached to removable warning tags.

The importance of irreversibility became clear in March of this year when apparel maker/retailer Benneton announced plans to attach millions of washable RFID's in their clothing line. Benneton's so called "Smart Labels" cannot be permanently disabled. While these Philips Electronics I.CODE devices can be "put to sleep" at point-of-sale, they can also be awakened at any time in the future. Due to public outcry, Benneton has backpedaled on this program, but have yet to definitively state they won't implement it.

This has been a different kind of article than I usually write for The Urbach Letter. Most of my stuff is how-to (six ways to do this, eight ways to do that…). In this one, I'm just warning you about something that may come to be (that is, widespread monitoring of personal tags without your knowledge), without giving you any great solutions…

I'm hoping this heads-up will raise your awareness of the issue, and possibly motivate you to boycott retailers who are willing to compromise your privacy this way. I also hope you'll support legislation to outlaw or strictly control the dissemination of live RFID devices past the cash register.