Jerry Kang gives a summary of the conference

Jerry Kang gives a summary of the conference. Much of the conference was a focus on “technique,” and not on “politics.” If we found smart ways to do things, we should just “get along.” The conference was largely “pro-RFID against policy.”

Kang is going to Raise the Stakes.

There has been an under-theorizing about what privacy is about. It is fundamentally about the flow and control of personal data. “You should understand that information is what the spy-business calls intelligence. It is with information that you effect control.”

There is a connection between the flow of information and other people’s ability to control you. To make you buy their stuff. Because they think you are a terrorist. It is about the flow of personal data that allows people to affect control.

RFIDs are one component of a whole set of technologies and practices --- pervasive computing --- when they become both embedded and animated --- we are going to have a very different space on our hands. In Cyberspace we used to say that distance and location no longer matters. But now it matters. There will be deep invisibility --- computing will be in the walls. And all of the information economics in cyberspace that people were worried about are now in real space.

The information is being generated anyway. And if you are generating it, you might as well store it and crank through it to sell the consumer more stuff.

Once we embed RFIDs, once we make a ubiquitous wireless net, once we have sensors everywhere --- all of the information economics of cheap collection is going to happen in real space as well as cyberspace.

Even if you aren’t Madonna.

That’s a significant change. Small changes in transaction cost lead to big changes in behavior. (Some television reference to channel surfing.)

The technology is fascinating, but there are political difference that we need to explore.

“It’s choice, it’s consent, it’s control….”

What does choice mean?

What does consent mean?

What does control mean?

Names don’t help the conversation.

“Regulation.” “No regulation.” ?

What do you think the market economy is about? It’s all about regulation. The question is “which regulations.” No talk about no regulation. For Intellectual Property, you want oodles of regulation.

“Property vs. rights?”

Rights are rarely absolute in a tough society.

Property rights are rarely absolute.

I don’t care if you call it property or a “right.” Perhaps you could just call it an entitlement. In a modern society nothing is ever absolute; there are always reasons to overrule people’s preferences.

“Oh, we should make a sharp distinction between private and public.”

That distinction doesn’t make any sense in a post-9/11 world. When the next shoe drops, the public will get access to everything that is private. It won’t matter whether they can get it now or not. If it is being collected, they will get it.

Let’s focus on the substantive choices. There are 3 sets of choices.

Initial entitlement. Default Rule. Allocation of property rights.

If you think of information as a property right --- markets only function when you clearly identify property rights --- you don’t leave things in the commons. Who should get the initial right to control the information generated by RFIDs? Be up front about it.

In a world with coercion yet choice, how do people make hard choices?

How do employees make choices against strong employers? If you don’t want the job, don’t take the chip? (he said “job.”) End of story.

Societal overrides.

When does society, regardless of your preference, get access to the data anyway? We don’t care about what people want --- some kid’s life is at stake, someone is going to bomb a building --- at what point can society override our choices?

The online/offline worlds are no longer materially different. Ultimately, the labels that we have been using are not helpful. A real vetting of these issues requires that we look at the substantiate entitlements and embodiments of power.

We need to have a conversation that leads to a clash of ideals --- without politics submerged.

Steve Wise:

Please limit your follow-up questions.

Please do not speak for more than 60 seconds.

Jason Catlet from Junkbusters: “Suppose I buy a sweater from Bennetton.” I have a computer. And Simson comes along with a reader and he reads the ID off the device. He’s using my computer. Is that a violation of the computer, fraud and abuse act?

Jerry: The law on the books doesn’t tell you about law in action. I think that you could make an argument that it does violate that without being laughed and being punished in court. But we don’t know what is being done… There are lots of arguments that count with (these chips) being in the public domain. Courts have a long history of giving poor answers when dealing with the cutting edge.

BKS: An addition --- #4. Accountability. “I fundamentally believe the present system today needs a lot more of that to answer questions 1-3.”

Second concern: RFID is becoming a lightening rod for all privacy issues. There needs to be some segregation of the issues that are specifically RFID vs. all other concerns that we are concerned about. (Suggests that activists are forum-shopping.)

There are general privacy concerns; they go beyond RFID.

Steve Ross, Columbia University J School:

If the RFID technology had just developed the same way as barcodes --- you have to put them on the outside of the package --- doesn’t that solve the problems? Why does Industry want to hide the thing? (Beth said “because they could!”) That’s a fair answer, but it just doesn’t make sense to me.

Steve W: There is a confluence between the RFID industry and the paper industry. International paper is thinking about putting them into the boxes as the boxes are created.

Katherine: There is another fundamental reason. The Auto-ID center’s internal research found that 78% of consumers did not like this technology on privacy grounds. 38% thought that the technology might jeopardize their health.

David Molnar, UC Berkeley: There seems to be this idea that as long as people don’t complain, everything is fine. But we’ve seen that isn’t the case. Information from in-store trials can have meaningful privacy impact.

On Forward Security --- it’s against the day when the government comes and makes us reveal all of our keys. Someday Patriot 2 may come along and demand all of our keys. There are architectural changes that could minimize the impact of that.

Richard Clayton, Foundation for Information Policy Research:

I thought it was great, learning about this technology, that big business is going to be so open with us. That they will tell us where things were made. I will be able to go around stores and find out if the goods that I am buying come from countries that I don’t like. If I am sitting in Iraq, I can find out if it is the same GI today as yesterday, what armament he is carrying. I can find out who is supplying food to people I don’t like --- the abortion lab. I can find out if this container is worth ripping off.

These concerns --- this new openness on the part of businesses --- means that I don’t really see how businesses have thought this out. It’s going to give too much away.

Allan Friedman, KSG: In the US right now, there is an active debate about packaging and the source of manufactured goods and agricultural goods. “Buy America” first and the Green Revolution. This changes the entire shape of that policy debate.

Another standard in the work.

Steve W: We have this policy in the country where you have to label irradiated food. It is not a stretch to imagine that you would have to label RFID-tagged.

Mike Z. from WPI: People have talked about the problem of trust. That goes to the heart of this technology vs. policy split. It doesn’t matter what policies you have --- there will always be people who circumvent them, as long as technology doesn’t stand in the way. People who want to counterfeit the RFID’s to disguise the fact that it comes from a country you don’t like.

How do you know that the pull-tab actually turns the chip off?

You stick it in the microwave, there is a dummy charge that blows up.

Simson: Nobody talked about RFID chips in the Euros.

Steve Weis: The retailers --- an attack would be that I drop your items into my tinfoil lined bag and replace it with a tag that says “I’m still on the shelf!”

Stephanie Perrin: We haven’t talked about the fact (I would dispute the speaker who said that there is data protection law in the US) --- that in other countries, these things violate data protection law. A lot of these features have to be turned off right now. (Something about Article 29 committee.)

I’m concerned that we focus on the chip. The real issue is the databases that these things feed into. And the readers. One early speaker said --- the chips aren’t going to be talking to satellites. Of course they aren’t! It’s the readers that will be talking to the satellites. You can still use this technology as a system to do global tracking.

We haven’t talked much about the databases.

In a world where you have access rights, consumers can go in and demand to see what different databases have on them. That won’t work in the US --- except for companies that claim to give access to consumers --- but it is certainly going to work everywhere else. That will take away your cost savings.

Steve Ross:

Databases are hard to regulate.

Outside of the federal government, Walmart has the largest database in the US

Katherine on Satellites:

We never said that passive tags could be read from satellite. But International paper says that they are using satellites to track passive tags as they move about the supply chain in trucks. They have a passive system that reads the footprint of the truck that is connected with a GPS receiver and some transmitters that uplinks the data to a satellite.

Dian Davis, Knight Fellowship program:

The assertion was made that RFID tag privacy issues should not be confused with privacy issues raised by other technologies. But it has also been asserted that industry self-regulation is the way to go. However, the privacy issues from other technologies is precisely why there is a problem. If it is possible to separate these issues, why shouldn’t we address these issues head-on?

Larry Bidoni, Retail Technology Services:

We provide technology to retail for monitoring and regulating privacy.

One of the things that I’ve been disturbed about is that no one has discussed how much privacy we have today. Most of the issues that we’ve discussed today are minor. The largest database is not Wal-Mart but First Data Resources; they process 65% of the credit-card transactions in the country. It’s fully regulated and legislated by the financial industry, with 30 years of history behind it.

The RFID element of privacy --- the thing that this changes --- the only thing that we can hope for is not to go backwards in the privacy regulation. The privacy that we have lost is already lost.

I think that the real opportunity --- is to make the RFID identification more private , and shift away from the systems that have already failed.

Richard Stallman:

Different technologies attack privacy in different areas of our lives. You’ll find little about “me” in that transaction database because I don’t buy things with credit cards; I buy things with cash because I don’t want people to know who is buying them. You can resist (First Data) by not using credit cards.

So I came here to propose opening a second front against RFIDs.

Government regulation of RFIDs is vital, but I don’t want to depend on that.

I call on someone who has the necessary skills to develop and sell to the public a cheap RFID detector and locator.

(perhaps a reader detector?)

What I want it to do is to help me find that there is an RFID in my shoe and it is exactly there --- a direction finder --- you should be able to hone in and find out where it is, and cut it out. Or use the second product, the RFID zapper. Focus enough energy on it that it will never work again. (He isn’t going to rely on “kill.”)

This is no substitute for regulation. We can’t depend on Americans to have the sense to defend their freedom. But if some tens of thousands of people buy this, they will be monitoring how RFIDs are used. These people will be generators of public pressure.

Finally, somebody from AutoID said today --- that people will have a choice whether or not objects in their house talk to something. It’s very easy to fool yourself as to whether or not people have a choice. You don’t have to use Word. And you don’t have to send files in Word Format. But many people say to me that I don’t have a choice.

Now, I’ve proved that you can make your own operating system. Yet people feel that they have no choice. So we have to be very careful.

Simson:

(don’t worry about me; I’ll just type my comments here.)

Peter: I said it would be very interesting if such devices were available. Not only could you zap the tag in your shoe, but you could zap the tags (at Wallmart). If anybody thinks that

Anna from Brown:

As time goes by, these devices will become more sophisticated. We can put more sophisticated algorithms on them in the future.

Jerry:

I don’t want to get deterministic by suggesting that things only go in one direction. But I strongly disagree with the idea that once we give away substantial privacy protection, or implement an infrastructure, that we can change our mind later on. It’s better to think about electricity and modern plumbing and cars. Sure you can opt out. But how successfully? And when we are talking about matters of convenience, the technological frame that we are born into seems normal.

When our children get born into a society where everything as a computer chip, they would think that it is insane that people don’t want to embed chips in their hands.

Preferences are formed by culture.

The choices that we make today alter the preferences for tomorrow. (for our children.)

Are we going to turn back the clock on 802.11, 3G, GPS, etc? I don’t think so. We aren’t going to be able to correct those mistakes anytime soon.

David Molnar, UC Berkeley:

I like the automobile metaphore; you can think about seatbelts for automobiles.

A lot of the application for post point-of-sale of RFIDs --- they don’t need the unique identifier. They just need “I’m blue.”

Simson: Although you may need the unique identifier for returns.

Katherine: She was speaking with a 15-year-old girl about shopper cards. The girl said “How would they know what you bought, otherwise?”

I’ve probably spoken with more consumers about privacy and purchase tracking issues than anybody else in the room. I have 100,000 emails. I’ve never seen an issue where people from the left, the right, have come together on an issue. This is giving people a place to push back on what they see as a decade of invasive anti-privacy practices.

I think that we all agree that we have a big problem that we have lost a lot of our privacy to corporations, to governments, to tracking.

Everybody is starting to realize that there is a real problem.

We are really on the verge of a big consumer revolt on this privacy issue. I hear from them every day.

???

We bring up privacy issues. Why not propose a freedom of information act for corporations? If they have a database entry with our name on it, we should be able to get that information.

Kill tags --- what’s wrong with using magnets? (they don’t work.) How much would be necessary to zap them. (With a magnet? You can’t.) There have been discussions about using cryptography. How much can you actually fit into 33 bits. What type of security do you get?

Steve: With today’s technology you cannot do powerful cryptography on the chips. But in 5 years you might see fairly powerful symmetric cryptography and public-key cryptography. Right now you have 5K – 10K gates. That’s below what you need for AES.

Steve Ross:

On credit-cards. Every few months I get another insert on my credit-card bills. They are doing away with another piece of my privacy. What is the politics behind this? Obviously there should be a ground swell for us to get better regulation of the credit-card industry. They are incredibly centralized. Yet it hasn’t happened. Is it the fault of the media? Of academia? If we can’t do that, how can we do RFID? Katherine?

Jason C:

The credit-card companies are not making their policies worse; they are just telling you the bad news because they have been forced by federal legislation to send disclosures. There has been attempts by privacy activists to get better state and federal legislation concerning financial legislation. The idea would be to get an opt-in --- they can only disclose your information if you consent. There is a large battle there, which his largely being lost.

But I wanted to come back to the analogy of automotive safety with RFIDs; Ralph Nader wrote Unsafe at Any Speed. He forced them to install safety features. Now we are in a world where companies put in their marketing safety features. GM could have embraced safety.

Stephanie Perrin again:

The issue of trust: If we are talking about a major shift in the power structure. The question of “who are you actually going to trust, and what ethical responsibilities go with that trust,” is prime. The companies have a responsibility to let people know that. And the government has a responsibility to let people know that they can read it. And the retailer --- is going to be responsible – there are fiduciary responsibilities for telling the consumer that they cannot trust this product in this environment. How are we stepping up to that responsibility.

Katherine:

On the perception notion: No matter what it is you are fighting, you can feel that it is such a loosing battle that it is not worth raising your head.

Scott mcNeally: “You have no privacy; get over it.”

People who the AutoID center refers to as apathetic; I would call them “beaten down.”

Those people are probably feeling like it is hopeless to fight.

I also want to address what Dan White brought up from NCR. The argument: “don’t worry about the privacy invasion that comes from RFID, because you have already bought into the invasion from your cell phone, you credit-card, etc.” You get hit with this stuff --- get over it. It’s really demoralizing. What I’ve been seeing, and this has been helpful, what I will say --- if I were a doctor and you came to me and said “I have a broken arm and two broken legs,” my response would be “gee, how did you get into this mess?”

What we are hearing is “I’ll just break your other arm too, because you’re already in trouble.”

This is really crystallizing for us --- that if we don’t get our act together, it is over.

By the time I am old and grey, there will be nobody left who will remember a time when you could walk into a store and pay cash for something.

20 years form now the kids growing up today will say “I don’t want this RFID stuff” but their kids will accept it.

Steve Katz, SBC labs:

The initial entitlement of the data --- is this a legal question? Do we need new areas of law to be created? Is this any different from the law as it applies to other types of data as goods are being manufactured and put through the distribution channel?

Jerry Katz: That’s a great question. Intangible does exist in the form of intellectual property.

(Richard Stallman says “No, it’s just a mix of patents, trade marks, and copyright.”)

Let me just answer the question --- do we have property-like laws on privacy? The answer is “no.” Most information about us is created in banal transactions with an information collector that provides us with goods and services. Are there property rights generated? No. It is in the commons. Any one who sees it can make use of it. There are exceptions --- like video rentals.

The other is the right to publicity. If you are a super-star, you can stop others from making a dime off your pretty face.

People who say “don’t regulate, let the market settle it.”

But ... if you force them to choose, they must say “give it to the individual” or “give it to amazon.” If they give it to Amazon, then these organizations will have a hard time saying that they are in favor of privacy. But if you give it to the individual, they will have a hard time buying it back.

(See chapter 7 of Database Nation.)

Person from Johnson and Johnson:

A lot of the information security principles can be applied here. We can leverage lessons learned. A big thing is user and community awareness and education. Make people smart enough to make an informed decision. We are going to do this technology. It’s not “are we going to do it or aren’t we.” We are going to do it. Let’s do it well.

Look at 802.11(b): Let’s learn a lesson. It looks like we are getting ready to do that again. (Best Buy deployed unsecured 802.11 networks.)

Things like SB1326, HIPA, GLB --- regulation is possible.