RFID Test at U.S. Borders

Filed in archive Privacy and Security on February 1, 2005

The U.S. Department of Homeland Security is going to test RFID tags at border crossings in Arizona, Washington state and New York. RFID is designed to track visitors to the U.S., and will match up entries with exits.

I am glad to see that Homeland Security took my advice and will not embed personal identity information in the chips themselves:

To protect privacy, the government assures tags won't include visitors' personal or biometric information. Rather, they will contain only serial codes that links to visitors' information securely stored in databases used by US-Visit. The serial codes would be meaningless to any third party trying to collect that information. The tags also will be tamper-proof and difficult to counterfeit. Information on the tags cannot be changed, and the tags will only be activated once they're officially issued. These factors will prevent so-called skimming, which is the use of unauthorized reading devices to capture information from RFID tags, the government contends. Also, authorities say, it'll be impossible to track the whereabouts of someone holding such a passive tag without a corresponding reading device.

The government hasn't decided whether the RFID tag would be affixed to passports, visas, or other documents visitors must carry during their stay in the United States. That will be determined during the test. A Homeland Security spokeswoman says whatever the decision, it shouldn't slow visitors movements through border crossings.

OK, OK, so nobody actually asked MY advice. But back in October 2004 I noted that storing security codes rather than personal information in RFID chips made sense, in the plan to include RFID in U.S. passports.

Even so, the American Civil Liberties Union is critical of the current visitor tracking plan and RFID in general. In testimony before Congress the ACLU warned of the seemingly inexorable drift toward a surveillance society.