<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>comments - article on RFIDs at the Summit</TITLE>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<STYLE type=text/css>BLOCKQUOTE {
PADDING-BOTTOM: 0px; PADDING-TOP: 0px
}
DL {
PADDING-BOTTOM: 0px; PADDING-TOP: 0px
}
UL {
PADDING-BOTTOM: 0px; PADDING-TOP: 0px
}
OL {
PADDING-BOTTOM: 0px; PADDING-TOP: 0px
}
LI {
PADDING-BOTTOM: 0px; PADDING-TOP: 0px
}
</STYLE>
<META content="MSHTML 5.50.4134.600" name=GENERATOR></HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Happy and successful New year Adam and
all</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>A special thank to Adam for this revealing but
worrying identity badge story. </FONT></DIV>
<DIV><FONT face=Arial size=2>Yet the fundamentals of this non glorious swiss
technology achievement was known by a number of CS members, especially those
very clever in "security/internet issues", they used to deal with daily in
specialised CS circles (caucuses, working groups, lobbying groups). But nobody
raised any appropriated protest during our CS meetings, nor were there any fears
transmitted to the CS Secretariate. Instead, some zealous CS members urged us to
sent the CS Secretariate all our thanks for the "brilliant job" they did
! A very obedient and curious CS indeed !</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2>Best regards</FONT></DIV>
<DIV><FONT face=Arial size=2>Jean-Louis Fullsack</FONT></DIV>
<DIV><FONT face=Arial size=2>CSDPTT</FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<BLOCKQUOTE dir=ltr
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=ajp@glocom.ac.jp href="mailto:ajp@glocom.ac.jp">Adam Peake</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=plenary@wsis-cs.org
href="mailto:plenary@wsis-cs.org">plenary@wsis-cs.org</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Cc:</B> <A title=aep@it.kth.se
href="mailto:aep@it.kth.se">aep@it.kth.se</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Monday, January 05, 2004 1:38
PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [WSIS CS-Plenary] comments -
article on RFIDs at the Summit</DIV>
<DIV><BR></DIV>
<DIV>Story below from the Washington Times about the identity badges we were
required to used during the Summit. I've annotated with comment/additional
information in {<I>italics</I>} (if your email only takes plain text, just
look for the curly brackets). Thanks to Alberto for checking my
notes.</DIV>
<DIV><BR></DIV>
<DIV>Security of course important, but so are the concerns this issue
raises.</DIV>
<DIV><BR></DIV>
<DIV>And a very Happy new year to all!</DIV>
<DIV><BR></DIV>
<DIV>Thanks,</DIV>
<DIV><BR></DIV>
<DIV>Adam</DIV>
<DIV><BR></DIV>
<DIV><BR></DIV>
<DIV><BR></DIV>
<DIV>Summit group confirms use of ID chip</DIV>
<DIV>By Audrey Hudson and Betsy Pisik<BR>THE WASHINGTON TIMES</DIV>
<DIV>Published December 18,
2003<BR><http://www.washingtontimes.com/functions/print.php?StoryID=200312<SPAN></SPAN>17-115051-5373r></DIV>
<DIV><BR></DIV>
<DIV>Organizers of the World Summit on the Information Society yesterday
confirmed that badges worn by high-level attendees were affixed with
identification chips some say were unknown to the forum's participants.</DIV>
<DIV><BR></DIV>
<DIV>{<I>That RFIDs were used was not disclosed publicly before the Summit
began, or to my knowledge, announced during the Summit.</I>}</DIV>
<DIV><BR></DIV>
<DIV>However, a spokesman for the International Telecommunication Union (ITU),
which was the host of the three-day event in Geneva last week, scoffed at
concerns by privacy advocates that the technology could monitor an
individual's movement or that the data it collects could be misused.</DIV>
<DIV><BR></DIV>
<DIV>{<I>The RFID was in the name badge, and associated with a database that
contained all the information about the badge owner that the person submitted
during pre-registration. That information was a minimum of name, position,
affiliation, email address, nationality and date of birth. Much more
information was requested as optional, from passport number and place of
issue, to arrival and departure dates, hotel, and so on. Potential then is to
associate this information with other data: for example the Summit secretariat
helped with visa applications and applications for fellowships which contain
far more detail -- note *potential*, not saying it actually happened. When the
badge was used at a check-point this pre-registered information along with a
corresponding picture was displayed on the operators screen. Of course there
were (are?) opportunities for misuse.</I>}</DIV>
<DIV><BR></DIV>
<DIV>Three European researchers who discovered the chips in their badges,
first reported by The Washington Times on Sunday, said participants were not
told about the chips.</DIV>
<DIV><BR></DIV>
<DIV>{<I>Correct, Summit participants were not told.</I>}</DIV>
<DIV><BR>ITU spokesman Gary Fowlie confirmed during an interview from Geneva
that radio frequency identification chips (RFIDs) were embedded in the passes
and that data readers were in place to record information transmitted by the
chip.<BR><BR>Mr. Fowlie disputed that RFIDs have long-range tracking
capability, and called The Times story "really off base."<BR></DIV>
<DIV>"Transmission distance is 1 to 2 centimeters. You have to put your badge
right up to the screen," he said.<BR></DIV>
<DIV>{<I>This comment seems to have the technology back to front. A card was
analyzed in another country and was found to have a range of 70 cm to 1 meter.
As analysis was made only on a limited number of cards, so we can't be sure
that all chips had the same properties: ITU spokesperson may be correct,
however it seems unlikely. The card reader at the checkpoint may have required
the badge to be pressed close against it, the chip itself was much stronger.
i.e. it had the potential to be read by sensors not obvious to those passing
by. *I am not saying that such sensors existed* but that they could is the
point.</I>}</DIV>
<DIV><BR>But U.S. and European privacy advocates and critics of RFID
technology said the story was on target, and that the use of the chips at the
summit has caused an uproar in the United States and Europe.<BR></DIV>
<DIV>"It sent off a shot heard round the world," said Katherine Albrecht,
director of Consumers Against Supermarket Privacy Invasion and Numbering
(CASPIAN), a leading opponent of RFID technology.<BR><BR>"We're rolling in
e-mails on this thing. It's confirmation this is real, it is here, and it's
being abused already."<BR><BR>Last week's summit, which was partly organized
by the United Nations, focused on Internet governance and access, security,
intellectual-property rights and privacy. The badges were worn by more than 50
prime ministers, presidents and other high-level officials from 174 countries,
including a representative from the United States, John Marburger, head of the
White House Office of Science and Technology Policy.</DIV>
<DIV><BR></DIV>
<DIV>In a lengthy statement to The Times yesterday, summit officials said
participants were notified some personal information would appear on the
Internet, but declined to say whether participants were told of the embedded
technology.</DIV>
<DIV><BR></DIV>
<DIV>{<I>We were asked during registration if we would like our email
addresses to be included in the publicly available list of participants. It
had been usual for WSIS preparatory meetings (PrepComs), etc., for
participants to be listed both on paper and online: name, position and
affiliation, with email optional. No mention was made of "embedded
technology".</I>}</DIV>
<DIV><BR></DIV>
<DIV>The passes were intended "to facilitate identification by security at
entry checkpoints," and participants had to swipe the badges across the
readers to gain access to the summit and meeting rooms, the statement
said.<BR></DIV>
<DIV>{<I>This is correct and the system worked quite well. Although at least
one person did obtain a govt. card after forging some credentials.</I>}</DIV>
<DIV><BR></DIV>
<DIV>"Readers were quite prominently displayed and were only placed at entry
checkpoints," WSIS spokeswoman Francine Lambert said. "The data stored on our
servers do not and cannot monitor movement."</DIV>
<DIV><BR></DIV>
<DIV>{<I>Of course the data collected could monitor movement. There was a
chronological log of when a badge-holder passed through a checkpoint. Theses
records would show that I went into the hall a number of times each day (there
was no apparent monitoring on the way out). And database could also
potentially (and easily) be searched to see who went in at the same time as
me. Me plus Joe one time: so what. Me plus Joe seven times and someone might
wonder if they see a pattern?</I>}</DIV>
<DIV><BR>U.S. companies use RFID chips to track inventory from the factory to
stores. Manufactures also are testing a system that tracks products leaving
the shelves and alerts employees to restock.<BR><BR>EZ Pass, used at toll
booths, uses RFID technology. Authorities investigating the murder of federal
prosecutor Jonathan P. Luna learned that he had made repeated trips to
Philadelphia during the past six months by tracking electronic data gathered
at toll booths in Pennsylvania and Delaware.<BR><BR>The Defense Department is
requiring its top 100 suppliers to implement RFID technology by 2005 to track
inventory. The remainder of its 43,000 suppliers must ship items RFID-ready by
2006.<BR><BR>But privacy advocates say the technology Mr. Fowlie described in
use at the summit can be used on humans.<BR><BR>"It's going to be used to
track us," said Barry Steinhardt, director of the technology and liberty
program for the American Civil Liberties Union in New York.<BR><BR>The ACLU
said it has received complaints from Europeans concerned about how data
collected at the summit will be used at the 2005 summit, where Tunisia plays
host.<BR></DIV>
<DIV>"There is a lot of concern this data will be transferred to Tunisia and
used to punish citizens or residents, or to keep tabs on the participants who
are coming there, perhaps deny entry," Mr. Steinhardt said. "There is a lot of
concern that this data will be transferred to a less-than-democratic
nation."<BR></DIV>
<DIV>{<I>This concern was expressed strongly in Geneva. Many are opposed to
holding a Summit on information society in a country that does not respect
universal human rights. The problem is not so much in the actual data gathered
in Geneva, all that happened in Geneva was probably harmless. The concern is
that data gathered for one reasonable purpose could be passed to a regime that
might use it in ways that could be harmful. e.g. While Geneva may never think
to track who I stood in line with, another government might be interested to
identify who associated with a participant they know to be hostile to their
regime. That "hostile" person might not go to the Tunis Summit --for example--
but their previously anonymous associates might.</I>}</DIV>
<DIV><BR></DIV>
<DIV>Ms. Lambert said the data was stored for one day on the readers and
erased, but did not say how long data was stored on the database or if it was
ever erased.<BR></DIV>
<DIV>{<I>Hard to tell if all the data collected is still in the ITU database.
I can access the first level of information for people that were in GLOCOM's
delegation. I cannot make changes. But this is the same information that would
be in the conference participants list that has usually been available.
Perhaps the more detailed information has already been deleted?</I>}</DIV>
<DIV><BR></DIV>
<DIV>"The actual data submitted by participants was stored on ITU-secured
servers that were not accessible by any other party than the [ITU, United
Nations, and WSIS executive secretariat ], and the data has not been
communicated to any other party," she said.</DIV>
<DIV><BR>The personal data was obtained from visa applications.</DIV>
<DIV><BR></DIV>
<DIV>"This has tremendous value for intelligence gathering," said Alberto
Escudero-Pascual, a researcher in computer security and privacy at the Royal
Institute of Technology in Stockholm.<BR></DIV>
<DIV>The chips were discovered by Mr. Escudero-Pascual, Stephane Koch,
president of Internet Society Geneva, and George Danezis, a researcher of
privacy-enhancing technologies and computer security at Cambridge
University.</DIV>
<DIV><BR></DIV>
<DIV>{<I>Alberto Escudero-Pascual arrived at the Summit a couple of days
early, had his picture taken while registering and as the operator's screen
was turned slightly towards him, was able to see his personal information
flash on the screen as the photo was taken. He realized the photo was going to
be used to identify him in security checks in the halls --of course, it's a
high level, head of state Summit, strong security is all fine and good. If it
is sensibly applied. But Alberto wonders how it would work? And so the story
of the RFID chip and data gathering begins to emerge.</I>}</DIV>
<DIV><BR></DIV>
<DIV>When the card containing an RFID chip is swiped onto the reader, the
location information is sent via the chip's antenna to a database that
contains information on the subject.<BR><BR>Mr. Escudero-Pascual said he
witnessed the data collected by the summit when his information flashed on a
computer screen at an entry point. The information included a picture of the
participant, name, occupation, organization, a time stamp of all main entry
points and each time the participant passed a line into a room.<BR><BR>The
data is stored in chronological order, allowing readers to determine when,
where and which participants are walking into the room.<BR></DIV>
<DIV>"They might want to know, 'Who has Alberto been queuing with for the last
few days?' and they can basically see who Alberto is working with or talking
to by who he enters with," Mr. Escudero-Pascual said.<BR><BR>"This is not a
conspiracy theory. We use these systems in our daily lives to open garages,
but people are not aware" of other ways the technology can be used, he
said.<BR><BR>RFID chips are embedded in many "smart card" systems used for
access to military bases, airports, gated communities, hospitals, state parks
and country clubs. RFID chips also can alert government agencies to a host of
law-breaking activities, such as expired insurance policies or license
plates.<BR><BR>But tagging participants in a political summit raises privacy
and security issues, and privacy advocates think the summit's organizers might
have broken laws by not disclosing the chips' presence.<BR></DIV>
<DIV>At least one of the researchers said it violates the Swiss Federal Law on
Data Protection of June 1992.<BR></DIV>
<DIV>{<I>Yes, opinion seems to be that it violates Swiss law, and would
normally be illegal in Geneva. Except the UN is in some cases exempt from data
protection laws. So while on Swiss soil but under the auspices of the UN, it's
likely that no violation occurred. However, some UN data protection guidelines
were ignored <http://www.unhchr.ch/html/menu3/b/71.htm> Wonder if the
ITU database is also protected? ITU has an unusual status in the UN System.
Alberto Escudero-Pascual has contacted most EU member states' Data Protection
Agencies and is seeking support from any individuals and organizations in
order to get a statement from ITU and the Swiss Delegation in WSIS concerning
the data collection practises and the system in Tunisia.</I>}</DIV>
<DIV><BR></DIV>
<DIV>"They may be exempt from those laws, but they certainly violated the
spirit of the law by collecting highly personal information without their
knowledge or consent," Mr. Steinhardt said.<BR></DIV>
<DIV>END</DIV>
<DIV><BR></DIV>
<DIV><BR></DIV><X-SIGSEP><PRE>--
</PRE></BLOCKQUOTE></X-SIGSEP></BODY></HTML>