close
Abstract—New applications for Radio Frequency Identification
(RFID) technology include embedding transponders in
everyday things used by individuals, such as books, payment
cards, and personal identification. While RFID technology has
existed for decades, these new applications carry with them
substantial new privacy and security risks for individuals. These
risks arise due to a combination of aspects involved in these
applications: 1) The transponders are permanently embedded
in objects individuals commonly carry with them 2) Static data
linkable to an individual is stored on these transponders 3) The
objects these transponders are embedded in are used in public
places where individuals have limited control over who can
access data on the transponder. In 2002, the U.S. Department
of State proposed the adoption of an “electronic passport,”
which embedded RFID transponders into U.S. passports for
identification and document security purposes. In this paper, we
use the U.S. Government’s adoption process for the electronic
passport as a case study for identifying the privacy and security
risks that arise by embedding RFID technology in “everyday
things.” We discuss the reasons why the Department of State
did not adequately identify and address these privacy and
security risks, even after the government’s process mandated a
privacy impact assessment. We conclude with recommendations
to assist government as well as industry in early identification
and resolution of relevant risks
DownLoad
DownLoad
全站熱搜
留言列表