Skip to content

Archives

Why implanted ID chips are bad for privacy

Security: The RFID vendors are clearly on a roll, with all manner of uses being proposed. The most recent story is that VeriChip plans to implant them subdermally in hospital patients.

The company line is that it’s privacy-safe, since it doesn’t expose health records per se — just the patient’s ID number. However, that’s missing the point, in my opinion.

RFID chips will broadcast their ID whenever they are within range of a compatible scanner, and the range (in this case) is several feet — although the story notes that their readers used to track farmed salmon work from 10-12 feet, and the Schmoo Group guys I met last month had no doubts that a high-powered directional antenna like their wi-fi sniper rifle could extend that. There’s no encryption, or handshaking, in these chips, it sounds like.

There’s no mention if the chip is removed after you leave hospital; some comments about the idea behind this is that it may help if you’re involved in an accident, and want your info available to healthcare users, in which case you’d have the chip implanted and broadcasting at other times, in other places, as well.

So, if you’ve got one of these implanted, it’ll broadcast a unique code to readers in range at all times. If an attacker can scan while you’re nearby, and picks up that code, they know that it’s you, and you only. They only have to match that ID code to a visual identification once, and henceforth you can be tracked by that ID code.

There’s a possibility that they’ll fix this, by upping the CPU power and incorporating some decent public-key encryption — but then you need a PKI big enough to track every implanted citizen in the entire country, and the costs will go up and up. I’d find that doubtful. (Mind you, they seem to assume that having a centralized secure database of medical records is a fait accompli in most of the articles anyway, so…)