Sooner or Later…

Microchip technology is in the news again.  Background:  company called CityWatcher.com has injected two employees with microchips.  These are RFID tags, whose most common use is to keep track of various types of inventory (library books, uniforms, store items) and “contactless” payment cards.

But the news that Americans had, for the first time, been injected with electronic identifiers to perform their jobs fired up a debate over the proliferation of ever-more-precise tracking technologies and their ability to erode privacy in the digital age.

To some, the microchip was a wondrous invention _ a high-tech helper that could increase security at nuclear plants and military bases, help authorities identify wandering Alzheimer’s patients, allow consumers to buy their groceries, literally, with the wave of a chipped hand.

To others, the notion of tagging people was Orwellian, a departure from centuries of history and tradition in which people had the right to go and do as they pleased, without being tracked, unless they were harming someone else.

The reason this was/is so big:

CityWatcher.com employees weren’t appliances or pets: They were people made scannable.

Which brought/brings out a host of questions/considerations:

(From a man who has already been chipped):  Halamka thinks of his microchip as another technology with practical value, like his BlackBerry. But it’s also clear, he says, that there are consequences to having an implanted identifier.  “My friends have commented to me that I’m ‘marked’ for life, that I’ve lost my anonymity. And to be honest, I think they’re right.”

Do the current chips have global positioning transceivers that would allow the government to pinpoint a person’s exact location, 24-7? (No; the technology doesn’t yet exist.)

But could a tech-savvy stalker rig scanners to video cameras and film somebody each time they entered or left the house? (Quite easily, though not cheaply. Currently, readers cost $300 and up.)

How about thieves? Could they make their own readers, aim them at unsuspecting individuals, and surreptitiously pluck people’s IDs out of their arms? (Yes. There’s even a name for it _ “spoofing.”)

What’s the average lifespan of a microchip? (About 10-15 years.) What if you get tired of it before then _ can it be easily, painlessly removed? (Short answer: No.)

Some privacy experts believe the tagging of documents is a more serious  privacy issue than personal microchips believing that “people are going to be too squeamish about having an RFID chip inserted into their arms, or wherever.”

But that isn’t quite true either.

But that wasn’t the case in March 2004, when the Baja Beach Club in Barcelona, Spain _ a nightclub catering to the body-aware, under-25 crowd _ began holding “Implant Nights.”

In a white lab coat, with hypodermic in latex-gloved hand, a company chipper wandered through the throng of the clubbers and clubbettes, anesthetizing the arms of consenting party goers, then injecting them with microchips.

The payoff?

Injectees would thereafter be able to breeze past bouncers and entrance lines, magically open doors to VIP lounges, and pay for drinks without cash or credit cards. The ID number on the VIP chip was linked to the user’s financial accounts and stored in the club’s computers.

After being chipped himself, club owner Conrad K. Chase declared that chip implants were hardly a big deal to his patrons, since “almost everybody has piercings, tattoos or silicone.”

VIP chipping soon spread to the Baja Beach Club in Rotterdam, Holland, the Bar Soba in Edinburgh, Scotland, and the Amika nightclub in Miami Beach, Fla.

As for increasing security:

That same year, Mexico’s attorney general, Rafael Macedo, made an announcement that thrilled chip proponents and chilled privacy advocates: He and 18 members of his staff had been microchipped as a way to limit access to a sensitive records room, whose door unlocked when a “portal reader” scanned the chips.

But did this make Mexican security airtight?

Hardly, says Jonathan Westhues, an independent security researcher in Cambridge, Mass. He concocted an “emulator,” a hand-held device that cloned the implantable microchip electronically. With a team of computer-security experts, he demonstrated _ on television _ how easy it was to snag data off a chip.

Explains Adam Stubblefield, a Johns Hopkins researcher who joined the team: “You pass within a foot of a chipped person, copy the chip’s code, then with a push of the button, replay the same ID number to any reader. You essentially assume the person’s identity.”

VeriChip’s rebuttal: 

“To grab information from radio frequency products with a scanning device is not hard to do,” Scott Silverman, the company’s chief executive, says. However, “the chip itself only contains a unique, 16-digit identification number. The relevant information is stored on a database.”

Even so, he insists, it’s harder to clone a VeriChip than it would be to steal someone’s key card and use it to enter secure areas.

Why push so hard?

Although in five years VeriChip Corp. has yet to turn a profit, it has been investing heavily _ up to $2 million a quarter _ to create new markets.  The company’s present push: tagging of “high-risk” patients _ diabetics and people with heart conditions or Alzheimer’s disease.  In an emergency, hospital staff could wave a reader over a patient’s arm, get an ID number, and then, via the Internet, enter a company database and pull up the person’s identity and medical history.

The issue is also bringing together groups that usually seem at odds:  civil libertarians and Christian conservatives.

RFID, they warned, would soon enable the government to “frisk” citizens electronically _ an invisible, undetectable search performed by readers posted at “hotspots” along roadsides and in pedestrian areas. It might even be used to squeal on employees while they worked; time spent at the water cooler, in the bathroom, in a designated smoking area could one day be broadcast, recorded and compiled in off-limits, company databases.

“Ultimately,” says Katherine Albrecht, a privacy advocate who specializes in consumer education and RFID technology, “the fear is that the government or your employer might someday say, ‘Take a chip or starve.’”

Pro or con the debate is on: 

“VeriChip offers technology that is absolutely bursting with potential,” wrote blogger Gary E. Sattler, of the AOL site Bloggingstocks, even as he recognized privacy concerns.

So how is government reacting? (Besides National Government considering chipping for soldiers, high security clearance workers, and other government workers)

…legislators are increasingly being drawn into the fray. Two states, Wisconsin and North Dakota, recently passed laws prohibiting the forced implantation of microchips in humans. Others _ Ohio, Oklahoma, Colorado and Florida _ are studying similar legislation.

In May, Oklahoma legislators were debating a bill that would have authorized microchip implants in people imprisoned for violent crimes. Many felt it would be a good way to monitor felons once released from prison.  But other lawmakers raised concerns. Rep. John Wright worried, “Apparently, we’re going to permanently put the mark on these people.”

Rep. Ed Cannaday found the forced microchipping of inmates “invasive … We are going down that slippery slope.”

In the end, lawmakers sent the bill back to committee for more work.