CFP2003: Day Three

Plenary 12: Auto ID

The technology has been around for years, but now it’s gotten
inexpensive enough to use pervasively. The panel wants to increase
awareness of the uses and abuses of the technology.

Mark Roberti of RFID Journal is the first
speaker. RFID technology begain in WWII with the British RAF’s IFF
(Identify, Friend or Foe) system. The US military started using it at
Los Alamos to track trucks carrying nuclear materials — that system has
evolved into EZ-Pass and similar automated toll systems. In the
meantime, the USDA developed a passive transceiver (“tag”) to track
cattle — the system had to be passive and unpowered because cattle
don’t come with AC outlets. Currently, a tag costs 40 cents; three
years ago, it was $10. And experts see tags costing less than five
cents in the next few years — which would make it possible to “extend
the Internet to objects” (MIT Auto-ID lab). The benefits include
reduction in theft (2% shrinkage is common in stores) and efficiency
because you can find your inventory and assets (P&G has a billion
dollars in “unfindable assets” at any time!).

Another use is maintaining authenticity — pharmaceutical companies want
to tag drugs to deter counterfeiting. A pharmacist would use the RFID
tag to verify that the drug about to be dispensed was real.

And companies have announced “smart appliances” which would use RFID
tags of items you’ve purchased to automatically set washing machines or
reorder products.

Katherine Albrecht of CASPIAN got
interested in the area by looking at grocery store loyalty cards and the
database infrastructure behind them. TIA has expressed interest in
using such databases (and every commercial database) as part of their
tracking in the interests of national security. Of course,
companies such as grocery stores and A. C. Nielsen are very
interested in creating detailed dossiers of their customers
(and have been for years). Her concern here is that RFID tags in
consumer products will extend those dossiers into the home.

Benetton, Prada, Michelin, and Gillette have already announced plans to
put RFID tags on consumer products. In response, CASPIAN is calling for
a boycott of Benetton. Benetton has responded by saying the read range
of the tags is only a couple of feet, but CASPIAN counters by pointing
out that doorways (for example) provide a choke point where RFID tags
could easily be read and tracked. CASPIAN also wants a world-wide
moratorium on consumer applications of RFID technology until regulations
are put in place.

Richard Smith of
ComputerBytesMan was
next. He began by asking the audience how many people use EZ-Pass (a
few) and pointed out that by using it, we make the trade-off of
convenience for trackability; users depend on the data only being used
for its proper purposes. But there’s already some overflow — for
example, you can pay for gas or parking with your EZ-Pass; in Boston,
they use EZ-Passes to get information on traffic flow and speeds (but
they don’t issue speeding tickets based on the data). He sees RFID
being added to license plates in the future (not optionally), creating
more and more opportunities for database entries and tracking for all
of our travel.

The next step is using RFID for people tracking instead of object
tracking — for example, RFID-enabled building access badges (such as
the one I used to have before I lost it!). After that, he sees
RFID-enabled shopper loyalty cards, which offer significant tracking

The ultimate use of RFID is
Verichip, which will inject an RFID chip into people (it’s been done for dogs and cats for a while). After 9/11, interest in “chipping” people increased significantly, but this is still a radical-edge application.

In the panel discussion, both Mark and Richard mentioned that the current announced plans for the technology are limited to the supply chain, but Richard pointed out that the danger is that once the tags are in the world, there will be huge temptations to use them for marketing and security uses and become people trackers.

The Auto-ID Center at MIT has plans to add “kill switches” to tags, so that they can be permanently turned off at the point of purchase of the consumer product. That would improve privacy, but would prevent the tags from being used downstream, for example in assisting in recycling when items are discarded.

Then there was a debate about whether the Auto-ID Center and the companies supporting it are seriously interested in privacy. It’s amazing how reading a neutral statement in a snide voice can color its contents. Katherine claims that there are no actual privacy advocates involved in the Auto-ID Center.

Simson Garfinkel was first at the mike — he is a member of the Auto-ID Center’s advisory board (one of those non-existant privacy advocates). He said that all-out attacks against RFID chips (which already exist) are not going to be successful; there needs to be intelligent use of the technology. And, for example, the “kill” technology should only kill part of the ID, so that the waste stream information might stay active while the serial number would go away. Saying “it’s bad and we should stop it” is not going to work (unless you can make it illegal, which seems unlikely) — the question is “how do we use it responsibly”.

An audience member made a very good point: “it’s not a technology problem — it’s a data policy problem”.

Several people didn’t get to make their points (err, ask their questions), which is a first at this CFP. Good panel, and one which reminds me very much of the CFPs of old.

Stupid Security Awards

As if the EFF Pioneer Awards, the Brandeis Awards, and the Big Brother Awards weren’t enough, this CFP has added the Stupid Security Awards. Again, Simon Davies of Privacy International is the MC (this time in his own persona, unlike last night, when he presided over the Big Brother Awards as Her Majesty The Queen).

He gave the New Yorker Hotel a Dishonorable Mention, not only for demanding (and copying) photo ID at check-in, but also for refusing to loan a conference attendee a pair of scissors because they were a “security risk”!

Delta Airlines won the “Most Egregiously Stupid Security” award for requring a mother of a four-month-old to drink a bottle of her own breast milk to demonstrate that it wasn’t a threat to the staff on the plane.

The “Most Counterproductive Security” award went to a policeman who checked a pair of shoes out for explosives by slamming them down — apparently if they didn’t explode, they were ok.

“Most Inexplicable Security” went to San Francisco General Hospital, which treats many homeless people. After 9/11, they started requiring ID of people entering through the front door — but all side entrances were left completely unguarded. The staff and patients started using those side entrances, and the corridors filled with people desperately looking for the emergency room!

“Most Intrusive Security”: a lot of security measures seem to focus on attractive young women, and many security guards take great care in carefully checking out such individuals. The Michigan State Prison demands that any woman entering the prison (as a visitor) must wear a bra “for security”. One woman who could not wear a bra due to irritation needed medical certification to be able to visit her husband.

There is much more at the website; visit it.

But the real point is not the stupdity of these examples — it’s the danger in having the illusion of security and winding up with less real security, not more.

Plenary 13: Keynote from the Right and the Left

The speakers were former Rep. Bob Barr (R-GA) and Rep. Jerry Nadler
Rep. Nadler was first elected to Congress in 1992; he represents New
8th District (includes the WTC, the ACLU office, and this hotel —
he says his district “goes from Nathan’s to Zabar’s”).
Rep. Barr is now a consultant to the ACLU; he was in Congress

Rep. Nadler: Privacy is not a left/right issue. Without the
to be secure from governmental intrusions, all other rights are at risk.
Our system of constitutional liberties is not a danger, it has secured
us from dangers into which other nations have fallen. In wartime, we
often restrict liberties — then apologize 25-30 years later (and the
historians say that the restrictions don’t help anyway), and it appears
that we’re doing it again. When people ask questions, the answer is not
a reasoned argument, it’s an ad hominem attack or an attack on the
questioner’s patriotism.

In the run-up to the PATRIOT Act, the Judiciary Committee agreed
unanimously on a bill; it never came up. The Administration supplied a
substitute 278-page bill on Wednesday at 10am; the vote happened at 1pm.

PATRIOT II, drafted in secret by the Justice Department, may soon be
considered by Congress. Congress has not seen it, and the Justice
Department denied that any such bill existed, but then it was
leaked. He thinks that the plan was to keep the bill secret, to wait
until something happens, and then to introduce the bill and claim that
it has to be passed instantly for national security — but that the
person who leaked the bill derailed that plan.

Some of the more important issues being considered now:

  • TIA: Would involve the Defense Department in domestic law
    (not barred by law); no requirement for warrant — it would be
    investigate first, probable cause later. The Wyden Amendment put
    restrictions on the deployment of TIA and its use against American
    citizens; Feingold and Nadler said that
    TIA couldn’t be developed without explicit Congressional authorization.
    Wyden Amendment passed.
  • CAPPS II: The government would classify individuals based on secret
    information as red, yellow, or green — you would not have access to the
    information used to classify you.
  • Information sharing between law enforcement and Defense Department.
    Military agencies are not restricted to acquring info pursuant to a
    search warrant, but they can’t use that information for law enforcement

Nadler wants to require a privacy impact statement for every new federal
regulation, much as an environmental impact statement is required today.

Government’s unprecedented claim of the power to detain someone with no
charges, no habeas corpus, no lawyers, no judicial review, no recourse,
The Justice Department says the courts have no jurisdiction to review a
declaration that someone is an “enemy combatant”. Magna Carta
required the King to have justification to hold someone — this is the
first attempt to go against that precedent since then. Nadler is
drafting legislation which will extend the judicial power of the US to
anyone held by the US (so the “no jurisdiction in Cuba, even though
we’re holding people there” argument
will not work), and that the writ of habeas corpus shall not be denied
without a showing of probable cause (except a prisoner of war). “We
rebelled against George III for far less than that….I am not
rebellion but we must remember the core concepts of liberty.”

Rep. Barr: Even though the right to privacy does not appear
in the Constitution, it is fundamental. In a tribe, there is no privacy
— no private property, no private decisions. In a civilized society,
the concept of privacy arises — individuals have the right to private
information and private property. If you look at the wording of the
Bill of Rights, it’s obvious that they presume the notion of privacy.
If there is no right to privacy, why would you need the Fourth
Amendment’s restrictions against the government’s ability for search and
seizure? The First Amendment incorporates privacy in affirming the
right to have ideas. Privacy is fundamental to freedom.

Information is fundamental, too. It is the currency of power in the
21st Century. Access to information, the ability to accumulate
information, is key — it’s the way you get things done and have the
power to influence events. The ability to protect information, to keep
it private, is important to freedom.

When you look at the legislative process, you need to keep in mind some
immutable laws of government.

  • Government always wants more
  • Government never surrenders power once granted (or seized). So you
    need to get things right the first time because you rarely get a second
  • Privacy is finite; when government gets the power to access
    information, they keep it and use it — they take that power from we,
    the people.
  • Executive branches hate oversight (Republican or
    Democratic); they will not voluntarily expose themselves to oversight.
    Congress needs to ensure that oversight mechanisms are in place and
  • The Executive Branch never admits error. They never say that
    “we had the power; we just didn’t use it correctly” — instead, they
    say “we need more power or money, so Congress needs to give us more”,
    and that almost always happens. The root cause is never examined. As
    an example, after TWA Flight 800, there was a rush to give the
    Government more power to “fight terrorism” — luckily, cooler heads
    prevailed and no legislation was passed, but that was the initial
    reaction (and of course, the problem was not related to terrorism at

He believes that CAPPS II and TIA throw the Fourth Amendment away.

The only way to prevent such intrusions is to stay in contact with our
Representatives and Senators and keep them aware of our concerns. Most
Representatives and Senators don’t track these issues as closely as
Nadler does,
so the only way that they’ll care is if their constituents tell them how
important they are. Without such, we’ll continue to see the knee-jerk
reaction to incidents and the government will continue to acquire more
power and citizens will have less privacy.

Q&A: (again, there were people waiting at the mike when time
ran out)

Katherine Albrecht of CASPIAN asked whether there are
plans to
add RFID to cash (she claims that will happen in Europe by 2005). Both
Nadler and Barr said that they have never heard anything about such

Jim Casper of the North Dakota legislature: Why didn’t the
36 members of
the Judiciary Committee stand up to stop the passage of the Patriot Act?
Both he and Barr were…he voted against it, both because of the issues
and the process. The rules of the House provide that you cannot vote on
a bill which has not been in print for 24 hours, but the Rules Committee
routinely suspend those rules and they did that for the Patriot Act as
well. 66 Members of the House voted against the bill, some because of
the process. Barr: He happened to notice a provision tucked
into an
airport security bill last year which would have given security officers
the power of arrest and got it deleted, but if he hadn’t happened to see
it, it might well have become law. This happens all the time (not just
in security issues) and it’s a terrible way to legislate. The budget
left out many projects because a page fell out on the way to the
printer and it wasn’t discovered in time!

Henry Farrell: I didn’t hear any mention of the effect that US
have on the privacy of individuals outside the US. Examples: EU and
Canada have been forced to share information on travellers with the FAA
without even the CAPPS II safeguards, and the requirement that
biometrics be added to passports if the holder ever wants to enter the
US (which means all passports). Nadler: I believe that privacy
is a fundamental human right. The Constitution says “no person”, not “no
citizen” shall be deprived of life, liberty, etc, without due process.
The bill he and Feingold introduced on the TIA says you can’t do it at
all; Wyden’s only affects US citizens. I was not aware of the
particular instances you cited, and very often, we’re not aware of the
implications until someone brings it to your attention, and if the
implications are not on citizens, no one may bring it to our attention.
Barr: We’d have better legislation and law enforcement if we
in an international context, if we coordinated with other countries and
developed international protocols and consistency. That said, there are
things that a nation may need to do on its own initiative, such as
requiring manifests for flights entering the US. Nadler: The US has a
right to protect its citizens and borders; there is no human right for
anyone else to come to the US. We need to balance security concerns
with privacy and liberty concerns — not in haste, but they do have to
be addressed.

Lunchtime Concurrent Session: Authentication

This session was held in a long, noisy room, with no mikes or projector.
It wasn’t very easy to follow, but Steve Bellovin gave a good talk about
the differences between authentication, identification, and
authorization, and the need to collect only the necessary information
for the purpose, rather than collecting all possible information “just
in case”. He referred to an National Research Council study on the
subject which is currently available on their
website, as well as
post-9/11 report called “ID’s not Easy” which discussed what problems
a national ID card might actually solve and implications which would
follow depending on what information was collected.

Plenary 14: What are the New Intellectual Property Regimes, and do they threaten or advance free expression?

In 1998, Congress enacted the DMCA. It has several components. One concerns the liability or non-liability of ISPs in the communication of possible infringing material on the Internet. This sets up a dual regime — “mere conduit” ISPs have no liability, while “host service providers” (ones who rent space) will not be subject to liability if they comply with the notice and takedown procedure set forth in the statute. The next piece is the provisions on legal protection of technological measures which provide copy-protection (in other words, making hacking copy protection a criminal offense). And there is a portion which deals with copyright management information, making it illegal to remove or tamper with the identification of the work, its author, or conditions of use and sale in a way which would encourage or enable copyright infringement.

There has been judicial activity since the DMCA was passed.

The two speakers gave presentations which hit rather different issues; neither of them led to an easy summary (at least not by me!).

Brief Interlude

There was a wonderful “Carabella versus CAPPS” animation (which may show up on the Carabella page of Privacy Activism‘s website some day.

And CFP 2004 was announced, with Deirdre Mulligan as chair and Berkeley as the venue, probably in mid-May of 2004.

Closing Keynote: Larry Lessig

And now we approach the end of the conference. I will have to leave before the end of this session, so I will urge you in advance to listen to the MP3 recording of the session (and all of the main tent sessions), available at (today’s sessions won’t be up quite yet, of course).

Larry talked about criticism through creative work; he says that it was once free but is being increasingly controlled. The message which lawyers miss is that “criticism is effective when it speaks the language which the culture understands.” This kind of criticism is the hallmark of a sane culture.

The question is not “what makes these freedoms possible?”, but “what made these freedoms possible?”, because the situation is changing. There is a great increase in concentration of media ownership — and that has changed the culture that people see and live in. That didn’t happen because of the magic hand of the market, but because of governmental action making concentration more favorable.

For example, in 1994, the FCC eliminated the FinSyn rule, which meant a change from 70% of prime-time TV being independently produced to today’s situation, where 75% of prime-time TV is owned by the networks.

Larry then drew a distinction between Walt Disney creativity (taking themes from the culture and remixing them) and Disney, Inc., creativity (extending copyright terms into the indefinite future). And he said that part of us is due to one meme from computer culture has crept into the rest of the culture — binary thinking, which results in people thinking only in extreme terms.
Instead, we need to demonstrate non-extreme points (such as the Creative Commons license options).

Larry’s final message: Free culture by resisting control and concentration.

And now, as the Q&A begins, I need to fold my tent, claim my luggage, and bid the hotel and the conference adieu. Cheers!

[Updated 10 March 2006 to correct the spelling of Simson Garfinkel’s name.]