[e-privacy] [RFID] EFF contro i passaporti RFID

Andrea Glorioso sama at miu-ft.org
Mon Apr 11 08:42:30 CEST 2005 

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* EFF Urges State Department to Drop RFID Passport Plan

As we reported last week, the US State Department  is pushing for what
may be the most misguided  and dangerous  travel "security" plan  ever
proposed: putting insecure radio-frequency identification (RFID) chips
in all new US passports.  These  chips would broadcast your name, date
of birth, nationality, unique passport  number, and any other personal
information contained in the passport to anyone with a compatible RFID
reader.  That's right - anyone, not just passport control.

Security experts have pointed out that because the new passports would
indiscriminately expose your  personal information to strangers,  they
could be     used  as "terrorist   beacons,"   providing  a terrorist,
kidnapper, or thief  with a means of covertly  scanning a crowd  at an
airport - or any other public place - for American targets.  But there
are numerous other  ways that  RFID  passports threaten your   safety,
privacy, and basic civil liberties.

This    week, EFF, joined    by  EPIC, PrivacyActivism, Privacy Rights
Clearinghouse,  the World  Privacy  Forum,  and privacy activist  Bill
Scannell,  filed  comments with  the   State  Department, providing  a
detailed   critique  of the  RFID  passport proposal    and urging the
Department to abandon it.

"RFID in passports is  a terrible idea,  period.  But on top of  that,
the  State Department is  acting without the appropriate authority and
without  conducting any form of  credible cost-benefit analysis," said
EFF Senior  Staff Attorney   Lee   Tien.  "It's  asking  Americans  to
sacrifice    their  safety and privacy    'up front'  for  a dangerous
experiment that it hasn't even bothered to justify."

As we point  out in  our comments,  under the  State Department's plan
there would  be millions of RFID  passports (and passport holders) and
thousands  upon  thousands of authorized  passport  readers around the
world.  Each authorized   passport reader  would  itself represent   a
threat  to the  privacy  of passport  holders   and would have   to be
secured.  Because the technology would be so widespread and persistent
over time,   the likelihood of  reverse  engineering and thus security
compromise would  be high.  At  the same time,  because so many people
would  be  carrying RFID passports,   the magnitude of harm associated
with security  compromise would be large,  and it is  unclear how well
the system would recover once it is compromised.
 
EFF will soon provide  an easy way  for you to  speak out against RFID
passports  -  stay tuned  to  EFFector and the   EFF Action Center for
details.

EFF's comments on RFID passports:
<http://www.eff.org/cgi/tiny?urlID=447>
(PDF)

Background on the passport plan:
<http://www.eff.org/effector/18/11.php#II>

More about RFIDs:
<http://www.eff.org/Privacy/Surveillance/RFID/>  

--
Andrea Glorioso             sama at miu-ft.org         +39 333 820 5723
        .:: Media Innovation Unit - Firenze Tecnologia ::.
	      Conquering the world for fun and profit

More information about the E-privacy mailing list