The state of Texas is thinking about replacing vehicle inspection stickers with RFID tags. The state likes the idea because it would enable drive-by enforcement of insurance requirements. Privacy partisans don't, because it could expose car owners' personal information to anyone who scans their vehicles with an RFID reader.
Sounds like a tough problem of functionality vs. privacy, doesn't it? But why? There's no compelling reason any personal information should be stored on those RFID tags -- or on any RFID tags. So why is everyone's default assumption that it will be?
Here, look: How many different ways could Texas implement vehicle inspection RFID tags? One way is to use low-powered tags that can be read only up close. But that doesn't require RFID. There's already an identifying tag that police routinely use for checking vehicle information. It's called a license plate.
Besides, Texas wants to scan cars on the fly. That requires high-frequency RFID tags that can respond quickly and at a distance. Those tags also typically can hold lots of data. So a vehicle inspection RFID tag could contain as much as a megabyte of information about a vehicle -- or as little as a license plate number.
Which makes more sense? Cramming lots of vehicle data onto an RFID tag means a police officer could read it directly with a scanner. But what cop could read data on 100 cars per minute roaring past? Besides, any embedded insurance information could be outdated the day after the tag was stuck on the vehicle.
And that data would be exposed to anyone else with an RFID scanner. The data could be encrypted, but that means the scanner would have to be attached to a computer to decrypt it. Or the RFID equipment could be nonstandard -- but hackers are pretty good at matching any customized gear.
On the other hand, if an RFID tag responds with just a license plate number, that can be checked against an up-to-date back-end database without human intervention. And the only information exposed by the RFID tag is already displayed on the vehicle's bumper.
See? It makes no sense to overload those Texas tags. Putting the smarts in the database and keeping the tags simple makes the system more reliable, secure and effective -- and minimizes privacy issues, too.
So why does this look like such a hard problem at first glance? Because if an RFID tag has space for lots of data, some people will automatically feel an urge to fill it up.
We need to resist that urge. Not just for vehicle tags in Texas, but for all the other RFID applications we'll be implementing soon.
Some of those RFID jobs will be forced on us, such as Wal-Mart's supply chain mandate. But others we'll come up with ourselves. We'll try sticking RFID tags on shipping cartons, employee ID badges, forklifts, hard-copy documents, desk chairs, mail carts, computer monitors -- anything we need to track or identify or inventory or locate.
What we'd really like is a clear set of RFID best practices. But in the meantime, we'll just have to remind ourselves to keep the tags as simple as possible and keep the data on them to a minimum. If we must include data, it should be encrypted -- but less data is better.
We'll probably have to hold the line on that rule with non-IT managers and executives too, especially if they've heard RFID sales pitches bragging about how much data a tag can hold.
And to other business-side people, we'll probably have to explain how we're protecting their sensitive information, especially if they've heard about RFID risks and expect the worst.
But we can do that. In fact, we'd better, if we want to deliver the advantages of RFID technology for our users with a maximum of benefit and a minimum of risk.
Because if we don't, those little RFID tags will bring us some Texas-size problems after all.