Travel groups come out against RFID passports

According to an article from Wired, the list of people complaining about the State Department's plans to embed RFID tags into US Passports is on the rise.

Most recently, the Business Travel Coalition and the Association of Corporate Travel Executives have announced their opposition to the plan.

At issue is the embedding of RFID tags (low-power radio transponders) into US Passports starting in 2005. The plan, part of an effort to create an international standard for authenticated passport information, wants to put the carrier's country, name, passport number, and photograph (and eventually an iris scan or fingerprints) on the chip which is readable from a distance of about 3 inches.

Unfortunately, this data is sent "in the clear," thus making it insecure (and, just for the record, encrypting it with a key that could be decrypted by border control people is just about as insecure, since it would be widely disseminated).

At first blush, this still seems pretty reasonable, but privacy advocates are concerned that they can actually be read from some distance away (up to 10 meters according to some, but more likely 1-2 feet). This opens up a string of privacy and safety issues. Imagine that you are walking down the streets of a foreign country and a thief can tell definitively that you are an American-- Bill Scannel has... his web site advocates putting down the technology before it is rolled out because of concerns for the safety of American citizens abroad.

Now before getting all up-in-arms about my being a reactionist luddite who doesn't like any new technology in the hands of the government, consider contact-based or visual identification methods. Electronic chips that have contacts on the inside of the passport for reading the data are every bit as reliable and a whole lot more safe from external viewing (as in: completely). Further, the use of a 2D barcode is cheaper, as effective, and impossible to read through a closed passport (although more readily copied).

If you're concerned about this issue, go to RFIDKills and submit your comments for the State Department before April 4.