What are the three core privacy problems with consumer RFID, as identified by early research (Juels, 2006)?
Sensitive data stored on tags can be read without the owner's knowledge; surveillance is unconscious (invisible, passive, no consent); and unique tag IDs enable physical location tracking and movement profiles.
Research by A. Juels (2006) identified the key RFID privacy risks — many of which the FS26 course notes still as relevant:
- Sensitive data on tags: RFID tags can store personal and sensitive information readable without the owner's knowledge, from shopping habits to health data.
- Unconscious surveillance: most users don't notice their RFID tags and don't know when they're read — the technology is invisible, data capture is passive and without active consent.
- Location tracking: even if the contents are encrypted, tags can be physically tracked. Each tag has a unique ID usable to build movement profiles — a serious location-privacy violation.
The classic illustration shows a man whose every item (wig model #4456, replacement hip part, €1,500 in his wallet, items of clothing) silently broadcasts its serial number to a nearby reader.
Tip: Note the subtlety: encrypting tag contents doesn't stop tracking, because the unique ID itself is the tracker. Privacy here requires randomising or disabling the ID, not just encrypting data.
Go deeper:
Radio-frequency identification (Wikipedia) — covert reads, unique-ID tracking and consent issues.