Two information security experts at Purdue University say putting special electronic inventory tracking tags on individual retail items could be a threat to customer privacy.

 

Several of the world's largest retailers have been using radio frequency identification (RFID) tags to track pallets of merchandise through its supply systems. Many retailers are examining the cost-saving efficiency measure of placing the RFID tags on individual items on the floor. Beginning this month one large retailer is attaching RFID tags to menswear. Privacy advocates say the tags can be easily used to track customer movement through a store and even monitor what consumer products are in a person's home.

 

A Purdue professor who advises the White House and Pentagon on national security issues related to cybercrime and abuse says a relatively inexpensive device can read some tags from up to hundreds of feet away. Eugene H. Spafford, director of the Center for Education and Research in Information Assurance and Security (CERIAS), says if the tags aren't removed or permanently disabled at the time of sale, they can potentially be read by someone in the store parking lot, from a passing car, or from the street in front of a customer's home. "Someone interested in what you are doing - to snoop, to market to you or to use that knowledge for gain - might be very interested in detecting what you buy without the risk of being noticed watching you at the store," he said.

 

Spafford says as use of the RFID technology is expanded, it will become increasingly easy for parties such as marketers, thieves, insurance companies, employers, bill collectors, litigants, ex-spouses, or government agencies to know your purchasing habits for such items as pharmaceuticals, birth control devices, reading materials, luxury items, alcohol, and unhealthy foods. "The goal of at least one influential retailer is to eventually manage all inventory with the tags," Spafford says.

 

Privacy researcher Lorraine Kisselburgh, an assistant professor of communication, says the RFID technology could give retailers the ability to track customers through space, creating new privacy risks to the individual and anyone else for whom the individual shops, such as children and spouses. Kisselburgh says that members of the millennial generation she has studied are surprised and concerned by this possible loss of their locational privacy. They describe the tracking scenario as "creepy" and "stalking."

 

"Research indicates consumers are willing to make certain tradeoffs of their privacy for benefits such as convenience and discounts," Kisselburgh said. "But individuals want to know when there is a potential that their privacy might be at risk, and they want to retain control of the choice to change that level of risk." Kisselburgh's research includes the social implications of emerging technologies, privacy, social networks. She says that even younger adults are not comfortable with the possibility of "always-on" tracking of their locational behavior and generally are willing to do this only when they know and decide who will be seeing the data about their behaviors.