A Cincinnati video surveillance company is requiring its employees to get an impanted RFID tag under their skin if they want to utilize the company’s datacenter. For those who don’t know, RFID tags are tiny, rice-sized microchips which contain specific information which can then be read from a few inches away by a radio transciever.
Currently, they’re being used mostly as a means to more efficently keep track of warehouse goods; rather than a stockboy having to go through and manually take an inventory, they just wave a little RFID wand around the shelves and instantly get all the information they need. They’ve also been used in some medical proceedures as a way to identify patients with extreme allergies or medical requirements. This, however, is the first time I know of that a private corporation has demanded employees have one injected in order to do their work. Previously, the corporation demanded that employees have RFID tags implanted in IDs worn around their necks.
Think about that for a moment… employees are being required to undergo a mildly painful, mildly invasive medical proceedure in order to do their work. This is sheer idiocy! Not only is the risk of complications non-zero (infection can still happen, even if they use trained medical personell to provide the RFID implants, which I severely doubt they would), but it does absolutely NOTHING to increase security.As has been demonstrated, it pretty trivial to scan and clone one of these tags. That guy who jostled you on the bus? He may have just scanned your RFID tag. But now, rather than just having to get a new picture ID with a new RFID tag, you must engage in yet another invasive medical proceedure to remove the tag then implant another. One gains nothing in terms of security from this methodology; it’s biometrics on the cheap, and biometric security is known to be full of horrenous implimentation flaws (such as… how do you change your fingerprints when a database containing them has been breached and said information stolen?).
And what happens when you leave the company? Are they going to pay to have the RFID tag removed, or will you have to do that on your own time and dime?
You’d think that this would generate lawsuits, but the corporation have cleverly provided a legal dodge… technically, they don’t require the chips. You just won’t be allowed into the datacenter without one. Meaning, if your job entails accessing the datacenter, you’re essientially fired if you refuse to be chipped. The company can then just claim that the employee refused to follow security guidelines if sued and will be technically legally correct. Some lawyer earned a commission on this one.
I’m not a Luddite. I love technology. I even like RFID tags, albeit in limited instances. Tracking goods is fine. Hell, tracking livestock and pets is good as well. Tracking medical patients is good, as long as the patient is aware of the tag and what it does and has the right to refuse it. But this? This is unconciable.
OMG! Could it be? Yes! We actually AGREE on an opinion column!