Climbing into his Volvo, outfitted with a Matrics antenna and a Motorola reader he had bought on eBay for $190, Chris Paget cruised the streets of San Francisco with this objective: to read the identity cards of strangers, wirelessly, without ever leaving his car.
It took him 20 minutes to strike hacker's gold.
His scanner downloaded to his laptop the unique serial numbers of two pedestrians' electronic U.S. passport cards embedded with radio frequency identification, or RFID, tags. Within an hour, the Internet security consultant had "skimmed" four more of the new, microchipped PASS cards from a distance of 20 feet.
Increasingly, government officials are promoting the chipping of identity documents as a 21st century application of technology that will help speed border crossings, safeguard credentials against counterfeiters, and keep terrorists from sneaking into the country.
But Paget's February experiment demonstrated something privacy advocates have feared for years: that RFID, coupled with other technologies, could make people traceable without their knowledge.
He filmed his heist, and soon his video went viral on the Web, intensifying a debate over a push by federal and state governments to put tracking technologies in identity documents and over their potential to erode privacy.
On June 1, it became mandatory for Americans entering the United States by land or sea from Canada, Mexico, Bermuda and the Caribbean to present identity documents embedded with RFID tags, though conventional passports remain valid until they expire. Among new options are the chipped "e-passport," and the new, electronic PASS card — credit card-sized, with the bearer's digital photograph and a chip that can be scanned through a pocket, backpack or purse from 30 feet.
Alternatively, travelers can use "enhanced" driver's licenses embedded with RFID tags now being issued in some border states: Washington, Vermont, Michigan and New York. Texas and Arizona have entered into agreements with the federal government to offer chipped licenses, and the U.S. Department of Homeland Security has recommended expansion to non-border states.
The purpose of using RFID is not to identify people, says Mary Ellen Callahan, the chief privacy officer at the Department of Homeland Security, but "to verify that the identification document holds valid information about you."
Critics warn that RFID-tagged identities will enable identity thieves and other criminals to commit "contactless" crimes against people who won't immediately know they've been victimized.
Neville Pattinson, vice president for government affairs at Gemalto Inc., a major supplier of microchipped cards, is a board member of the Smart Card Alliance, an RFID industry group, and serves on Homeland Security's Data Privacy and Integrity Advisory Committee. In a 2007 article published by a newsletter for privacy professionals, Pattinson called the chipped cards vulnerable "to attacks from hackers, identity thieves and possibly even terrorists."
RFID, he wrote, has a fundamental flaw: Each chip is built to faithfully transmit its unique identifier "in the clear, exposing the tag number to interception during the wireless communication."
Meanwhile, Homeland Security has been promoting broad use of RFID even though its own advisory committee on data integrity and privacy issued caveats. In its 2006 draft report, the committee concluded that RFID "increases risks to personal privacy and security, with no commensurate benefit for performance or national security," and recommended that "RFID be disfavored for identifying and tracking human beings."
But Gigi Zenk, a spokeswoman for the Washington state Department of Licensing, says Americans "aren't that concerned about the RFID" at a time when "tracking an individual is much easier through a cell phone."