A US company is implanting microchips in employees’ hands, allowing added convenience but raising privacy and other issues
A Wisconsin company is getting under its employees’ skin – literally. Three Square Market, which makes vending machines with credit-card microchip readers, says employees are volunteering to get RFID chips implanted in their hands.
The chip will permit entry to company buildings, access computers and get soft drinks from vending machines. It will be linked to the employee’s credit card, so he or she can be billed for things bought in the company store. “I think it’s a step towards the future,” said Eric White, an assembly-line manager at the firm.
Three Square Market says it is the first company in the United States to put chips in its employees. But it is not the first in the world. That honor belongs to a Swedish company called Epicenter that initially chipped some 150 employees who “volunteered” for the procedure.
As I previously have written, “Using ID chips is not new. Injectable chips have been around for some time. A prototype injectable ID chip was invented in 1979 by Mike Beigel. The chip is essentially a passive RFID device – which stands for radio-frequency [identification].
“The chip in its simplest form contains only a number and it is not self-powered. However, when a compatible radio signal is beamed at the chip, the chip receives power from the beam through induction, activates and transmits its number. Otherwise the chip remains quiet.
“Around 1991, zoos started putting chips into their animals. By 2000 many [US] states required that to get a pet license you needed to chip your pet (provided it wasn’t a chicken, duck, hamster or rat).”
The RFID function in an injectable chip is similar functionally to the RFID tags built into systems such as E-ZPass and other electronic toll-collection systems. When you drive down a highway in many parts of the US, E-ZPass lets you zoom past toll booths and enter special toll-congestion bypass roads. These days the sensors are overhead and there are cameras and lights as well: If you don’t pay or have a non-current E-ZPass, the overhead cameras will take a photo of your car’s license plate and you will be fined.
RFID has many uses. It can be used for tagging products or sealing a container sent by truck, rail or ship. US car-rental company Avis is using RFID tags to track the return of its vehicles, and the US military is using smart RFID-powered chips that have enhanced sensors. These are called biochips, and they can keep track of a soldier’s blood pressure, breathing rate and overall well-being. In combat scenarios this gives commanders important information on the stress levels of their troops; it also gives medics a head start on triage. Biochips are being designed that can detect traumatic injuries.
RFID chips are now in many countries’ passports. If they are tampered with the passport won’t work at border control.
And chips do not only have to be implanted in a hand. With minimal surgery they can be placed near your heart or other organ. Some time in the future there will be chips placed in or near the brain, a frightening but real prospect. The Manchurian Candidate redux.
Simple RFID tags often transmit only a single number. But that number links to a much bigger database that can include all sorts of information. The information transmitted by the tag is scrambled, but it doesn’t really matter because by itself the number doesn’t tell you anything without the database.
These days, company and government-linked databases are far from secure. Rarely are they encrypted and mostly they have minimal protection such as the company firewall. Once they are stolen, they can fall into the hands of criminals or worse.
Even worse is the fact that it is not really difficult to clone an RFID tag, and while it is not very common yet, if the tags gain in popularity, cloning will become a more serious issue. Remember, mobile-telephone SIM cards have been cloned for years, even though they are encrypted and more strongly protected than an RFID tag can be.
Having an RFID tag injected under the flesh is, without any doubt, a significant invasion of privacy, because there is no way to turn it off. It does not wear out or lose power, because it gets its power when it is interrogated. As the tags become more sophisticated they will be linked to many other biologic and environmental sensors that can be used to help save or protect lives or, alternatively, to bring harm.
It is interesting that company employees are “volunteering” to have RFID tags implanted in the fleshy part of their hands. Since having the tag will make everything in a business or military setting easier for the employees or soldiers, those without one will not be such happy campers. So to a degree the “voluntary” approach is mostly window dressing on the reality that if a company asks for “volunteers”, as a practical matter it really means everyone.
There is, and should be, an alternative available to “volunteering”. That alternative is an external RFID card that can be worn on a lanyard around the neck or incorporated in a company or military ID. If you need a tag to get into a building, there really is no practical difference between an external one and one implanted in your body. If a company does not offer an external RFID as an alternative, it is not playing fair with its employees.
Some say that an implanted chip is more secure than an external RFID tag because it can’t be stolen. This isn’t really true. A person’s implanted chip can be used to gain entrance to a building by kidnapping him or her. Or, more horribly, the tag can be gouged out of a hand for the same reason.
Where it gets more complicated is where biochips are used, today primarily by the military but it is not hard to see that others will start using them too, such as hospitals monitoring at-risk patients. In such cases, we are not talking any longer about volunteering. The patient is being offered an option he can approve or reject. In these cases it should be the rule that the hospital will agree to remove the tag at the patient’s request and at no charge on demand, whether needed or not.
At the end of the day the difference between man and machine is being seriously eroded when some form of communication is implanted in a human being. If I am tagging my employees, why not tag my robots? Or vice versa.