In January 2004, the Association for Automatic Identification and Mobility published an essay entitled, “The ROI of Privacy Invasion.”  The article established and demolished a strawman vision of potential government surveillance through RFID, positing that it would cost the federal government in excess of $1T to establish a “national spy network” of RFID readers monitoring all of the malls, airports, parks, playgrounds and churches.

Their verdict—that spending a trillion dollars just to construct an RFID-based surveillance network wouldn’t show sufficient ROI (return on investment)—seems fairly obvious.  But industry will attend to its knitting, hunting for ways to show a return on investments in tags and readers in the nearer term, in applications tracking goods in commerce, from the factory to the retail floor, and focused on just what industry has said that it cares about.

And that rather mundane, near-term interest may have considerable implications for the long term, and for personal privacy.  We won’t see the “top down” creation of a national spy infrastructure, but, perhaps, the “bottom up” construction of an infrastructure that many parties—in both government and the private sector—might readily adapt for surveillance, and invasion of privacy.

The future pervasively-tagged world has also been called “the Internet of Things,” and that phrase ought to make us stop and think.  The Internet is nothing if not a grand collaboration of little parts that make for a much more powerful whole.

Metcalfe’s Law (“The value of a network increases exponentially with the number of nodes”), often cited in regard to the Internet, ought to similarly apply to RFID: RFID will increase in utility as a function of all of the tags and readers deployed by all parties, and not merely linearly.  RFID’s “promiscuity” (especially with passive tags, where readers broadcast queries at any and all tags within range, and find what they’re looking for among all the tags which respond) is analogous to the “flat” Internet, where any node can reach out to any other.

If the deployment of RFID follows an arc similar to what has occurred with the Net, we should expect to see a proliferation of local systems, all useful in their primary applications, eventually knitted together into even more valuable systems of systems.  Those internetworked systems will find it easier to exchange information, and small pools of data will be merged and refined to produce larger and more valuable collections.  And as with the Internet, open architectures and widely recognized standards, such as the 30-year-old standard for product identifiers established for the print bar code, will form a strong base upon which to build interesting new applications.

To return to AIM’s scenario, it won’t be the government footing the bill to instrument the entrance to a retail store with an RFID reader.  The retailer will have done the work, and for the more immediate concern of capturing sales data, or curtailing employee theft.  His retailer neighbors, and their mall landlord, may also have deployed readers, to collect clues to cue customer-relations management systems, deter shoplifters, or interact with consumer-borne tags. (Not all of the applications will be security-driven, and some may derive from direct consumer interest: there is a trial now occurring in Seattle, for example, where blind shoppers carry tags to allow them to be recognized and advertised to by the stores they pass.)  The readers will be more common than they are today, cheaper than they are today, and, as Moore’s Law marches on, more capable than they are today.

Those readers will all be networked, if only because everything will be networked.  There has been a rush to move virtually all communications to the Net, including, through voice-over-Internet protocol (VoIP), large chunks of the phone system.  Organizations are ensuring that all of their people, devices and systems can communicate across common intranets; interorganizational communication is readily enabled across the Internet, through virtual private networks.

The last necessary step will be the creation of incentives for information sharing.  And it likely won’t take a great deal of incentive to unleash a flood: with the cost of readers and infrastructure already covered for their primary purposes, the only real costs are in imagination and a modicum of management.

Not all parties will see a need to share information with everyone else—it seems unlikely, say, that Wal-Mart would provide consumer demographic information to other retailers.  But many other parties probably will see benefits in swapping information, either for other information, or for cash.  Companies like IRI, which gained prominence mining point-of-sale records for clues to consumer buying habits, should revel in the availability of orders of magnitude more information, more readily collected, aggregated, distilled and shared.

There are serious potential consequences for personal privacy in a future, RFID-pervasive world.  But as with some of the negative consequences of the Internet itself (e.g., the glut of porn, spam, and illicit file sharing), it’s not entirely fair to ask the architects to imagine all of the downside.  All of us have a window of opportunity to ensure that some protections go into the architecture, and to hammer out appropriate policies and practices to address what technology cannot.

With 20/20 hindsight, we probably ought to have built more hooks for the establishment and authentication of identity on the Internet—we’re now stuck trying to retrofit the Net with the means to rebuff spammers, and detect phishing attempts.  And perhaps now is the time to figure out how to build in more privacy protections in the future “Internet of Things,” and to anticipate what will become possible once the infrastructure is too pervasive and critical to live without.

TIFY: inter-ideograph; MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: justify">