CASPIAN NEWSLETTER, 11/27/04: CA STORE VICTORY; WHAT'S WITH VERICHIP?
=====================================================================
Consumer privacy and RFID newsletter
Edited by Sunni Maravillosa and Katherine Albrecht
We hope you are enjoying a long, relaxing weekend with family and
friends. All of us at CASPIAN are thankful for your interest in consumer
privacy, and appreciate your activism and educational efforts!
NEWS:
1- California grocer drops loyalty card program
2- VeriChip company announces privacy plan
3- Police to peruse your prescriptions?
4- Printer privacy problems expand
5- Petco customer data compromised
6- U.S. RFID passport standards under fire
CASPIAN ACTIVISTS UPDATE
1- CASPIAN files Freedom of Information Request for VeriChip details
2- CASPIAN in the news
3- CASPIAN members sound off
TOOLS YOU CAN USE:
1- Information on Wal-Mart to share for Christmas shopping season
2- Quick hit: don't give gift cards, give cash
=====================================================================
CALIFORNIA GROCER DROPS LOYALTY CARD PROGRAM
=====================================================================
The emperor has no clothes when it comes to frequent shopper cards. The
programs cost a fortune to implement, are a pain to manage, and are
despised by two thirds of shoppers. Despite this, it takes a brave
retailer to break ranks with the industry leeches who whisper in their
ears how "popular" and "necessary" loyaty programs are. We
offer kudos to PW Supermarkets of the San Francisco/Silicon Valley area
for listening to their customers and dropping the card.
A company spokeswoman explained the decision, saying, "Customers kept
saying, 'We don't want the card. [So] we decided to lose the card, but
keep the savings." Not surprisingly, privacy was a major consideration.
"Customers didn't want to share the information," she said. "Some people
refused to shop with us because they were
afraid Uncle Sam was watching."
If you live in San Jose or Cupertino, reward PW with your shopping
dollars -- and tell them why! For locations, click here:
http://www.pwmarkets.com/locations.htm
To drop them a note of thanks, write to: cerb@pwmarkets.com
Source: CRM Buyer
http://www.crmbuyer.com/story/Grocery-Chain-Discards-Discount-
Cards-38364.html (paste to above line to restore link)
Or: http://tinyurl.com/5amd4
=====================================================================
VERICHIP COMPANY ANNOUNCES PRIVACY PLAN
=====================================================================
VeriChip promoters unveiled a six-point privacy statement earlier this
week that, frankly, has us scratching our heads. Here's one of the
points:
VeriChip should be voluntary and voluntary only. No person, no
employer, no government should force anyone to get "chipped."
Sounds good -- but wait, what about the government employees in Mexico
who were implanted with VeriChips to access their secure data center?
We're pretty sure nobody tied them down and "forced" chips into them,
but what would have happened if they had said no? Is taking a chip to
keep your job really "voluntary?" As for government mandates, this is a
company that envisions a market of "billions," i.e., they want to chip
nearly everyone on earth. How will they accomplish that without
government complicity?
Here's another one:
We pledge to thoughtfully, openly and considerately engage
government, privacy groups, the industry and consumers to assure
that the adoption of VeriChip and RFID technology is through
education and unity rather than isolation and division.
Hmm, if they're so anxious to engage us, why have they not returned our
phone calls?
Source: Yahoo! News, 11/22/04
http://biz.yahoo.com/bw/041122/225384_1.html
=====================================================================
POLICE TO PERUSE YOUR PRESCRIPTIONS?
=====================================================================
As if planning to affix RFID tags to medication bottles wasn't bad
enough, the government now wants to share personal prescription records
for anxiety, depression, insomnia, and pain with law enforcement. A bill
before Congress, The National All Schedules Prescription Electronic
Reporting Act (H.R. 3015), has been passed by the House and is being
considered by the Senate.
"While masquerading as a law enforcement tool to help control
the illegal use of painkillers, the national bill would...create
a central database affecting tens of millions who are not even
suspected of a crime. And the information will be shared with
state and local law enforcement."
The American Association of Physicians and Surgeons (AAPS) is leading
the charge against the plan. If you are concerned, urge your senator to
vote "no" (use the easy link below) and print out the AAPS' doctor info
page to share with your physician.
Source: American Association of Physicians and Surgeons
http://www.aapsonline.org/alerts/nasparalert.htm
Click here to send a letter to your senator:
http://www.healthactioncenter.com/action/index.asp?step=2&item=22502
=====================================================================
PRINTER PRIVACY PROBLEMS EXPAND
=====================================================================
We learned last week that Lexmark printers spy on their owners by
phoning home printer usage details to the company. Now it turns out that
Lexmark isn't the only printer company finking on its customers; several
brands of laser printers have been secretly encoding the printers'
serial numbers on printouts. A series of tiny dots function as a
"license plate" that can be used to track printouts to the machine that
made them. If you filled out a warranty card (something you should NEVER
do!), the company can look up your printer's unique "signature" and
share your identity with government investigators.
If you buy a printer, don't register it, and consider more anonymous
means of getting one. eBay, local small computer stores, especially ones
that refurbish used equipment, and similar private sales make it less
likely your printed pages will rat on you.
Source: PC World via Yahoo News
http://story.news.yahoo.com/news?tmpl=story&cid=1093&e=4&u=/pcworld/
20041122/tc_pcworld/118664 (paste to above line to restore link)
or: http://tinyurl.com/6kswg
=====================================================================
PETCO CUSTOMER DATA COMPROMISED
=====================================================================
It's business as usual in the world of corporate data mismanagement.
Petco, the billion dollar retail giant that helped put many local pet
stores out of business, is in trouble for shoddy data security practices
that exposed customer data to hackers. This is ironic considering the
company's March 2000 boast about its (detestable) PALS loyalty card
program:
"'By scanning customers' membership cards at the POS, we
collect data that flows into our host system,' said IT
director Andrew Ross. 'Using database tools, we can analyze
the buying trends of an individual consumer... In addition to
gathering valuable data, PETCO is careful to secure this
information.'"
The bottom line: Data protection promises have become all but
meaningless. If you don't want your data compromised, don't provide it
to retailers! Pay cash, say "no" when asked for data, and boycott stores
with loyalty programs.
Source: Information Week (current story)
http://www.informationweek.com/story/showArticle.jhtml
?articleID=53700517 (paste to above line to restore link)
DM Bulletin (Petco's March 2000 boast appears here)
http://www.integratedsolutionsmag.com/Articles/2000_03/000301.htm
=====================================================================
U.S. RFID PASSPORT STANDARDS CRITICIZED
=====================================================================
Plans to put RFID chips in passports in 2005 have been roundly
criticized for both privacy and security reasons. Noted cybersecurity
guru Bruce Schneier clearly outlines the problems here:
http://www.schneier.com/blog/archives/2004/10/rfid_passports.html
Now the mainstream press appears to have figured it out, too, with a
recent AP article reporting that "even an executive at one of the
companies developing a prototype for the State Department calls the
international standards woefully inadequate."
In matters like this, it's no fun being right.
Source: Yahoo! News
http://story.news.yahoo.com/news?tmpl=story&cid=528&e=4&u=/ap/
20041122/ap_on_hi_te/electronic_passports (paste to above line
to restore link)
Or: http://tinyurl.com/3rrn6
=====================================================================
CASPIAN ACTIVISTS UPDATE
=====================================================================
1. CASPIAN files Freedom of Information Request for VeriChip details
What are the health risks of the VeriChip implant? What testing was done
prior to FDA approval of the device last month? Will the device shift in
a patient's body or cause burns during an MRI test? Since Applied
Digital Solutions and Digital Angel aren't telling, CASPIAN director
Katherine Albrecht has filed a Freedom of Information Act request with
the FDA to find out. According to law, the government has 20 days to
respond to the request. We'll let you know what we discover.
For more on VeriChip health issues first reported by CASPIAN:
http://www.spychips.com/reports/verichip-fda.html
2. CASPIAN IN THE NEWS
CASPIAN was showcased last week in a five-page Supermarket News feature
on RFID titled "The Privacy Hurdle." The article carried this tagline:
"Like loyalty cards, RFID tags raise questions about consumer privacy,
once again putting retailers on the spot." Featured were the Metro
"Future Store" privacy flap (where we discovered that the store had
hidden RFID tags in its frequent shopper cards), along with the privacy
gaffes of Gillette, Wal-Mart and Procter & Gamble. Some great photos of
Katherine and the German RFID protest. (It's not archived online, but
we'll try to scan the highlights. If you're an SN subscriber, see the
Nov 15 edition, page 67.)
Katherine also commented this week on Zebra's new "SurgiChip" RFID
sticker designed to be affixed to patients before surgery, as follows:
"Most medical errors are due to a lack of personal attention to the real
needs of patients, not patient misidentification," [Albrecht] said.
"RFID tags are inventory control devices, and treating patients like
inventory will merely increase the divide between patient and caregiver,
depersonalizing the relationship still further. The money would be
better spent on other preventable problems."
Chicago Sun Times 11/23/04
See: http://www.suntimes.com/output/business/cst-fin-zebra23.html
3. CASPIAN MEMBERS SOUND OFF
We've received some terrific letters in response to our request to be
cc'ed on letters to the Spring Independent School administrators in
Houston, Texas regarding their plan to chip students. Here's a sample:
"I can't believe the news I just read that Spring ISD plans to brand
children like cattle with RFID devices. Aren't criminals in prison
treated better? Please stop wasting community and state money on horrors
like this. .... Perhaps you have lost the ability to see the children as
the PEOPLE they are?" -- anonymous
"I strongly oppose your school district's decision to tag
schoolchiildren with RFID tags/chips. This is would move our society
further toward a totalitarian police state. The illusion of security for
children through RFID chips will not make them more secure, in reality,
but only dehumanize them. Only loving and caring human
relations which nurture responsibility between people will bring true
security and peace of mind to parents and supervisors." -- Richard,
currently in Tokyo
We received this letter on spying Lexmark printers from Alan:
"In your latest newsletter I received I found interesting how Lexmark
flat out lied about the hidden file when you install their printer. This
hidden file installs even if you do not participate in their 'program.'
I found a post at a google message board posted by zcrayfish -at-
clis.com that states otherwise. This person even
called Lexmark and they tried to lie about it until they were backed
into a corner so to speak. The hidden folder is titled: Lx_CATS."
Alan tells us the Google post describes how to safely eliminate the
spying files.
=====================================================================
ACTIVISM TOOLS YOU CAN USE
=====================================================================
1. Whether you are a Wal-Mart shopper (*tsk, tsk*) or a Wal-Mart
boycotter, you should check out these reports on the giant megastore. We
found them just the thing to strengthen our anti-Wal-Mart resolve as we
enter the season of heavy shopping. The only thing missing is an expose
of Wal-Mart's role in furthering the surveillance society through
RFID.
NPR Audio: Wal-Mart's Social and Economic Impact
Four-Part Series Examines Influence of Largest U.S. Employer
http://www.npr.org/news/specials/walmart/
PBS Video: Is Wal-Mart Good for America?
90-minute Frontline video
http://www.pbs.org/wgbh/pages/frontline/shows/walmart/view/
2. Yesterday was "Black Friday" for retailers across the country -- the
day after Thanksgiving, the biggest shopping day of the year. (It's
called "black" from the phrase "in the black" meaning turning a profit.)
As you start your holiday shopping, if you make gift cards a regular
part of your gift-giving routine, please reconsider. Here are some quick
reasons why cash is a better gift for privacy-minded consumers:
- Cash is anonymous and it's accepted everywhere
- Gift cards, like loyalty and credit cards, reveal consumer
information
- Gift cards not only link individuals and purchases, but can be
used to link individuals to each other
- Since most gift cards may only be redeemed at certain stores, they
force a shopping choice on the recipient. (Is it fair for you to
impose your shopping tastes on others?)
- Many gift cards/certificates never get redeemed -- meaning
extra-easy profit for the company, but no enjoyment for your
recipient
- Many retailers reduce the value of unredeemed gift cards after a
certain period of time and pocket the difference. (Then they
laugh all the way to the bank.)
- People get change back from cash purchases that they can spend
elsewhere. In contrast, gift cards tie up the change as a
balance on the card, forcing additional purchases.
Cash is today's only truly untraceable payment option. Giving cash
encourages its use by others (especially young people), while giving
numbered plastic cards gets them used to traceable payment instruments.
That's a bad precedent for us to set.
Cash: use it or lose it.
=====================================================================
CASPIAN: Consumers Against Supermarket Privacy Invasion and Numbering
Opposing supermarket "loyalty" cards and other retail surveillance
schemes since 1999
http://www.spychips.com/
http://www.nocards.org/
You're welcome to duplicate and distribute this message to others who
may find it of interest.