The man with the RFID arm

Should data-packed chips be implanted in people? One man with a VeriChip says being tagged is no big deal. Photo: Armed with RFID Full coverage from RSA

Michael Kanellos Staff Writer, CNET News.com
Michael Kanellos is editor at large at CNET News.com, where he covers hardware, research and development, start-ups and the tech industry overseas.
Michael Kanellos
3 min read
To many, implanting radio frequency ID chips into humans is the face of impending Orwellianism. But to be honest, it looks like a mosquito bite.

Joseph Krull, an executive at Flanders, N.J.-based Virtual Corp., had a doctor stick an RFID tag from VeriChip under his skin on Jan. 10. The residual blemish amounts to a small red dot.

"It felt like a bee sting," he said during a meeting at the RSA Security Conference in San Francisco. "They use a syringe and a local anesthetic."

Under-the-skin RFID tags have emerged as one of the most controversial technologies of the past few years. Privacy advocates have asserted that private information from the radio tags could be intercepted by corporations and identity thieves. Fears that governments could exploit the chips for tagging a person's whereabouts have alarmed libertarians and those with strong religious beliefs.

On the other hand, tagging prisoners in some institutions has cut down on inmate violence. Some fears about RFID, moreover, seem a little farfetched. Privacy advocates have asserted that RFID would let the government know what books you checked out of the library, ignoring that your library card already records that information.

Krull, for his part, got the chip for medical purposes. He's allergic to two medicines and has a small metal plate below his left eye that had to be put in following a skiing accident. By sweeping a reader over the chip, a doctor in an emergency could get a 16-digit password, which in turn would let the doctor access a Web site that would give the hospital Krull's name, regular doctor, emergency contact and other information.

It's particularly important that doctors know about the existence of the metal plate. Krull's left eye is permanently dilated, and without that information, a doctor could misdiagnose the situation and, in some situations, start to drill holes in his skull, he said.

Like most, Krull, who has not received payment from VeriChip, admits he was uncomfortable with the concept behind the chips. Friends and fellow security experts also warned him of the potential dangers.

Still, the security risks can be controlled, he said. For one thing, the chip only contains one piece of information--the number that serves as a password on a Web site. The Web site contains only information that the user has agreed to place there, in this case key medical information.

If other information were to become mandatory, "I would be the first to opt out," Krull said.

Reading the chip also requires a reader that, at least by my own tests, works only when about 3 inches or closer to the tag. "I'm not concerned about someone sneaking up to me on the subway," Krull said.

Whether and how this market will develop remains an open question. One potential although ultimately mandatory application could lay in replacing military dog tags with RFID chips, Krull said. The tags fall off all the time. Web sites containing information about tagged military personnel could also be further protected by additional passwords and security precautions to prevent enemies from obtaining information.

Still, isn't he afraid of being tracked, or getting an infection, or getting kidnapped and having his arm hacked off so the police can't trace the kidnappers?

"We heard the same things about cutting off fingers and then using it to log in through biometric systems," he said.