RFID study

Currently, there is a lack of research documenting how laypeople understand how RFID functions and its risk. Makela et. al. (http://portal.acm.org/ft_gateway.cfm?id=1240774&type=pdf) performed an exploration using an RF-enabled cell phone prototype to determine if everyday users could decipher how to use a cell phone reader to extract information from tags embedded in paper posters. They found that users appeared to lack mental models of how RFID worked, and thus struggled with the simple task of using the reader to activate the tag.

As the usage of RFID in consumer products increases every year, RFID will move from being an industrial supply chain technology to becoming ubiquitous, something that most people will encounter in some form every day. While many RFID applications will involve little personal risk to users, others will pose some degree of risk because they increase the user's exposure to privacy or security threats such as location tracking, identity theft, and others. Some of these risks will derive from a lack of proper application security, and others will generate from the amount of information output by RFID tags and readers that will later aggregated and used by other parties. In a world where RFID is ubiquitous, it is important that individual users have a basic understanding how RFID works, the risks it poses, and how to either minimize those risks or opt out of these systems entirely, if desired. With this knowledge, individuals will retain the agency to make personal choices as to how much risk they wish they are willing to accept in trade for the benefits they believe RFID-enabled products provide them. (cite articles about tech & public education, and risk assessment & personal decision-making)

In order to investigate current popular understandings of RFID and its risks, we propose examining a real-world application of RFID currently in the hands of many American citizens: the e-Passport. The e-Passport was first released to the public in early 2007, and due to the requirements of Western Hemisphere Travel Initiative, a record number of US citizens have applied for passports in the past year. We intend to recruit a diverse set of e-Passport holders and assess the their general understanding of and attitudes about RFID, and evaluate their understanding of the intent and use of the e-Passport and its risks. Our goal is to contribute to general research about user understandings of RFID and its risks, as well as present design implications for future RFID projects that focus on user identification or contain personally identifiable information that is subject to privacy and security risks.