Retailers in conjunction with the now-defunct Auto-ID Center, to allay fears of shoppers, have framed guidelines that clearly label all RFID-carrying products at the checkout counter. Chips with "kill switches" are being developed by Philips Semiconductor and Alien Technology. In this way, the customers have the option to disable RFID systems as they leave the store. This is needed as RFID moves from warehouse to retail. The approach is described in detail below.

The "kill tag" approach

The most straightforward approach for the protection of consumer privacy is to "kill" RFID tags before they are placed in the hands of consumers. A killed tag is truly dead, and can never be re-activated.

The standard mode of operation proposed by the Auto-ID Center is indeed for tags to be killed upon purchase of the tagged product. When this design is incorporated, a tag can be "killed" by sending a special "kill" command (including a short 8-bit password).

For example, a supermarket might use RFID tags to facilitate inventory management and monitoring of shelf stocks. To protect consumer privacy, checkout clerks would "kill" the tags of purchased goods; no purchased goods would contain active RFID tags.

From the privacy advocates' perspective the "kill" approach is inadequate. According to them, there are many situations and many environments in which simple measures like "kill" commands are unworkable or undesirable for privacy enforcement, as there are many times when the customer him/herself would not want to "kill" for specific products. Below is a case presented against "killing" tags at point of sale.

A case against "killing" active tags

Consumers may wish RFID tags to remain operative while in their post purchase session. Certain examples include a home use set e.g., a microwave oven that reads cooking instructions from food packages which rely on actively operational tags. What is now known as "smarter homes" can become reality once "smart appliances" that can use the EPC™ would start interacting with each other when they are connected to the Internet. This interaction would be possible by RFID which will monitor the products inside them and thus help alert the customer if any discrepancy arises.

Similarly, new and smart consumer-specific applications for RFID tags are already beginning to emerge. For example, a Prada store in New York City tracks the RFID tags of items held by customers in order to display related accessories on nearby screens.

Other examples of RFID tag applications for ordinary consumers include effortless physical access control, theft-protection of belongings and wireless cash cards.

• Individuals may wish to have RFID tags embedded in their business cards, to facilitate scanning by recipients. Here the tag ID may be used to create a URL referring to the actual card data. Also, a store may wish to embed RFID tags in store-issued coupons, for ease of scanning at the checkout counter. A user may wish to scan his possessions when a recall for a specific set of products is issued. Collectibles such as baseball cards or CDs may have RFID tags, to enable owners to manage their inventory better.
• An airline ticket may contain an embedded RFID tag to allow simpler tracking of passengers within an airport.
• Businesses may include RFID tags on the invoices, coupons and return envelopes they mail to consumers, for ease of sorting upon return.

Such functions promise to result in many more uses unimagined or unimaginable today in which active tags will be valuable to consumers or businesses.

Pros and cons:

Thus, while the "kill tag"' on purchase approach may handle many or even most instances of potential concern for privacy, it is unlikely to be a fully satisfactory solution because of many issues as mentioned above or in general, lethargy of the consumer to "kill" the tag. It thus seems imperative to explore alternative approaches.

The Faraday Cage approach

An RFID tag may be shielded from scrutiny using what is known as a Faraday Cage, a container made of metal mesh or foil that is impenetrable by radio signals (of certain frequencies).

If high-value currency notes do indeed come supplied with active RFID tags, then it is likely that foil-lined wallets will become big sellers.

However, a vast range of objects using RFID tags cannot be placed conveniently in containers, such as clothing, wrist-watches, and cell phones.

Pros and Cons:

Faraday Cages thus represent at best a very partial solution to consumer privacy. Petty thieves are known to use foil-lined bags in retail shops to circumvent shoplifting-detection mechanisms.

The active jamming approach

Active jamming of RF signals is another related physical means of shielding tags from view. The consumer could carry a device that actively broadcasts radio signals so as to block and/or disrupt the operation of any nearby RFID readers.

Pros and Cons:

This approach may be illegal. It could cause severe disruption of all nearby RFID systems, even those in legitimate applications where privacy is not a concern. The approach is akin to jamming, but is much more subtle in its operation, interacting cleverly with the RFID singulation protocol to disrupt only certain operations.

The smart RFID tag approach

Another general approach is to make the RFID tags smarter, so that they interact in a way that protects privacy better, while providing the desired active functionality, would typically involve the use of cryptographic methods.

In a smart RFID approach, consumers can selectively block readers from reading any chip on the consumer's person. Such blocker chips can be built cheaply. They only need to interfere with the "singulation" protocol that readers use to address each RFID chip individually in turn.

Pros and Cons:

This selective blocking approach is compatible with the method of protecting reader transmissions from eavesdroppers.

By giving consumers the ability to block unwanted readers from reading their RFID tags, as well as allowing consumers to "kill" their RFID tags, one may be able to provide consumers with sufficient control over how their RFID tags are used to allow implementation of acceptable privacy policies.

Selective disclosure of information

RFID sponsors and manufacturers must look into technological solutions that protect consumer personal identity while enabling consumers to provide accurate information to retailers with which the consumer is interacting. RFID sponsors can take cue from "The Platform for Privacy Preferences Project" (P3P) applications which help consumers control the type of information they provide to Websites. P3P allows Websites to offer explicit agreements based on specific privacy disclosures. Along similar lines, RFID users can be given power to selectively give information depending on agreements with the retailer.

Pros and Cons:

The complexity involved in providing customized RFID to each customer may be a logistical nightmare. Technologically also, it may take time to develop such applications incorporating selective dissemination of information.