CASPIAN NEWSLETTER, 1/21/05
Consumer privacy and RFID newsletter
Edited by Sunni Maravillosa and Katherine Albrecht
1- TESCO announces massive RFID rollout
2- Wal-Mart misses RFID mandate, downplays problems
3- Wal-Mart sets up propaganda site, spends fortune on advertising
4- Your calls are monitored, even on hold
5- Albertsons to spend customer dollars on spying tech
6- MedicAlert develops new way to store medical records
7- Thailand authorities chip tsunami victims
8- Cell phone company's database hacked for a year or more
9- IBM buys spookware company
10- Customer spyware pushers resort to desperate tactics
11- More outrageous CRM gems
CASPIAN ACTIVISTS UPDATE
1- CASPIAN in the news
2- CASPIAN members sound off
3- Volunteer Corner
TESCO ANNOUNCES MASSIVE RFID ROLLOUT
Tesco is the world's third largest retailer, with stores across Europe
and Asia. In the single largest purchase of RFID infrastructure to date,
the chain has announced plans to install 16,000 RFID antennae and 4,000
readers across its UK retail stores and distribution centers. But the
real kicker for consumers is the company's plan to expand item-level
tagging of consumer products. This not only violates privacy experts'
call for a moratorium on item-level tagging, but means more Tesco
shoppers could soon be taking spychips home with them.
Among the hollow promises offered for the move are lower prices and
better customer services. Tell us, TESCO: how does spending millions on
an over-hyped, under-performing technology that your customers don't
want provide either of those things?
We predict that our sizable UK membership will not let TESCO's move go
Source: Computer Weekly, 1/12/05
WAL-MART MISSES RFID TARGET DATE, DOWNPLAYS PROBLEMS
Well, well: January 1, 2005 came and went, and Wal-Mart's mandate for
its top 100 suppliers to ship their goods with RFID tags wasn't just
missed, but missed spectacularly. Wal-Mart is working overtime to
downplay the problems with RFID implementation, but several news
articles provide interesting details, including these facts:
- the technology only has a 60% success rate for Wal-Mart
- many suppliers are dragging their feet on complying with
Does Wal-Mart confess that its suppliers don't like RFID? Does it reveal
that customers don't want tags on their razors and shampoo? Nope. The
most recent word from Wal-Mart is that they've declared RFID "a success"
and announced plans to expand their chipping to 600 stores and a dozen
distribution centers by this fall. They apparently define success the
way the old USSR did.
Sources: NY Times, 12/27/04
Information Week, 12/21/04
Slashdot, 12/27/04 (lots of information buried in comments)
Detroit Free Press, 1/18/05
WAL-MART SETS UP PROPAGANDA SITE, SPENDS FORTUNE ON ADVERTISING
Wal-Mart is truly an amazing company. Who else could chronically
antagonize their suppliers, employees, and customers -- and still get
good press? Money talks, so when Wal-Mart spent a fortune on full-page
ads in over 100 papers around the country last week, it got the media's
attention, garnering major pro-Wal-Mart stories in USA Today, MSNBC, and
In an effort to stem the bleeding from wounds inflicted on it from all
sides, Wal-Mart put up a new web site designed to address its critics.
We checked it out, and for something that's supposed to be "unfiltered,"
there's remarkably little information in the single paragraph that
addresses RFID technology. Maybe they're still working on answering us.
USA Today, 1/12/05
YOUR CALLS ARE MONITORED, EVEN WHILE ON HOLD
"This phone call may be monitored for quality assurance." You hear it
nearly every time you call a large company. But we bet you didn't know
that everything you say while you're on hold may also be listened to and
recorded. That's right -- even through the Muzak, a customer service rep
could be listening to you while you talk with your spouse, roommate, or
child. Ugh. In addition, your sensitive information (passwords, Social
Security Numbers, account information, plus whatever gets said while
you're on hold) could be going to outside companies hired by the company
you thought you were calling.
We wonder just exactly how eavesdropping on customers helps with
"quality assurance," unless they're referring to the quality of the
customer dossier they're keeping on you. The lesson from this disturbing
revelation? Never, *never* assume that your call isn't being monitored.
Source: New York Times, 1/11/05
(registration required; or use http://www.bugmenot.com/)
This story is also available from CNET:
ALBERTSONS TO SPEND CUSTOMER DOLLARS ON SPYING TECH
Albertsons CEO Larry Johnston just doesn't get it. This is the man who a
few years back had his company invest in GPS tracking devices for
shopping carts to better monitor customers -- as if the company's nasty
"loyalty" card wasn't bad enough. His latest brainstorm involves
spending millions on high-tech systems to better track shoppers in real
time and get them to do the cashiers' work, to boot. Here's the scheme:
"If all goes as planned, in 18 months shoppers in all 2,500
stores will use handheld scanners ... connected to a company
database and a global-positioning-satellite system. The
devices will read product labels and keep a running tab; they
can direct customers to the shortest path to their groceries
and alert them to special offers based on past purchases ....
At the exit, the scanner charges the total to a credit card.
No checkout line. No waiting."
Yeah, and no privacy, either. Did you catch the part about monitoring
your location and keeping tabs on your past purchases?
If you're still shopping at Albertsons (and you have our sympathy if you
do, plus our encouragement to join our boycott), your money is funding
this lunacy. Albertsons stock has done poorly since right around about
the time they introduced the hated "Preferred Customer" card, which
sparked CASPIAN-led protests and a boycott. Spending customer dollars on
more tracking isn't going perk up the growth charts, Mr. Johnston.
Source: Business Week, 1/25/05
MEDICALERT DEVELOPS NEW WAY TO STORE MEDICAL RECORDS
MedicAlert, the nonprofit organization supplying bracelets since 1956,
has a new way to get emergency medical information to health care
practitioners. The company's new Personal HealthKey stores medical
records on a SanDisk USB flash drive. This platform is nearly universal
-- almost all computers have USB ports -- and it can be a secure way to
exchange information. It's certainly better than implantable RFID
technology, and it's telling that MedicAlert chose to go with the older,
more privacy-respecting alternative.
However, while we're glad to see MedicAlert avoiding the pitfalls of the
RFID microchip implant, we're concerned about consolidating so much
information in one place. As we've seen so many times before,
concentrated data becomes an irresistible target for data mining by
corporations and government alike. What's now a voluntary choice could
someday become a mandated necessity for anyone to receive health care.
MedicAlert, good as its intentions are, may be playing with fire here.
Source: c|net news, 1/5/05
THAILAND AUTHORITIES CHIP TSUNAMI VICTIMS
Thailand is one of the countries already foisting a national ID on its
citizens, so it came as no surprise to us at CASPIAN that its
authorities turned to microchipping the unidentified victims of the
tsunami. Supposedly that will be a big boost for RFID implantation, but
all we can think is, "It's pretty bad that the only people they can get
to take the chips without an argument are dead."
Source: The Nation, 12/31/04
CELL-PHONE COMPANY'S DATABASE HACKED FOR A YEAR OR MORE
Cell-phone giant T-Mobile has been thoroughly embarrassed by the
disclosure that a hacker enjoyed access to the company's entire database
on its 16 million customers for "at least a year." Apparently, the
hacker could access Social Security numbers, voicemail PINs, passwords
-- everything but credit card numbers.
T-Mobile knew about the problem as far back as July of last year, but
still has not released any public comment on this huge privacy breach.
It's unforgivable when companies try to pretend there's nothing going on
after a problem of this magnitude is discovered. Repeat after us:
"Companies can't be trusted to keep our personal information secure."
Source: Security Focus, 1/11/05
IBM BUYS SPOOKWARE COMPANY
Most of us knew IBM as a computer hardware company. But now that they've
sold their manufacturing business to a Chinese company, IBM is moving
into sinister territory: consumer espionage. Case in point: IBM just
acquired a company called "Systems Research and Development" (SRD),
which sounds rather boring until you find out what they do.
SRD specializes in "identity management products" and "customer
relationship management" (CRM). Their flagship product, NORA, which
stands for Non-Obvious Relationship Awareness, essentially combs through
databases, looking for subtle bits of information about people and their
relationships. So, for example, if you're linked to someone who's
flagged as a shopper with "excessive returns," you may not be offered
special deals that others without such a link would get.
Welcome to the new discrimination. Based on associations, IBM will help
companies reward the "right" (read "compliant") customers and try to
distance themselves from the "wrong" ones -- people like us who rock the
boat, for example. It's disturbing to see a once-respected company like
IBM sinking into this kind of mire.
Source: The Register, 1/7/05
CUSTOMER SPYWARE PUSHERS RESORT TO DESPERATE TACTICS
The Customer Relationship Management (CRM) industry earns billions every
year peddling customer spyware to retailers. So what's a CRM pusher to
do when ethical executives say "no" to tracking customers and
trafficking in their data?
They insult them! Here's how a recent newsletter, signed by Gwynne
Young, Managing Editor of CRMguru.com, portrayed executives who resist
the pressure to invest in CRM industry products:
"Resistance Is Futile. There's always one in the crowd:
It's the guy who kept wearing bell-bottoms until they came
back in fashion a decade later or the gal who refuses to
get a cell phone. But when it comes to business, the person
who resists change can bring everything to a halt."
Scandalous words, but the fact that Ms. Young has to resort to this kind
of rhetoric is actually good news. Her comments reveal that there are a
lot of executives out there bucking the CRM trend -- and it's not
surprising. Not only is CRM invasive and offensive to customers, which
can seriously damage a company's reputation, but its exorbitant costs
can damage their bottom line, too.
Let's hope the bell-bottom wearers keep up the good work and tell the
CRM industry to get lost. This "resistance is futile" message is simply
wrong -- CASPIAN is living proof.
Quotation from a CRMGuru.com newsletter, sent on 1/13/05
MORE OUTRAGEOUS CRM GEMS
Still wondering why we're so thoroughly repulsed by the CRM industry?
Here's another sample pulled from a random CRMGuru article to help put
the industry in focus:
"This is the real reason you invest in CRM: You want to milk
your best customers for all the money they can spend with
your category. Every trick is allowed, even data-mining your
customer base to predict the next best product and then
matter-of-factly dropping it as a recommendation in a customer
Gross, huh? Or how about this gem from the same piece:
"CRM strategy and tools can help you remember who your
customer is (data) and remind your customer who you are
(communications) in a virtuous circle where you can make
your customer say, 'Now, they really know me!'"
Yo, guys! Haven't you figured it out yet? We don't want you to know us!
Source: CRMguru.com 11/10/04
A few updates on the newsletter: We are moving from a sporadic
publication schedule to a more structured, twice-a-month publication
schedule. And, starting with this issue, look for it online too! To find
CASPIAN newsletters online, go to
http://www.nocards.org/news/index.shtml (please note that this feature
will become available around 1/24/05.)
We've begun featuring news about CASPIAN staff and members, and we'd
love to feature your consumer privacy comments, web site, or activism.
Email Sunni with details: sunni -at- nocards -dot- org. Comments may be
edited for brevity and/or clarity; please specify if you wish to be
anonymous. CASPIAN is growing by leaps and bounds, and we're proud to
share our successes with other members, to help inspire and motivate us
all. Thanks for all you do!
CASPIAN STAFF AND MEMBER NEWS
Liz McIntyre and Katherine Albrecht recently published an article for
state lawmakers titled "RFID: The Big Brother Bar Code" in the Winter
2004 edition of American Legislative Exchange Council's (ALEC) policy
Here's some info on ALEC from their web site: "With more than 2,400
members, ALEC is the nation's largest bipartisan, individual membership
association of state legislators. One-third of all state legislators
belong to ALEC."
If you'd like to read it, we've posted the article on our Spychips web
site. Find it at:
Sunni Maravillosa has announced a new book project focusing on how and
why privacy erosion is troublesome, and offering ways to reclaim your
lost privacy. An estimated publication date has not been established.
Tom Servo publishes "warzine," a blog focusing on resistance to privacy
invasions. Very interesting stuff:
CASPIAN has seen an impressive growth in membership and newsletter
subscribers. Here's a rundown of some locations our new privacy-minded
colleagues hail from:
INTERNATIONAL: Canada, France, Germany, India, Nigeria, and the UK.
U.S.: Arizona, California, Colorado, Florida, Illinois, Nebraska, Ohio,
Tennessee, Texas, and Virginia.
We welcome each of you!
CASPIAN IN THE NEWS
A few recent highlights:
A feature in the January issue of Popular Mechanics called "Who's Spying
on You?" brought us many new members (hi, folks, and welcome aboard!);
we got a mention in Scotland; and Katherine was quoted in a Washington
Times article on Wal-Mart's missed RFID chip mandate.
Washington Times, 12/29/04:
CASPIAN MEMBERS SOUND OFF
"Where have our rights gone, and who is going to take a stand in
discouraging these companies from intentionally invading our common
privacy?" - Mary, Ohio
"I was just reading about Gap's secret photographing of their
unsuspecting customers as they entered the store and was completely
outraged and alarmed! As a Gap shopper I find this blatant invasion of
privacy beyond intrusive." - Michele, Canada
"Security culture and subsequently the implementation of tech such as
RFID relies on a certain amount of secrecy .... we must break through
that and illustrate the dangers of a total surveillant society." -
"It's not just about what type of coffee you buy and how often do you
buy it. .... It's the privacy being passively 'yanked' from an
individual for the 'good' of the general public." - Anonymous, U.S.
"I fear that too many consumers will wake up to the facts of our
vanishing privacy too late. Your information reminds me that I'm not
paranoid or crazy." - Anonymous, Wisconsin
For all of you itching for something to do on privacy issues, here are
1. TELL GILLETTE you don't like spy chips in your razors and other
products. Our "Boycott Gillette" site describes the company's actions,
and provides a "sound off" page with contact information. Be sure to BCC
us, so that we may quote you in a future newsletter:
2. TEXANS are feeling the brunt of Wal-Mart's RFID push, at both
Wal-Mart distribution centers and Sam's Club stores. Keep up the
pressure, both in Texas and around the country, by voicing your
opposition to their ongoing RFID dictates.
Write: Wal-Mart Stores, Inc., Bentonville, Arkansas 72716-8611
Call: 1-800-WAL-MART (Remember, your phone number is visible when you
dial an 800 number.)
For privacy, call: 479-273-4000
3. WORRIED about the TESCO rollout? Voice your displeasure to TESCO
directly. Please send a copy to email@example.com in the bcc: line of
Tel: +44 (0) 800 505555
CASPIAN: Consumers Against Supermarket Privacy Invasion and Numbering.
Opposing supermarket "loyalty" cards and other retail surveillance
schemes since 1999
You're welcome to duplicate and distribute this message to others who
may find it of interest.