Betreff: CASPIAN NEWSLETTER, 1/21/05
Von: CASPIAN Newsletter
Datum: Fri, 21 Jan 2005 17:57:26 -0500


Consumer privacy and RFID newsletter
Edited by Sunni Maravillosa and Katherine Albrecht

1- TESCO announces massive RFID rollout
2- Wal-Mart misses RFID mandate, downplays problems
3- Wal-Mart sets up propaganda site, spends fortune on advertising
4- Your calls are monitored, even on hold
5- Albertsons to spend customer dollars on spying tech
6- MedicAlert develops new way to store medical records
7- Thailand authorities chip tsunami victims
8- Cell phone company's database hacked for a year or more
9- IBM buys spookware company
10- Customer spyware pushers resort to desperate tactics
11- More outrageous CRM gems

1- CASPIAN in the news
2- CASPIAN members sound off
3- Volunteer Corner


Tesco is the world's third largest retailer, with stores across Europe
and Asia. In the single largest purchase of RFID infrastructure to date,
the chain has announced plans to install 16,000 RFID antennae and 4,000
readers across its UK retail stores and distribution centers. But the
real kicker for consumers is the company's plan to expand item-level
tagging of consumer products. This not only violates privacy experts'
call for a moratorium on item-level tagging, but means more Tesco
shoppers could soon be taking spychips home with them.

Among the hollow promises offered for the move are lower prices and
better customer services. Tell us, TESCO: how does spending millions on
an over-hyped, under-performing technology that your customers don't
want provide either of those things?

We predict that our sizable UK membership will not let TESCO's move go

Source: Computer Weekly, 1/12/05 ===================================================================== WAL-MART MISSES RFID TARGET DATE, DOWNPLAYS PROBLEMS ===================================================================== Well, well: January 1, 2005 came and went, and Wal-Mart's mandate for its top 100 suppliers to ship their goods with RFID tags wasn't just missed, but missed spectacularly. Wal-Mart is working overtime to downplay the problems with RFID implementation, but several news articles provide interesting details, including these facts: - the technology only has a 60% success rate for Wal-Mart - many suppliers are dragging their feet on complying with Wal-Mart mandate Does Wal-Mart confess that its suppliers don't like RFID? Does it reveal that customers don't want tags on their razors and shampoo? Nope. The most recent word from Wal-Mart is that they've declared RFID "a success" and announced plans to expand their chipping to 600 stores and a dozen distribution centers by this fall. They apparently define success the way the old USSR did. Sources: NY Times, 12/27/04 Information Week, 12/21/04 Slashdot, 12/27/04 (lots of information buried in comments) Detroit Free Press, 1/18/05 ===================================================================== WAL-MART SETS UP PROPAGANDA SITE, SPENDS FORTUNE ON ADVERTISING ===================================================================== Wal-Mart is truly an amazing company. Who else could chronically antagonize their suppliers, employees, and customers -- and still get good press? Money talks, so when Wal-Mart spent a fortune on full-page ads in over 100 papers around the country last week, it got the media's attention, garnering major pro-Wal-Mart stories in USA Today, MSNBC, and elsewhere. In an effort to stem the bleeding from wounds inflicted on it from all sides, Wal-Mart put up a new web site designed to address its critics. We checked it out, and for something that's supposed to be "unfiltered," there's remarkably little information in the single paragraph that addresses RFID technology. Maybe they're still working on answering us. Sources: USA Today, 1/12/05 Forbes, 1/13/05 Wal-Mart Facts ===================================================================== YOUR CALLS ARE MONITORED, EVEN WHILE ON HOLD ===================================================================== "This phone call may be monitored for quality assurance." You hear it nearly every time you call a large company. But we bet you didn't know that everything you say while you're on hold may also be listened to and recorded. That's right -- even through the Muzak, a customer service rep could be listening to you while you talk with your spouse, roommate, or child. Ugh. In addition, your sensitive information (passwords, Social Security Numbers, account information, plus whatever gets said while you're on hold) could be going to outside companies hired by the company you thought you were calling. We wonder just exactly how eavesdropping on customers helps with "quality assurance," unless they're referring to the quality of the customer dossier they're keeping on you. The lesson from this disturbing revelation? Never, *never* assume that your call isn't being monitored. Source: New York Times, 1/11/05 (registration required; or use

This story is also available from CNET: ===================================================================== ALBERTSONS TO SPEND CUSTOMER DOLLARS ON SPYING TECH ===================================================================== Albertsons CEO Larry Johnston just doesn't get it. This is the man who a few years back had his company invest in GPS tracking devices for shopping carts to better monitor customers -- as if the company's nasty "loyalty" card wasn't bad enough. His latest brainstorm involves spending millions on high-tech systems to better track shoppers in real time and get them to do the cashiers' work, to boot. Here's the scheme: "If all goes as planned, in 18 months shoppers in all 2,500 stores will use handheld scanners ... connected to a company database and a global-positioning-satellite system. The devices will read product labels and keep a running tab; they can direct customers to the shortest path to their groceries and alert them to special offers based on past purchases .... At the exit, the scanner charges the total to a credit card. No checkout line. No waiting." Yeah, and no privacy, either. Did you catch the part about monitoring your location and keeping tabs on your past purchases? If you're still shopping at Albertsons (and you have our sympathy if you do, plus our encouragement to join our boycott), your money is funding this lunacy. Albertsons stock has done poorly since right around about the time they introduced the hated "Preferred Customer" card, which sparked CASPIAN-led protests and a boycott. Spending customer dollars on more tracking isn't going perk up the growth charts, Mr. Johnston. Source: Business Week, 1/25/05 ===================================================================== MEDICALERT DEVELOPS NEW WAY TO STORE MEDICAL RECORDS ===================================================================== MedicAlert, the nonprofit organization supplying bracelets since 1956, has a new way to get emergency medical information to health care practitioners. The company's new Personal HealthKey stores medical records on a SanDisk USB flash drive. This platform is nearly universal -- almost all computers have USB ports -- and it can be a secure way to exchange information. It's certainly better than implantable RFID technology, and it's telling that MedicAlert chose to go with the older, more privacy-respecting alternative. However, while we're glad to see MedicAlert avoiding the pitfalls of the RFID microchip implant, we're concerned about consolidating so much information in one place. As we've seen so many times before, concentrated data becomes an irresistible target for data mining by corporations and government alike. What's now a voluntary choice could someday become a mandated necessity for anyone to receive health care. MedicAlert, good as its intentions are, may be playing with fire here. Source: c|net news, 1/5/05 ===================================================================== THAILAND AUTHORITIES CHIP TSUNAMI VICTIMS ===================================================================== Thailand is one of the countries already foisting a national ID on its citizens, so it came as no surprise to us at CASPIAN that its authorities turned to microchipping the unidentified victims of the tsunami. Supposedly that will be a big boost for RFID implantation, but all we can think is, "It's pretty bad that the only people they can get to take the chips without an argument are dead." Source: The Nation, 12/31/04 ===================================================================== CELL-PHONE COMPANY'S DATABASE HACKED FOR A YEAR OR MORE ===================================================================== Cell-phone giant T-Mobile has been thoroughly embarrassed by the disclosure that a hacker enjoyed access to the company's entire database on its 16 million customers for "at least a year." Apparently, the hacker could access Social Security numbers, voicemail PINs, passwords -- everything but credit card numbers. T-Mobile knew about the problem as far back as July of last year, but still has not released any public comment on this huge privacy breach. It's unforgivable when companies try to pretend there's nothing going on after a problem of this magnitude is discovered. Repeat after us: "Companies can't be trusted to keep our personal information secure." Source: Security Focus, 1/11/05 ===================================================================== IBM BUYS SPOOKWARE COMPANY ===================================================================== Most of us knew IBM as a computer hardware company. But now that they've sold their manufacturing business to a Chinese company, IBM is moving into sinister territory: consumer espionage. Case in point: IBM just acquired a company called "Systems Research and Development" (SRD), which sounds rather boring until you find out what they do. SRD specializes in "identity management products" and "customer relationship management" (CRM). Their flagship product, NORA, which stands for Non-Obvious Relationship Awareness, essentially combs through databases, looking for subtle bits of information about people and their relationships. So, for example, if you're linked to someone who's flagged as a shopper with "excessive returns," you may not be offered special deals that others without such a link would get. Welcome to the new discrimination. Based on associations, IBM will help companies reward the "right" (read "compliant") customers and try to distance themselves from the "wrong" ones -- people like us who rock the boat, for example. It's disturbing to see a once-respected company like IBM sinking into this kind of mire. Source: The Register, 1/7/05


The Customer Relationship Management (CRM) industry earns billions every
year peddling customer spyware to retailers. So what's a CRM pusher to
do when ethical executives say "no" to tracking customers and
trafficking in their data?

They insult them! Here's how a recent newsletter, signed by Gwynne
Young, Managing Editor of, portrayed executives who resist
the pressure to invest in CRM industry products:

"Resistance Is Futile. There's always one in the crowd:
It's the guy who kept wearing bell-bottoms until they came
back in fashion a decade later or the gal who refuses to
get a cell phone. But when it comes to business, the person
who resists change can bring everything to a halt."

Scandalous words, but the fact that Ms. Young has to resort to this kind
of rhetoric is actually good news. Her comments reveal that there are a
lot of executives out there bucking the CRM trend -- and it's not
surprising. Not only is CRM invasive and offensive to customers, which
can seriously damage a company's reputation, but its exorbitant costs
can damage their bottom line, too.

Let's hope the bell-bottom wearers keep up the good work and tell the
CRM industry to get lost. This "resistance is futile" message is simply
wrong -- CASPIAN is living proof.

Quotation from a newsletter, sent on 1/13/05


Still wondering why we're so thoroughly repulsed by the CRM industry?
Here's another sample pulled from a random CRMGuru article to help put
the industry in focus:

"This is the real reason you invest in CRM: You want to milk
your best customers for all the money they can spend with
your category. Every trick is allowed, even data-mining your
customer base to predict the next best product and then
matter-of-factly dropping it as a recommendation in a customer
service conversation."

Gross, huh? Or how about this gem from the same piece:

"CRM strategy and tools can help you remember who your
customer is (data) and remind your customer who you are
(communications) in a virtuous circle where you can make
your customer say, 'Now, they really know me!'"

Yo, guys! Haven't you figured it out yet? We don't want you to know us!

Source: 11/10/04 ===================================================================== CASPIAN ANNOUNCEMENTS ===================================================================== A few updates on the newsletter: We are moving from a sporadic publication schedule to a more structured, twice-a-month publication schedule. And, starting with this issue, look for it online too! To find CASPIAN newsletters online, go to (please note that this feature
will become available around 1/24/05.)

We've begun featuring news about CASPIAN staff and members, and we'd
love to feature your consumer privacy comments, web site, or activism.
Email Sunni with details: sunni -at- nocards -dot- org. Comments may be
edited for brevity and/or clarity; please specify if you wish to be
anonymous. CASPIAN is growing by leaps and bounds, and we're proud to
share our successes with other members, to help inspire and motivate us
all. Thanks for all you do!


Liz McIntyre and Katherine Albrecht recently published an article for
state lawmakers titled "RFID: The Big Brother Bar Code" in the Winter
2004 edition of American Legislative Exchange Council's (ALEC) policy

Here's some info on ALEC from their web site: "With more than 2,400
members, ALEC is the nation's largest bipartisan, individual membership
association of state legislators. One-third of all state legislators
belong to ALEC."

If you'd like to read it, we've posted the article on our Spychips web
site. Find it at: ----- Sunni Maravillosa has announced a new book project focusing on how and why privacy erosion is troublesome, and offering ways to reclaim your lost privacy. An estimated publication date has not been established. ----- Tom Servo publishes "warzine," a blog focusing on resistance to privacy invasions. Very interesting stuff: ----- CASPIAN has seen an impressive growth in membership and newsletter subscribers. Here's a rundown of some locations our new privacy-minded colleagues hail from: INTERNATIONAL: Canada, France, Germany, India, Nigeria, and the UK. U.S.: Arizona, California, Colorado, Florida, Illinois, Nebraska, Ohio, Tennessee, Texas, and Virginia. We welcome each of you! ===================================================================== CASPIAN IN THE NEWS ===================================================================== A few recent highlights: A feature in the January issue of Popular Mechanics called "Who's Spying on You?" brought us many new members (hi, folks, and welcome aboard!); we got a mention in Scotland; and Katherine was quoted in a Washington Times article on Wal-Mart's missed RFID chip mandate. Popular Mechanics: The Scotsman: Washington Times, 12/29/04: ===================================================================== CASPIAN MEMBERS SOUND OFF ===================================================================== "Where have our rights gone, and who is going to take a stand in discouraging these companies from intentionally invading our common privacy?" - Mary, Ohio ----- "I was just reading about Gap's secret photographing of their unsuspecting customers as they entered the store and was completely outraged and alarmed! As a Gap shopper I find this blatant invasion of privacy beyond intrusive." - Michele, Canada ----- "Security culture and subsequently the implementation of tech such as RFID relies on a certain amount of secrecy .... we must break through that and illustrate the dangers of a total surveillant society." - Anonymous, U.S. ----- "It's not just about what type of coffee you buy and how often do you buy it. .... It's the privacy being passively 'yanked' from an individual for the 'good' of the general public." - Anonymous, U.S. ----- "I fear that too many consumers will wake up to the facts of our vanishing privacy too late. Your information reminds me that I'm not paranoid or crazy." - Anonymous, Wisconsin ===================================================================== VOLUNTEER CORNER ===================================================================== For all of you itching for something to do on privacy issues, here are three suggestions: 1. TELL GILLETTE you don't like spy chips in your razors and other products. Our "Boycott Gillette" site describes the company's actions, and provides a "sound off" page with contact information. Be sure to BCC us, so that we may quote you in a future newsletter: 2. TEXANS are feeling the brunt of Wal-Mart's RFID push, at both Wal-Mart distribution centers and Sam's Club stores. Keep up the pressure, both in Texas and around the country, by voicing your opposition to their ongoing RFID dictates. Write: Wal-Mart Stores, Inc., Bentonville, Arkansas 72716-8611 Call: 1-800-WAL-MART (Remember, your phone number is visible when you dial an 800 number.) For privacy, call: 479-273-4000 3. WORRIED about the TESCO rollout? Voice your displeasure to TESCO directly. Please send a copy to in the bcc: line of
your email.

Tel: +44 (0) 800 505555
E-mail: ===================================================================== CASPIAN: Consumers Against Supermarket Privacy Invasion and Numbering. Opposing supermarket "loyalty" cards and other retail surveillance schemes since 1999 You're welcome to duplicate and distribute this message to others who may find it of interest.