Thank you. I was kind of hoping you'd come back to that question, because we didn't get to it the first time.
Radio frequency identification systems typically consist of these components: the tag itself, which may or may not have processing capability; the antenna, which is part of the tag; a reader that emanates radio frequency energy, which is used to power passive tags; and then the software that interprets the information that comes back from the tag to the reader, because usually all that the tag contains is what's known as the electronic product code. You then have to look up in a database what that code is associated to in terms of the product, when it was manufactured, what its pedigree is, etc.
The privacy concerns around RFID stem partly from the fact that it's very small. It can be embedded in virtually anything, and it can give up its code or any other information that's stored on the tag without the individuals being aware that it's actually being read.
The major concern is that even if you can't necessarily associate a particular tag to an identity—in other words, tag number 123456789 is associated to me—you can associate the tag with a person of interest. For instance, it has been rumoured—and I don't know how true the rumours are—that law enforcement agencies have been using surreptitious readers to identify tags that are on objects possessed by individuals. So we get to the point where items of clothing, for example, are tagged. What you end up with is a series of numbers that are associated with a particular individual, and if that particular individual is at anti-war rally or some other form of protest, that marks them as a person of interest. If at some point that individual goes to go through a border control point, for example, and those tags are read again, they've now made the association to a specific identity and can take the individual aside for secondary screening or whatever.
So the notion of the RFID tags as a proxy for an identity is an issue of concern for us.