Human-Implantable Microchips: Location-Awareness and the Dawn of an “Internet of Persons”

  • Demetrius Klitou
Part of the Information Technology and Law Series book series (ITLS, volume 25)


This chapter explains the technology behind human-implantable microchips (RFID/GPS implants), describes the social and privacy implications of the identification and tracking capabilities of human-implantable microchips and other location-based services; explains how human-implantable microchips can change the nature of the public space and the way we view our bodies; outlines the security gains of human-implantable microchips; describes the scope of the actual and potential deployment of human-implantable microchips; provides an overview of the statutory law, case law, administrative decisions and soft regulations in the US of special relevance to human-implantable microchips; evaluates the relevant deficiencies and dilemmas of the US legal framework in terms of safeguarding privacy and civil liberties, with regard to the potential deployment and use of human-implantable microchips; and proposes some policy-relevant recommendations on how to enhance the US legal framework and address the issues identified.


GPS RFID Human-implantable microchips Fourth amendment Internet of things Location privacy Privacy principles 


  1. Aarts E, de Ruyter B (2009) New research perspectives on ambient intelligence. J Ambient Intell Smart Environ I:5–14Google Scholar
  2. Albrecht K, McIntyre L (2005) Spychips: how major corporations and government plan to track your every move with RFID. Thomas Nelson, NashvilleGoogle Scholar
  3. American Medical Association, Report of the Council on ethical and judicial affairs, CEJA Report 5-A-07Google Scholar
  4. Article 29 Data Protection Working Party, WP 115, Opinion on the use of location data with a view to providing value-added services, November 2005Google Scholar
  5. Article 29 Data Protection Working Party, WP 105, Working document on data protection issues related to RFID technology, January 2005Google Scholar
  6. Ayoade J (2007) Roadmap to solving security and privacy concerns in RFID systems. Comput Law Secur Rep 23(6):555–561CrossRefGoogle Scholar
  7. Beslay L, Hakala H (2007) Digital territory: bubbles. In: Kidd P.T (ed) European visions for the knowledge age: a quest for new horizons in the information society. Cheshire Henbury, Macclesfield, pp 69–78Google Scholar
  8. Bonneau J, Preibusch S (2009) The privacy jungle: on the market for data protection in social networks. WEISSGoogle Scholar
  9. Bono S, Green M, Stubblefield A, Juels A, Rubin A, Szydlo M (2005) Security analysis of a cryptographically enabled RFID device. In: 14th USENIX Security Symposium, pp 1-16. Baltimore, Maryland, USA, July—August 2005. USENIXGoogle Scholar
  10. Cannataci JA (2011) Recent developments in privacy and healthcare: Different paths for RFID in Europe and North America? Int J RF Technol 2:173–187Google Scholar
  11. Chemerinsky E (2010) The conservative assault on the constitution. Simon & Schuster, New YorkGoogle Scholar
  12. Clark W (2006) Cell phone tracking and physical surveillance. FBI Law Enforcement BulletinGoogle Scholar
  13. Cooper J, James A (2009) Challenges for database management in the internet of things. IETE Tech Rev 26(5):320–328Google Scholar
  14. Dobson JE, Fisher PF (2003) Geoslavery. IEEE Technology and Society MagazineGoogle Scholar
  15. Edmundson KE (2005) Global positioning system implants: must consumer privacy be lost in order for people to be found. Indiana Law Rev 38:207–238Google Scholar
  16. Emmett C (2011) United States v. Pineda-Moreno, tracking down individuals’ reasonable expectation of privacy in the information age. Golden Gate Univ Law Rev 41(3):1–28Google Scholar
  17. European Group on Ethics in Science and New Technologies to the European Commission (2005) Opinion No. 20, Adopted on 16/03/2005Google Scholar
  18. Federal Trade Commission (2005) RFID: radio frequency identification: applications and implications for consumers: a workshop report from the staff of the federal trade commission, March 2005Google Scholar
  19. Feldhofer M, Dominikus S, Wolkerstorfer J (2004) Strong authentication for RFID systems using the AES algorithm. Proc CHES 2004 in Lect Notes Comput Sci 3156:357–370Google Scholar
  20. Fischer-Hübner S, Hedbom H (eds) (2008) A Holistic Privacy Framework for RFID Applications, Future of Identity in the Information Society, Deliverable D12.3Google Scholar
  21. Floerkemeier C, Schneider R, Langheinrich M (2005) Scanning with a Purpose—Supporting the Fair Information Principles in RFID Protocols. In: Murakami H, Nakashima H, Tokuda H, Yasumura M (eds) Ubiquitious computing systems, revised selected papers from the 2nd international symposium on ubiquitous computing systems (UCS 2004), vol 3598. Springer, Berlin, pp 214–231Google Scholar
  22. Friedewald M, Lindner R, Wright D (eds) (2006) Policy Options to Counteract Threats and Vulnerabilities in Ambient Intelligence, SWAMI Deliverable D3: A report of the SWAMI consortium to the European Commission—contract 006507 (Draft version)Google Scholar
  23. Furedi F (2006) Culture of fear revisited: risk-taking and the morality of low expectation. Continuum, LondonGoogle Scholar
  24. Ganz JS (2005) It’s already public: why federal officers should not need warrants to use GPS tracking devices. J Crim Law Criminol 95(4):1325–1361Google Scholar
  25. Garfinkel SL, Juels A, Pappu R (2005) RFID privacy: an overview of problems and proposed solutions. IEEE Secur Priv 3(3):34–43CrossRefGoogle Scholar
  26. Gasson MN, Kosta E, Bowman DM (eds) (2012) Human ICT implants: technical, legal and ethical considerations. Information Technology and Law Series. T.M.C. Asser Press, The HagueGoogle Scholar
  27. Gavison R (1980) Privacy and the limits of law. Yale Law J 89(3):421–471CrossRefGoogle Scholar
  28. Greenfield A (2006) Everyware: the dawning age of ubiquitous computing. New Riders Publishing, BerkeleyGoogle Scholar
  29. Gutterman M (1988) A formulation of the value and means models of the fourth amendment in the age of technologically enhanced surveillance. Syracuse Law Rev 39(4):647–735Google Scholar
  30. Halamka J, Juels A, Stubblefield A, Westhues J (2006) The security implications of VeriChip cloning. J Am Med Inf Association 13(6):601–607Google Scholar
  31. Herbert WA (2006) No direction home: will the law keep pace with human tracking technology to protect individual privacy and stop geoslavery. I/S: J Law Policy Inf Soc 2(2):409–473Google Scholar
  32. Hilbert M (2011) The end justifies the definition: the manifold outlooks on the digital divide and their practical usefulness for policy-making. Telecommun Policy 35(8):715–736CrossRefGoogle Scholar
  33. Hinson Z (2008) GPS monitoring and constitutional rights. Har Civ Rights Civ Liberties Law Rev 43:285–288Google Scholar
  34. Hirsch D (2011) Law and policy of online privacy: regulation, self-regulation or co-regulation. Seattle Univ Law Rev 34(2):439–480Google Scholar
  35. Hunt VD, Puglia A, Puglia M (2007) RFID—a guideline to radio frequency identification. Wiley, HobokenGoogle Scholar
  36. Hutchins R (2007) Tied Up in Knotts? GPS technology and the fourth amendment. UCLA Law Rev 55(1):409–465Google Scholar
  37. Juels A, Brainard J (2004) Soft blocking: flexible blocker tags on the cheap, Workshop on Privacy in the Electronic Society, WPES 04, ACM Press, pp 1–7Google Scholar
  38. Karim W (2004) The privacy implications of personal locators: why you should think twice before voluntarily availing yourself to GPS monitoring. Wash Univ J Law Policy 14:485–515Google Scholar
  39. Kearns TB (1998) Technology and the right to privacy: the convergence of surveillance and information privacy concerns. William Mary Bill Rights J 7:975–1011Google Scholar
  40. Kindberg T, Barton J, Morgan J, Becker G, Caswell D, Debaty P, Gopal G, Frid M, Krishnan V, Morris H, Schettino J, Serra B, Spasojevic M (2001) People, places, things: web presence for the real world. Internet and Mobile Systems Laboratory, HP Laboratories, Palo Alto, HPL-2001-27.9Google Scholar
  41. King J, Hoofnagle CJ (2008) Research report: a supermajority of Californians supports limits on law enforcement access to cell phone location informationGoogle Scholar
  42. Masters A, Michael K (2007) Lend me your arms: the use and implications of humancentric RFID. Electron Commer Res Appl 6(1):29–39CrossRefGoogle Scholar
  43. McClurg AJ (1995) Bringing privacy law out of the closet: a tort theory of liability for intrusions in the public space. N C Law Rev 73(3):989–1088Google Scholar
  44. Meyer HJ, Chansue N, Monticelli F (2006) Implantation of radio frequency identification device (RFID) microchip in disaster victim identification (DVI). Forensic Sci Int 157(2):168–171CrossRefGoogle Scholar
  45. Michael K, McNamee A, Michael MG, Tootell H (2006) Location-based intelligence—modeling behaviour in humans using GPS. IEEE, New YorkGoogle Scholar
  46. Miller N (2001) Stalking laws and implementation practices: a national review for policymakers and practitioners. National Institute of Justice, Washington DCGoogle Scholar
  47. Minert SR (2006) Square pegs, round hole: the fourth amendment and preflight searches of airline passengers in a post-9/11 world. Brigham Young Univ Law Rev 2006(6):1631–1667Google Scholar
  48. Morris S, Morris A, Barnard K (2004) Digital trail libraries. Joint ACM/IEEE Conference on Digital Libraries, pp 63–71Google Scholar
  49. National Research Council (2001) Embedded, everywhere: a research agenda for network systems of embedded computers, report from the committee on networked systems of embedded computers, computer science and telecommunications board. National Academic Press, Washington DCGoogle Scholar
  50. Nissenbaum H (2004) Privacy as contextual integrity. Wash Law Rev 79(1):101–140Google Scholar
  51. OECD Policy Guidance on radio frequency identification (2008)Google Scholar
  52. OECD (2006) Radio-frequency identification (RFID): drivers, challenges and public policy considerations, OECD Digital Economy Papers, No. 110, OECD PublishingGoogle Scholar
  53. O’ Harrow R (2005) No place to hide. Free Press, New YorkGoogle Scholar
  54. Paton-Simpson E (2000) Privacy and the reasonable paranoid: the protection of privacy in public places. Univ Toronto Law J 50(3):305–346CrossRefGoogle Scholar
  55. Ramesh EM (1997) Time enough? consequences of human microchip implantation. Franklin Pierce Law Center, ConcordGoogle Scholar
  56. Rastogi V, Welbourne E, Khoussainova N, Kriplean T, Balazinska M, Borriello G, Kohno T, Suciu D (2007) Expressing privacy policies using authorization views, 5th international workshop on privacy in UbiComp (UbiPriv’07)Google Scholar
  57. Reidenberg J (2000) Privacy protection and the interdependence of law, Technology and Self-RegulationGoogle Scholar
  58. Reneger A (2002) Satellite tracking and the right to privacy. Hastings Law J 53:549 et seqGoogle Scholar
  59. Rieback MR, Simpson PND, Crispo B, Tanenbaum AS (2006) RFID viruses and worms. Department of Computer Science. Vrije Universiteit AmsterdamGoogle Scholar
  60. Royal Academy of Engineering, London (2007) Dilemmas of privacy and surveillance: challenges of technological changeGoogle Scholar
  61. Sandler K, Ohrstrom L, Moy L, McVay R (2010) Killed by code: software transparency in implantable medical devices. Software Freedom Law Center, New YorkGoogle Scholar
  62. Schulzrinne H, Tschofenig H, Cuellar J, Polk J, Morris J, Thomson M (2009) Geolocation policy: a document format for expressing privacy preferences for location information. The Internet Engineering Task Force, Internet Draft, February 2009Google Scholar
  63. Schwartz PM (2000) Beyond Lessig’s code for internet privacy: cyberspace filters, privacy-control, and fair information practices. Wis Law Rev 2000(4):743–787Google Scholar
  64. Schwartz PM (1999) Privacy and democracy in cyberspace. Vanderbilt Law Rev 52:1609–1701Google Scholar
  65. Sedlak AJ, Finkelhor D, Hammer H, Schultz DJ (2002) National estimates of missing children: an overview. In: National Incidence Studies of Missing, Abducted, Runaway, and Thrownaway Children. Office of Juvenile Justice and Delinquency Prevention, Office of Justice Programs, U.S. Department of JusticeGoogle Scholar
  66. Solove D (2004) The digital person: technology and privacy in the information age. New York University Press, New YorkGoogle Scholar
  67. Spiekermann S (2012) The RFID PIA—developed by industry, agreed by regulators. In: Wright D, De Hert P (eds) Privacy impact assessment: engaging stakeholders in protecting privacy. Springer, Dordrecht, pp 323–346Google Scholar
  68. Spivey C (2005) Breathing new life into HIPAA’s UHID—Is the FDA’s green light to the VeriChip™ the prince charming sleeping beauty has been waiting for? DePaul J Health Care Law 9:1317–1342Google Scholar
  69. Sterling B (2005) Shaping things. MIT Press, CambridgeGoogle Scholar
  70. Thevissen PW, Poelman G, De Cooman M, Puers R, Willems G (2006) Implantation of an RFID-tag into human molars to reduce hard forensic identification labor, Part I: Working principle. Forensic Sci Int 159:33–39CrossRefGoogle Scholar
  71. Tzanou M (2010) The EU as an emerging surveillance society: the function creep case study and challenges to privacy and data protection. Vienna Online J Int Const Law 4:407–427Google Scholar
  72. US Department of Homeland Security (2006) The Use of RFID for Human Identity Verification, Data Privacy & Integrity Advisory Committee, Report No. 2006-02, Adopted 6 December 2006Google Scholar
  73. US Department of Homeland Security. The use of RFID for human identification: a draft report from dhs emerging applications and technology subcommittee to the full data privacy and integrity advisory committee, Version 1.0Google Scholar
  74. US Government Accounting Office (2005) Information security: radio frequency identification technology in the federal governmentGoogle Scholar
  75. van Kranenburg R (2008) The internet of things: a critique of ambient technology and the all-seeing network of RFID. Network Notebooks 02, Institute of Network CulturesGoogle Scholar
  76. Warwick K (2002) I Cyborg. CenturyGoogle Scholar
  77. Weber RH (2009) Internet of things—need for a new legal environment? Comput Law Secur Rev 25(6):522–527CrossRefGoogle Scholar
  78. Weber K (2005) The next step: privacy invasions by biometrics and ICT implants. ACM Ubiquity 7(45):1–18Google Scholar
  79. Welbourne E, Balazinska M, Borriello G, Brunette W (2007) Challenges for Pervasive RFID-based Infrastructure, PERTEC 2007, Workshop on pervasive RFID/NFC technology and applications. In: Fifth annual IEEE international conference on pervasive computing and communications—workshops (PerCom Workshops 2007), 19–23 March 2007, White Plains, New York, USA. IEEE Computer Society 2007, pp 388–394Google Scholar
  80. Werner M (2008) Google and ye shall be found: privacy, search queries, and the recognition of a qualified privilege. Rutgers Comput Technol Law J 34(1)Google Scholar
  81. Westin A (1967) Privacy and freedom. Atheneum, New YorkGoogle Scholar
  82. Whitman J (2004) Two western cultures of privacy: dignity versus liberty. Yale Law J. 113:1151–1221CrossRefGoogle Scholar
  83. Wilamovska A-M, Hatziandreu E, Schindler HR, van Oranje-Nassau C, de Vries H, Krapels J (2009) Study on the requirements and options for RFID application in healthcare, RAND Europe, Prepared for the Directorate General Information Society and Media of the European CommissionGoogle Scholar
  84. Williams LC (2002) A discussion of the importance of key length in symmetric and asymmetric cryptography. SANS Institute, GIAC practical repositoryGoogle Scholar
  85. Willingham KM (2007) Scanning legislative efforts: current RFID legislation suffers from misguided fears. N C Bank Inst 11:313–341Google Scholar
  86. Wood DM (ed) (2006) A Report on the Surveillance SocietyGoogle Scholar

Copyright information

© T.M.C. Asser Press and the author(s) 2014

Authors and Affiliations

  1. 1.Leiden UniversityLeidenThe Netherlands

Personalised recommendations