In this blog post, we examine whether the convenience offered by Verichip technology is truly worth the risk of personal information leakage.
In an information society, personal information holds immense significance. The most fundamental and crucial role of personal information is to concretely establish one’s identity among countless others. In other words, it establishes a clear criterion for distinguishing individuals. What does this mean? It means you can build a domain that is clearly isolated from others’ hands, one only you can access. A bank account only you can deposit into or withdraw from, an online post only you can edit, a cloud file storing the owner’s files. In today’s highly computerized society, the key to enjoying all this convenience is personal information.
There are various types of keys used to access virtual spaces. Information is utilized in diverse ways—from credit cards used as simple payment methods, to card-type access badges required for entering company buildings, to the intangible accounts demanded by websites to identify individuals. But what if there were a key implanted inside the body for constant use? Known as VeriChip (short for verification chip), this rice-grain-sized electronic circuit chip can store the owner’s information. Implanted under the skin, it can be used semi-permanently and constantly interacts with its surroundings, exchanging information. This is because VeriChip is a type of RFID (Radio-Frequency Identification) tag. RFID tags share information using radio waves with readers seeking to read personal data, allowing the reader to recognize the tag from a certain distance. When the reader recognizes the VeriChip, it decodes the stored code to verify the owner’s identity, thereby gaining access to the owner’s virtual personal space stored in a database.
Previously, not everyone carried personal identification devices at all times, and even when carried, their usage was limited. However, using Verichip will significantly increase the universality of personal information like never before. All the owner’s actions are recorded in a database via the Verichip, enabling the owner to receive services most suited to them. Furthermore, due to the nature of RFID chips, which actively interact with the surrounding environment, functions like automatic payment, access control, and location tracking become highly effective. This signifies the potential realization of the once-envisioned ubiquitous city. However, this characteristic of Verichip, constantly and openly exchanging personal information, ultimately carries the risk of easy personal data leakage. Anyone possessing a device capable of interacting with a VeriChip could intercept personal information without the owner’s knowledge.
During the peak of VeriChip controversy, many opponents rallied against its commercialization, citing risks of personal data leaks and privacy invasions, often fueled by various conspiracy theories. Consequently, VeriChip production ceased in 2010. Meanwhile, some argue that the risks of VeriChip were exaggerated. They compare VeriChip to credit cards, claiming the risk of information leakage from VeriChip is no different from that of existing media like credit cards. According to this argument, our behavior of worrying about VeriChip while casually using credit cards and transit cards is quite contradictory. Furthermore, RFID tags, exemplified by transit cards, actually require proximity to a reader within a certain distance to exchange information. Considering this usage pattern, the argument is that there is no need for excessive concern about information leakage risks from the VeriChip itself.
However, I believe VeriChips carry significant risks. First, VeriChips are incomparably more dangerous than existing methods in terms of their potential uses. How many different ways can you use a credit card? It’s merely a payment method. Therefore, the damage from a stolen credit card is limited to the amount linked to the associated bank account. But a VeriChip can provide all information about its owner.
Everything about the owner’s daily life is stored in a database: basic personal details, residence, primary consumption items, frequently visited locations, and more. In this scenario, a single leak of personal information would cause unimaginable damage. It means someone could access all information about me, enabling them to completely impersonate the owner. Depending on the criminal’s intent, they could register everything belonging to the owner as their own, or frame the owner for crimes they never committed. It would even be possible to completely exclude the owner from society.
Thus, the benefits criminals gain by extracting information stored in the VeriChip are enormous, and the ways they could misuse this stolen information are numerous. This makes a VeriChip-based social system even more vulnerable to crime. For example, suppose the database security strength of credit cards and Verichips is similar. By hacking a credit card company’s computer network, a criminal could obtain information such as the cardholder’s personal details, bank account information, and transaction history. Most of this information offers little significant benefit to the criminal. Therefore, the number of criminals willing to take the risk of infiltrating the information network would be relatively small. In contrast, the VeriChip database stores all information about the user. The profit gained from obtaining this data is substantial enough to justify the risk for criminals. Consequently, attempts to access the VeriChip network would occur far more frequently than for credit cards. This makes the security risk of VeriChips significantly greater than that of credit cards.
Finally, the fact that Verichip is implanted under the skin, eliminating the risk of loss, could reduce the ability to respond to crime. For example, what should one do upon discovering that a credit card has been lost or that information from the computer network has been leaked, allowing others to freely use the user’s balance? The cardholder can respond swiftly by immediately canceling the credit card and obtaining a new one. You can delete the information stored on the credit card or destroy the existing card. In contrast, because a VeriChip is implanted in the body for semi-permanent use, destroying an existing VeriChip and obtaining a new one is incomparably more cumbersome than with a credit card. Furthermore, deleting information stored in the database is also difficult because it would cause significant harm to the user.
Thus, the level of personal information protection offered by Verichip is highly vulnerable compared to existing media in terms of the scale of potential harm, safety, and post-incident handling. Living in the information age, we have come to firmly grasp the importance of personal information protection through both direct and indirect experiences. We understand that no matter how great the convenience, it should never be adopted without robust security. Of course, technological advancements to date have also raised concerns about various risks. It is also possible that these issues have been resolved by the ethical standards of us, the users of the technology. In this regard, concerns about elaborate conspiracy theories surrounding Verichip might be somewhat alleviated. However, if no clear solution is presented for the practical risks discussed earlier, the Verichip implanted under our skin could instead become a double-edged sword, inflicting terrible harm upon us.
