Toward the regulation of ubiquitous mobile government


Mobile alerts, notifications and location-based emergency warning systems are now an established part of mobile government strategies in an increasing number of countries worldwide. In Australia the national emergency warning system (NEWS) was instituted after the tragic Black Saturday Victorian Bushfires of February 2009. NEWS has enabled the provision of public information from the government to the citizen during emergencies anywhere and any time. Moving on from traditional short message service (SMS) notifications and cell broadcasting to more advanced location-based services, this paper explores the major issues faced by government, business and society at large, toward the realization of a fully fledged emergency system for personal mobile devices. This qualitative study contains two phases: phase 1 gathered issues from the general public via an open-ended survey question, and phase 2 gathered issues from key informant interviews. The data was analyzed using qualitative content analysis techniques. The results are presented in a narrative form granting detailed insight into the main challenges faced in the deployment of a mobile government application. The complex interplay between government agencies, telecommunications carriers and the Australian public is presented, ultimately leading down a path of regulation. By using a qualitative approach it is hoped that the intimate lessons learnt in the Australian landscape can be applied to other nations considering mobile government applications. The outcome of the paper is predominantly practical providing a series of recommendations toward the successful deployment of mobile government applications.

1 Introduction

On February 7, 2009, the Black Saturday Victorian Bushfires claimed 173 lives, the worst peace-time disaster in Australia’s history. Citizenry looked on in disbelief that in such a modern society equipped with advanced technologies, so many lives were lost and a multitude more people injured given the force of the 400 raging fires. The Australian federal government responded swiftly to the tragedy by enacting an emergency declaration as an amendment to the Privacy Act 1988 on February 11, 2009. The emergency declaration now means that some government agencies, and emergency service organizations (ESOs), have access to Australia-wide consumer telecommunications details in the likely event of an emergency or during an actual emergency. Maintained by one commercial operator, the integrated public number database (IPND) is an industry-wide, commonwealth-owned database that contains all the residential and business telephone numbers, both listed and unlisted, and other subscriber information such as name, address, and the type of service delivered by each number (i.e. landline, fax, mobile, pager, etc.). During an emergency the IPND may be accessed by more than one commercial entity to assist citizens.

The Victorian Bushfire Royal Commission (VBRC) commenced on February 16, 2009 and about five months into the proceedings, the Government released a tender document to Australia’s telecommunications carriers for the supply of ubiquitous mobile technologies, infrastructure and applications that could be used during emergencies. The National Emergency Warning System (NEWS) tender was released on July 15, 2009 and following this, the request for information (RFI) for Location Based Identification of Active Mobile Handsets for Emergency Notification Purposes (phase II of NEWS) was issued on August 5, 2009. Telstra, Australia’s largest telecommunications carrier was awarded the contract on September 24, 2009. The NEWS applications have the ability to deliver personalized information direct to the mobile phone subscriber during an emergency, providing both warning notifications and alerts and specific directions, complementing traditional broadcasting mediums like radio and television. Despite the call for the deployment of ubiquitous mobile government applications in the Australian emergency management sector since as early as 2005, it took the tragic loss of life in Victoria for the Federal and State governments to make a decision to go forward with a homogeneous national emergency warning system (NEWS) with location-based features entering in phase II of deployment.

Only than two months before the Black Saturday Victorian Bushfires, the authors began to collect qualitative data on the potential deployment of location-based services in emergency management in Australia by calling on key informants to share their experiences and insights about the future prospects of location-based emergency warnings. On November 25, 2008 an in depth semi-structured interview was conducted with an official from the Victorian State Government. It was quickly realized that no matter how innovative the business model, that the complexity of a national emergency warning system with location-based service capabilities meant that operational and non-operational stakeholders would have to work together closely toward a long-term mobile solution that could be utilized by relevant government authorities to communicate with people in affected zones of natural and human-made hazards. The government official interviewed described the need for a ubiquitous emergency warning system with a degree of urgency that was to play out in that summer. So what went wrong, especially when the need for such a system was evident? Why did it take so long for such a mobile government application to be deployed? What were the barriers that needed to be overcome for such a practical solution to be instituted? The interplay between government agencies, telecommunications carriers and supporting value chain members, and the Australian people would ultimately lead down a path of regulation. This paper explores the most important issues faced by government, business and society at large, toward the realization of a fully fledged location-based emergency warning system for personal mobile devices. By using a qualitative approach it is hoped that the lessons learnt in the Australian landscape can be applied to other nations as a foundation model towards deployment of mobile government applications in related contexts.

This paper is divided into five sections. Section 1 describes the methodology that was adopted, the main sources of data, and how data was collected and analyzed. Section 2 describes the need for location-based emergency warnings and Sect. 3 describes the legislative impact of these services being utilized and liability related issues such as responsibility and accountability with respect to the government itself and telecommunications carriers. Section 4 is about the prospective barriers facing governments and carriers who wish to roll out a national emergency warning system and the fifth and final section provides recommendations toward successful deployment.

2 Methodology

2.1 Case study: Australia’s National Emergency Warning System

A case study of mobile government applications in the context of emergency management was conducted in Australia with a focus on the utilization of location-based services for emergency warning and notification systems. Figure 1 depicts a timeline of important events leading up to the deployment of NEWS. The study was conducted between 2008 and 2009 and captures sentiment in Australia both before and after the Black Saturday Victorian Bushfires. Data for this case study was collected in a two phased approach.

Fig. 1 Australia’s Path toward a National Emergency Warning System: a timeline of events

2.2 Phase 1: open-ended survey question to general public

In Phase 1, a ten page questionnaire which contained a single open-ended question was administered in 2008 to the general public providing an opportunity for written responses which were digitized, collated into a database and then analyzed.

The primary goal of the open-ended question technique was to understand the issues pertaining to the utilization of the location-based emergency service as perceived by the general public. This technique is particularly useful when there is a need to start with a broader exploration of a little-known phenomenon [1]. The comments included personal opinions, remarks, concerns and real life experiences that about 60 of the 300 respondents were willing to share.

2.3 Phase 2: operational and non-operational stakeholder interviewees

In Phase 2, nine full-length semi-structured interviews were conducted with key informants who were members of operational and non-operational stakeholder entities and highly regarded within the Australian landscape of mobile government for emergency management. The interviews were transcribed, edited, and qualitatively analyzed. The use of qualitative methods, such as interviews, has been suggested for exploratory research when little is known about the area of study and when there is a need to identify unanticipated or new issues [2, 3]. Independent experts with a wealth of knowledge and expertise, officials from Australian emergency service organizations, policy makers from Australian government departments pertinent to emergency management arrangements and policies, and representatives from the Australian mobile telecommunications industry were approached to participate in the study. The main criterion for approaching each potential interviewee was their expertise. Several government departments and organizations related to emergency management were also approached. The intention was to end up with a good cross section of diverse profiles in the location-based services (LBS) value chain that could give a holistic view of Australia’s national emergency warning system.

2.3.1 Description of key informants

Nine interviews were conducted with key informants coming from both operational and non-operational stakeholders. Interviewee 1 [Vic-Gov] was a member of the Office of the Emergency Services Commissioner in the Department of Justice in the state of Victoria. The Office provides leadership in emergency management for Victoria, with specific responsibility for ensuring the delivery of efficient, equitable and integrated emergency services. The Office oversees more effective utilization of the common resources of the emergency services and encouraging and facilitating cooperation between all agencies before, during and after an emergency [4]. It is important to note that this interview took place only a few months prior to Black Saturday Bushfires in Victoria. Interviewee 2 [expert A] is an independent expert with more than 40 years of experience over several domains including teaching in emergency management and being an emergency service officer with the State Emergency Services (SES). Interviewee 3 [SES] is employed by the State Emergency Service in New South Wales. The SES is an emergency and rescue service dedicated to assisting the community in times of crisis. It is made up almost entirely of volunteers, with 226 units located throughout the state of New South Wales (NSW) alone. Its main responsibilities are for flood and storm operations [5]. Interviewee 4, [Whispir-Rep] was a representative of the Whispir company, an Australian company providing a high availability messaging platform that enables the instant and automatic invocation of communications across web, email, SMS and voice channels, from any location including from a mobile handset [6]. Interviewee 5 [expert B] is an independent consultant from the Australian Capital Territory. He is a well-known consultant who has a professional background working as an advisor on large-scale systems for the Australian Government including the formulation of national internet ICT polices.

Interviewee 6 [expert C] is an independent expert from the state of New South Wales with a telecommunications engineering career spanning more than 30 years. His work has contributed to the development of service creation environments for Intelligent Networks (IN) with British Telecom Research Laboratories, and later with Telstra. He has also worked on several worldwide projects developing a range of solutions with a focus on wireless IN services and the development of various cellular location systems for emergency and commercial services. In addition, he was amongst the scientists who were responsible for shaping, initiating and launching E911 in the United States. Interviewee 7 [expert D] is an independent expert from the state of Queensland. His current work involves the development of new innovative technologies. He has extensive experience in Research and Development (R&D) of internet and mobile technologies. He has research interests in emergency messaging standards, new technologies and applications for emergency messaging and national emergency warning systems. Interviewee 8 [expert E] is a consultant who works for a large law firm in Australia. He is a communications specialist with more than 25 years of experience in technology, regulatory and business strategy in telecommunications and broadcasting. He has been involved with a number of significant commercial regulatory projects in the telecommunications sector in Australia and abroad. He has provided advice to Telstra, Bell Canada, the GSM Association, State and Federal Government and international organizations such as the World Bank. The final interviewee is a representative from the Redcoal Company. Redcoal is Australia’s leading SMS messaging and mobile phone tracking solutions provider, delivering services across different industry sectors and government. Redcoal’s SMS and mobile phone tracking solutions are rebranded and resold by the Optus Network. The Optus operator is the second largest telecommunications carrier and information services company in Australia [7]. A summary of the nine interviews and their background is presented in Table 1.

Table 1 List of interviewees used in the data collection phase

ID Interviewee/ Pseudonym Full title Interview date

1 Vic-Gov The Department of Justice—Office of the Emergency Services Commissioner (The State of Victoria)* Nov 25, 2008

2 Expert A Independent expert (The State of New South Wales) July 13, 2009

3 SES State Emergency Services (The State of New South Wales)* Aug 4, 2009

4 Whispir-Rep A representative from the Whispir Company (The State of Victoria)* Aug 12, 2009

5 Expert B Independent expert (The Australian Capital Territory) Aug 28, 2009

6 Expert C Independent expert (The State of New South Wales) Sept 23, 2009

7 Expert D Independent expert (The State of Queensland) Sept 29, 2009

8 Expert E Independent expert (The State of Queensland) Oct 14, 2009

9 Redcoal-Rep A representative from the Redcoal Company (The State of New South Wales)* Oct 22, 2009 *Views obtained here are those of the representatives and are not necessarily expressing those of their respective offices, departments or companies

2.4 The qualitative analysis strategy

Qualitative analysis refers to the process that requires the identification of recurring ideas, patterns of beliefs and salient themes from collected data and the attempt to demonstrate support for them [8]. Patton [9] defines qualitative analysis as the challenging process of transforming data into findings, but more importantly, for it to make sense. Patton described the transformation process as “reducing the volume of raw information, sifting trivia from significance, identifying significant patterns and constructing a framework for communicating the essence of what the data reveal” [9]. Similarly, Marshall and Rossman [1] regard qualitative analysis as the process of bringing structure and meaning to the mass of the collected data, and accordingly, postulate that the best approach to the analysis of the data is “reading, reading, and reading once more through the data, forcing the researcher to become familiar with those data in intimate ways. People, events, and quotes sift constantly through the researcher’s mind” [1]. However, in order to guide the qualitative analysis to ensure validity in the presentation of results, the transcribed interviews were parsed together through an automated content analysis tool. Figure 2 shows the main themes as determined by the Leximancer tool [10] after several interactive manual interventions to: (i) clean the auto-generated thesaurus list of words (e.g. singular vs. plural, merging synonyms or like terms, and the merging together of words into short phrases like “location based services”); (ii) delete irrelevant terms that may have been used frequently but in essence detracted from the main themes of the study (e.g. “should”, “think”); (iii) add words to the visual concept map from the auto-generated thesaurus that were considered significant in meaning by the researchers but may not have featured in the most highly ranked concepts; and (iv) consider at which level of granularity to view the concept map to best understand the inner forces at play between the major actors in the network. These themes were used to provide core issues that were explored in the narrative thematically. Issues raised in the open-ended response in the survey were manually grouped into themes and supporting literature found to validate their inclusion in the narrative (Table 2).

2.4.1 Interactive model of analysis

In Miles and Huberman’s [8] interactive model of analysis, the qualitative analysis is an iterative step that consists of a set of activities, including data collection, data reduction, data display and conclusion drawing. The textual data of the interviews went through preparation processes to make it ready for the analysis. The audio-recorded interviews were transcribed verbatim and each transcription was kept in a separate word document for easy reference. The hand-written interview notes, which were taken by the researchers themselves in each interview, were used as an additional source of information. In a similar fashion, all the comments from the open-ended survey question were typed and then aggregated and kept in one document, as all comments represented the perspective of a single distinct stakeholder of the locationbased mobile phone emergency service (i.e. the prospective user of the service). Initial data coding, including preliminary data reduction processes were performed to prepare the data for analysis. Developing concepts is regarded a way of data reduction [25] and enlisting the support of Leximancer was very helpful in reducing the volume of interview data to displaying correlated concepts into more focused themes.

Fig. 2 Leximancer concept map showing important issues forthcoming from interviews. The larger the concept the greater its importance to the study

Displaying data is one of the major ways to validate the qualitative analysis [8]. This activity is concerned with organizing, compressing and assembling information into a more readable format from the data’s voluminous, bulky and dispersed original state [25]. The qualitative data can be displayed in different forms such as charts, diagrams or concept maps. The aim of the final stage which is drawing and verifying conclusions is required to generate a meaningful and coherent picture of the data [25]. Miles and Huberman [8] noted that conclusions take place, more or less, concurrently with other stages in the content analysis and can be discerned early in the analysis, although at that time they are vague and not truly developed. In all cases, drawing conclusions is typically regarded the most difficult stage to perform amongst all the stages of the analysis since it involves developing propositions, verifying these propositions, drawing solid conclusions and confirming the obtained findings [8, 25].

3 The need to introduce location-based emergency services in Australia

Australia’s future need to utilize the location-based mobile phone service within its national emergency warning system fundamentally stems from the practical characteristics of the service, which complement other channels of safety information. As stipulated by Expert A, the broadcast media do a very good job of communicating emergency information to the public but there is no guarantee that information is received by individual persons, especially if they have no desire to keep informed at any given time period. Expert C pointed out that everybody does not listen to the radio. The Black Saturday Victorian Bushfires, more than any other single event in Australia’s modern history can be used to illustrate the need for advanced communication services. As Expert A reflected, Australians questioned where the notifications were and why so many people had to die: “[t]he notifications were being [sent] out in the normal fashion by radio, television, but because people were outside, it [did] not necessarily mean that they tuned in to those radio stations, or the television ...” It took the deaths of 173 Australians during a tragic event for the government to consider more innovative ways to communicate with the community before, after and during an event. There is now an “expectation by the community to be informed [in a] timely [fashion], rather than in a haphazard way” (Expert A). One way forward is to make use of the mobile phone, available technology already in the hands of the majority of Australian adults, which can provide crucial emergency information dependent on where the mobile phone is located. While you cannot guarantee that people will receive time-critical information via their mobile phone (e.g. it may be turned off), at least authorities are making “use of available technology to reduce the likelihood of people not knowing and increasing the likelihood of them being informed” (Expert A).

Other interviewees also acknowledged the shortcomings of the current information warning channels in Australia and the need to utilize location-based public warning notifications. Expert D was categorical in his assessment: “I definitely think we do need location-based warnings. There is no doubt about that.” While making use of landline billing address details for emergency notifications was one possible way forward using the legacy Integrated Public Number Database (IPND), Expert D preferred a warning system that could detect people roaming and provide customized location-based information. Vic-Gov also noted that they ultimately wanted a system that could be deployed during the largest and most troubling types of emergencies.


Table 2 Public acceptance issues raised in the questionnaire and supported by literature

Factor identified in open-ended response

Academic description

Sourced in the literature

Attitude. The individual positive or negative feelings toward using the location-based emergency service. Fishbein and Ajzen [11] Behavioral intention The individual decision to engage or not to engage in using the location-based emergency service. Fishbein and Ajzen [11] Trust The belief that allows a potential user of the location-based emergency service to willingly become vulnerable to the use-case outcome of the service, having taken the characteristics of the service into consideration, irrespective of the ability to monitor or control the service or the service provider. Mayer et al. [12], McKnight and Chervany [13] Perceived risks The individual belief of the potential loss and the adverse consequences of using the location-based emergency service, and the probability that these consequences may occur if the service is used. Pavlou and Gefen [14], Heijden et al. [15] Perceived usefulness The individual perception that using the location-based emergency service is useful. Davis et al. [16] Perceived ease of use The degree to which the prospective user expects the location-based emergency service to be free of effort in terms of usage. Davis et al. [16] Visibility The extent to which the actual use of the location-based mobile phone emergency service is observed to its potential user. Agarwal and Prasad [17] Perceived service quality The individual global judgment relating to the superiority of the location-based emergency service. Parasuraman et al. [18] Perceived currency The prospective user perception of receiving up-to-the-minute service information during emergencies. Zeithaml et al. [19], Yang et al. [20] Perceived accuracy The prospective user perception about the conformity of the location-based emergency service with its actual attributes of content, location, and timing. Zeithaml et al. [19], Yang et al. [20] Perceived responsiveness The prospective user perception of receiving a prompt service in the case of an emergency. Parasuraman et al. [18], Liljander et al. [21], Yang et al. [20] Privacy concerns as perceived by the prospective user The individual concerns regarding the level of control by others over personal identifiable information. Stone et al. [22] Collection The concern that extensive amounts of location information or other personal identifiable data will be collected when using the location-based emergency service. Smith et al. [23], Junglas and Spitzmuller [24] Unauthorized use The concern that the location-based emergency service information is collected for emergency purposes but will be used for other purposes without explicit consent from the individual. Smith et al. [23], Junglas and Spitzmuller [24]


Three months prior to the Victorian Bushfires, a Vic-Gov representative contacted the authors, desperately seeking to put in place a system that could be used to notify individuals anywhere they were during large-scale emergencies in order to save more lives. For Vic-Gov, traditional forms of media were passive. From their assessment of a range of technologies that were nationally consistent, Vic-Gov was convinced by the power of the mobile phone and especially its ubiquity, not requiring an individual to be anchored anywhere to receive the given information. Vic-Gov stated: “People have, invariably, got their mobile phones with them. Usually, they are turned on. And so, if that individual with an active handset is within an area that has been affected by something there is a very high likelihood that we will get a message to them, informing them that we know that they are in the area and we can point them to other sources of information. So, they do not need to be anchored to anything. It is the closest [thing] to somebody’s eyes and ears.” For the State Emergency Services (SES) the location-based mobile phone service can be considered yet another telephony-based channel to get a message to the public. SES highlighted the potential of the mobile phone to get people’s attention, especially if a disaster was to hit late at night when people were asleep.

Written comments from the survey respondents also reflected the community’s expectation toward the introduction of the location-based mobile phone emergency service in Australia in the near future. For the greater part comments focused around the need to have the location of an emergency caller automatically identified and tracked. One respondent noted that when calling emergency services 15–30 seconds “are wasted in providing the patient/caller location/address. It would be a great time/life saver technique if LBS is properly implemented by service providers as the police, hospitals and car-service providers as NRMA.” Numerous respondents thought that implementing such capability would be a good idea, practical, and very beneficial given Australia’s history of natural disasters. Some were even prepared to subscribe to such a service for up-to-the-minute information. Beyond the obvious advantages of location-based notifications via mobile phones, there is one segment of the community that would particularly benefit from the introduction of such warning systems. Vic-Gov noted that such a system would be highly beneficial to the profoundly deaf and hearing impaired which affect one in six Australians: “[i]f these people were in an area where they had been affected, they would receive a text message ... So, by default, I guess, we have addressed a section of the population who struggle to receive [comprehensible] notifications ...” Expert A showed his disappointment at the lack of urgency shown by some stakeholders, especially government, when he said: “[i]t is about time we had these systems in place. We see money being wasted in a lot of areas that are not as important as providing safety to our communities. And for a long, long time, disaster management and all those type of activities have not been at the forefront of government action. They tend to wait until after something happens.” The Redcoal-Rep echoed similar sentiments when he noted that it generally takes tragedies for a reaction to come from government, and only then when it is a vote winning issue.

4 Legislative grounds for location-based emergency systems

The introduction of a comprehensive legislative framework which would regulate the utilization of location-based mobile phone emergency services was a recurring theme which emerged from the expert interviews. In Australia at least, it was found that without a legislative framework in place the introduction of a location-enabled emergency system would be somewhat unlikely. The lag between the introduction of new enabling technology and the establishment of legislation to support that technology’s capabilities can be stifling to the development of any new product or process. SES identified the government as lagging behind in clearly providing protection around the governance and use of location-based emergency notifications to all Australians. The emphasis is on the deployment of “blanket coverage” technology which is where the government needs to get started on legislating, according to the SES. But rather than the view that legislation comes first, and then the technology can be rolled out, in this particular mobile government case study society is evolving hand-in-hand with the technology. “Location-based services can be protected by legislation and need to be protected by legislation... You have to evolve your legal framework along with the technological underpinnings of the society it involves” (Expert C).

One suggestion by Expert C was to draft legislation associated with the emergency warning system under Emergency Management Australia, via consultations through the Council of Australian Governments (COAG). “Whether it is an emergency warning system under a federal agency’s control or whether it is a social networking site under a commercial operator’s control, those entities, to the extent that they are governed by our jurisdiction’s legislation, should be constrained in terms of what they can do with that location information” (Expert C). And it is here that location-based emergency warnings differ from traditional carrier-based LBS solutions. In the government context, we are not referring to a subset of consumers who opt-in to using a paid subscriber service but to all people who may be in an affected zone, including citizens and non-citizens alike. Expert E also noted the importance of an agreement between the individual to whom location information applies and the provider of that application. The agreement should be protected by law and should clearly identify “what that location information can and cannot be used for”, ensuring that the location data “not be used for any other purpose.”

The introduction of early warning systems by their very nature cannot be put in place without some kind of a legislative or regulatory imperative. For Expert E, the fact that location based early warning systems would need to be deployed unilaterally—that is across the whole population—a liability risk would be incurred as part of any set of legislative regulations or responsibilities. The actual scope of risks and responsibilities would need to be defined but in this open-ended environmental context there would be an arbitrary amount of potential liability. “There has to be a fundamental foundation from a regulatory and a policy perspective before any of this can happen”, reaffirmed Expert E.

Numerous survey respondents also confirmed Australia’s need for a legal framework to support the possible utilization of the location-based mobile phone emergency service, with clear rules and penalties to effectively control the utilization. One respondent noted that there should be “strict guidelines and rules for how and when the [location] information should be used, and significant penalties for companies that break these rules as well as appropriate compensation for the affected people.” Another respondent wrote that strict laws should govern what information is kept, how it is kept, and who has access to it. The idea of penalties for misuse of location information was also raised.

Respondents were divided on whether or not to introduce completely new legislation or amending existing legislation so that the immediate use of location-based mobile phone emergency services could begin. One respondent was concerned that quick “fixes” might open a door for potential gaps in the implementation of the amended legal framework in a way that could be employed by third parties for purposes other than emergencies. Another respondent was circumspect about the law in general: “[e]ven with policies or laws which are created, I am worried about quick laws being passed to authorities to allow them to use our data for surveillance without us wanting to.” This respondent was more concerned about the authorized use by external parties than unauthorized use.

5 The liability of the location-based emergency service providers

There can never be any absolute guarantee that an error will never occur when location-based mobile phone solutions are utilized under the national warning system in Australia. Different types of errors could originate such as, unintentional human mistakes and sudden faults in underlying technologies or infrastructure. However, several issues arise, especially if there is the likelihood of loss of life due to an error. Expert D maintains that there must be the ability to identify where the error occurred in order to take the appropriate action against an entity and that someone is held liable for that mistake, especially in the event that there is loss of life as a result of that error. Consider the complexity of the LBS value chain and the scenario whereby the Bureau of Meteorology sends out a cyclone watch message via a third party provider, who for some reason downgrades the message eventually misinforming the public. Thus, “defining the source of the error is a condition to defining the accountability of each party involved in these solutions” (Expert D).

5.1 Government accountability

It may be difficult to understand how a government can be held accountable for its actions (or inactions) but Royal Commissions in Australia are common, providing a platform for major governmental public inquiries into a given issue. For example, there was a 2009 Victorian Bushfires Royal Commission (VBRC) which handed down its final report on July 31, 2010. In the context of LBS for emergency services, the interviewees were not in agreement on who for instance would be held accountable if a person did not receive a warning message at a crucial time. The SES pondered on such a scenario: “[i]f I do not get that warning message that I have been promised that I am going to get on my mobile phone and my family or I am hurt as a result of that, my question to government is going to be: ‘Well you promised you were going to tell me and you have not and I have suffered this damage from it.’ I would be heading down the road to one of those barristers and I reckon I would have a pretty good case.” Realistically, however, another interviewee noted that no technology or system is fool proof, and that given LBS solutions rely on technology, the government cannot be to blame for system errors which are squarely outside their control. There is nothing to say that at any given point in time, something could go unintentionally wrong with the technology.

Expert A believed that the government should not be liable for any problems surrounding location-based services that negatively impact people, given that early warning systems are just one method among many available during disasters. But despite this, the government still needs to define, through an explicit legal framework, its exact responsibilities and obligations under location-based mobile phone emergency solutions. According to the SES: “[t]he government needs to have a look and make sure they have all the legal ends tied up to protect themselves so that whatever legislation they will bring in to place to cover this, it will provide appropriate protection for them to be able to provide the service.”

5.2 The telecommunications carriers’ accountability

Among the issues that should also be regarded in future legislation, or within amendments into existing Acts, is a reference to the possible inaccuracies in the delivered information disseminated by the telecommunications carriers to the people in the case of an emergency. Consider a scenario where a warning notifies the wrong group of people about a pending natural disaster, or provides the wrong list of directions on what to do (based on the location of a mobile), during and immediately after the emergency. Expert C advised that while it was good to have accuracy requirements, he believed it was a “very dangerous game to play to say that anybody has to be absolutely correct. And this is actually particularly true of location-based services with specific reference to things like the value of the location as determined ... It is actually a statistical game and it is actually not possible to be one hundred percent correct.” A notable practical example to support this can be found in the U.S. Government E-911 initiative, as the interviewee added “for a handset-based location determination technology like GPS, the operator has to be within 50 meters, 67th percent. So, in other words, you have to be within 50 meters of accuracy at a twothirds confidence. So, two out of three of those locations you provide you need to be correct within that 50 meters. And then they also said further that you need to be within 100 meters of accuracy at the 95th percentile. So, in other words, 19 out of 20 times you had to be correct within 100 meters. But, they quite reasonably said that 5 percent of the time, you may be well, completely wrong. But, there are basically two levels of confidence that are specified as part of the regulation.”

Accordingly, what is needed in the Australian context is to set comparable accuracy requirements that practically define the responsibilities of the telecommunication carriers and/or the government when location-based services are utilized nationally for emergency management. It is the operators who need to be held responsible for achieving those levels of performance, not so much the Australian Government. Expert C said, “[y]ou can use that mechanism to ensure that the operators are applying all the due diligence that they should be doing, that their network is as optimized as effectively can be on any kind of reasonable cost analysis basis, but at the same time it means that you are not going to hold liable that operator for an individual event where in fact the location information was not correct with respect to that location determination. And with respect to the performance of location systems generally, I think you have to have that realistic underpinning within the requirements of the government legislation.” Further consideration of the accuracy issue reveals that there needs to be a fine balance. The operator needs to be doing everything they can based on a given set of performance metrics without putting themselves in a liable situation so that any given individual at any given period can claim arbitrary large dollar amounts for damages (Expert C).

Service level agreements or defined contracts are the most logical and practical of options to define and regulate the relationship between the government and the telecommunications carriers. These contracts can also serve the purpose of defining the responsibilities when and if something goes wrong. Expert E complemented the views held by Expert C, looking at the dilemma surrounding accuracy of location information as a contractual issue. He said that ultimately it had to do with the contract between the service provider and the acquirer of that service. The acquirer in this instance is the Government (at the State or Commonwealth level) and they would have agreed on a series of service levels pertaining to location-based services for the emergency context. This is distinctly a jointly developed government and business model. This is a very important observation, that mobile government applications by their very nature are not, and cannot be, models exclusively built by a single stakeholder, but rather a collaborative effort between stakeholders (Fig. 3).

Fig. 3 Toward the regulation of location based emergency warning systems

Expert E played out a possible scenario based on the contractual relationship. “If somebody sued the service provider [for inaccurate location information], the service provider would say: ‘Well, I do not have a contractual relationship with you. My contractual relationship is with the state, so go sue the state. And if the state has a problem, then they will join me in that action [as a party] anyway.’ ” As Expert E’s scenario further developed, an individual who had been adversely affected might then sue the state for damages and to the extent that the state attempts to file an action against the service provider, that action will be limited by the formal contractual agreement. In this instance there are legal limitations on being able to underwrite against loss of life—“your indemnity for loss of life and the warranty on loss of life would end up being incredibly specific” (Expert E). The agreement would most probably say something like- the responsibility for life lies with the contractor, not the service provider. Expert E role plays in the shoes of the service provider: “[w]e will, of course, look after a death that occurs, for example, in the installation of the equipment that is going to be used to provide the service but not as something that occurs as a consequence of the service not being available or not working the way that you expected, except to the extent that we said it will work that way.” It quickly becomes apparent from the interviews that not a single stakeholder type, especially Government, will commit to one hundred percent availability of such services.

5.3 Roles and responsibilities under location-based emergency systems

A national location-based emergency system is yet to be fully realized in Australia, although members of the Australian public can now receive emergency alerts on their mobile phones. Among the surveyed population, most respondents said that the government had a responsibility to control the legal and operational aspects of such systems. One respondent highlighted that it was a great idea (especially if it was instituted free of charge to the consumer), but that it must be controlled by government regulation in order to protect the personal information and privacy of the individual. Another respondent noted that such services should only exist if service providers had first obtained the explicit permission of a given government organization. People generally found the idea of location-based services for emergency warnings to increase their personal security but most also noted the importance of implementing “strict laws” to prevent excessive intrusion on personal privacy. One respondent said that “it would be necessary to create government agencies that monitor the transactions by service providers, and make sure that service providers act under strict laws and government supervision.”

Expert A argued that the responsibility of the location-based warning system should be added to the existing list of responsibilities that are executed by the disaster management committee in each State and Territory in Australia. “Each state already has a committee for disaster communications. That is part of their roles and responsibilities. I see this as being very simple, easily linked into that. It should not take any additional bureaucracy to be involved.” Expert C perceived the responsibility to be a multi-dimensional role that should be distributed according to the specific function each party is fulfilling under the utilization of the location-based warning system. These parties include different government emergency services agencies, in addition to the telecommunications carriers. Responsibility is distributed across agencies that are best equipped with maintaining different aspects. Expert C stipulated that network operators should be responsible for location determination systems, the ultimate reliability of the location information, and the performance and capacity of the location determination mechanisms. Network operators would also be responsible for the integrity of the location information itself, but how that location information is used must be the responsibility of the agency and not the network operator.

Expert D held the position that the responsibility of warning messages be assigned with the most relevant department pertaining to that emergency. Expert D identified that the government agency would then outsource the requirement to send the message to one of the mobile telecommunications carriers. What is important here to note, is that it is likely that authorization for sending out specific warning messages still remains with the relevant authority, such as the Bureau of Meteorology for weather warnings, etc. Accordingly, a very important point is to clearly define the control authority, which is allowed to initiate the use of the location-based mobile phone warning system, assign the responsibility of the emergency situation to the proper government emergency agency (ies), and control the sending of the warning message to the public. The control authority should also aim to prevent the overlapping of jurisdictions between different government emergency service organizations over the responsibility of managing a specific emergency situation. Expert B provided an example from the VBRC when it was revealed that the Fire Authority wanted to issue warnings but they did not think they were authorized to do it, so they did not. Expert B identified an administrative problem rather than a technical one and noted: “I think that is what is missing and we need that worked out.”

At the time of the interviews, which government department would be granted the role of the control authority under the national location-based mobile phone emergency system was still unknown. The Victorian government official believed that it should, at least, exist at the jurisdiction level. “Who is going to run this thing? Who is going to own this thing? I do not have a clear answer for you because it is still a question that I keep asking. I think it should certainly rest on a jurisdiction level because the emergency management arrangements exist at that level” (Vic-Gov). But more importantly, a control authority at the federal level should also exist to ensure consistent quality levels of the location-based mobile phone emergency services anywhere in Australia. “Every Australian citizen is entitled to receive a message if they are potentially in an emergency situation. Now, if I was traveling throughout the Northern Territory, Queensland or Western Australia, I would dearly hope that the quality of the service provided to me was equal to that which I received in any other State or Territory. So, from a federal perspective, there would need to be guidelines around what that meant... ensuring that [each state] was delivering that same quality of service countrywide” (Vic-Gov).

Expert C identified Emergency Management Australia (EMA), which belongs to the Attorney-General’s Department, as a good candidate for the role of the control authority over the location-based mobile phone emergency system on the national level in Australia. It was the opinion of a number of experts interviewed that a common approach and platform within a consolidated agency was required for the successful implementation of a national warning system, alerting people of diverse emergencies as they occurred. Among the responsibilities that the EMA might enjoy include: maintaining the reliability of the national emergency warning system platform, maintaining the privacy of any personalized location information gathered according to the Privacy Act, the structure and contents of distributed warnings, the management of the geographic boundaries and the integrity of the interfaces to the networks for getting the location information (Expert C).

6 Opt in and opt out system design issues

In regard to the opt in/opt out design aspects, a number of interviewees agreed that every person in Australia should receive the warning message without having the opt-in option built into the location-based mobile phone warning system. In addition, most viewpoints concurred that the system should not have an opt-out option. In other words, each individual in Australia is obliged to receive the warning notification if they are located in a defined emergency area (see Fig. 3). The role of the government is to provide societal securitization to protect citizens and non-residents from harm. As the SES representative pointed out, if you make it an opt-in system does that mean you let all those who opt-out just die? There is something inherently unethical about such a systems design. Expert B emphasizes that during an emergency there is no opt-out, “[i]t is compulsory to receive the warning message.”

Implementing an opt-out feature in a national emergency warning system complicates the network design. Expert E plainly concurred with other interviewees, “I cannot see that working.” Opting-out is fraught with a number of concerns. For instance, what if two people share the same phone, and one wishes to opt-in and the other opt-out? Taking the possibility further Expert E developed the scenario: “[i]f one opts-out and the other dies because they did not get an emergency warning because of the opt-out, I would not like to be representing, for our firm, the people who are sued because of that.” Thus opting-out just does not make sense. The official from the Victorian Government also shared a similar opinion: “[i]f they opt-out and they did not receive the message and then the unfortunate event occurred where they lost their life, it would not be well received within the Coroners Court as to why they did not get the message and why we could not have, when provided everybody else, with a means of maintaining their safety.” For Vic-Gov the national warning system should neither be opt-in nor opt-out.

However, the following are some interesting points of view on why there is a need to enable the opt-in and opt-out options in the location-based mobile phone warning system. Expert C in particular voiced his bewilderment at why the Government placed such constraints on the solution, without allowing people to opt-in or opt-out, instead automatically applying the solution to everyone. Expert C correctly identified the usefulness of opting-in to emergency warnings, because one might have an interest in a given area despite not actually being there during a disaster, and want to be kept informed about the latest developments. For Expert D, the facility to opt-out should be an option, independent of why someone does not wish to receive messages that might aid their survival. He noted that there are five levels of threats, and that one could build a warning system that was dependent on the severity of the warning. Level four and five warnings, for instance, may not provide an opt-out feature due to the severity of the emergency, simply if one is in that geo-location then they will receive a warning message. But for lower level warnings that do not have an impact on one’s life, an opt-out option should be offered.

“Some people will be interested in certain things for different reasons. I think it should be recipient driven because you cannot make too many assumptions about the communications people want to receive”, said the Whispir-Rep. There are some complex use-cases surrounding the deployment of such warning systems but providing people with the choice is very important and not difficult. The Whispir-Rep considered that such a choice could be made by providing an interface whereby people could manage and maintain their own profile. For instance, what happens to people who have several mobile phones for different reasons, should all their phones ring at the same time to let them know a single message has arrived in their inbox.

The perspective of the survey respondents who specifically wrote comments pertaining to the issue of a opt in/opt out system design as a means to maintain the individual privacy and as a mechanism to control the use of the service under the utilization of the location-based mobile phone warning system is somewhat divided in opinion. One respondent wrote: “[t]his service should be regulated by the government and made compulsory in all phones and the choice would be to the individual to use or not.” Another wrote: “LBS should be an opt-in service. In regard to emergencies, in a triple zero call, the first question should be ‘can we access your location information?’ Some people might be deterred from calling for help in an OD [Over Dose] situation if they do not want authorities knowing where the OD happened (someone’s house).”

A number of respondents stipulated an opt-in service to ensure they had more control of their own privacy. The ability to switch off the LBS functionality to protect privacy was prevalent in numerous responses. “Obviously, people are going to be concerned about data being used inappropriately, so measures to put users’ minds at ease would be the biggest thing,” wrote one individual. Some respondents had clear concerns about the possibility they would be constantly tracked in the name of “emergencies.” There seemed to be a constant struggle in individuals who wrote about the usefulness of LBS in emergency situations, only to follow up with a statement that was seemingly contradictory. Most people wanted to use LBS only at a time that was necessary during an emergency but definitely not when engaged in personal errands. Others were still suspicious over where their personal location data might end up, such as in the case of targeted advertising campaigns. “I would stop using LBS the moment information was used for targeted advertising, even if it meant not having the service available in an emergency. I would also not use the LBS if it had no government “anti terrorism” opt out option. I do not need be told the “threat level” of any area I visit, nor do I want to know about riots, etc. as the decision is mine to make without government influence.”

7 Location-based emergency service quality dimensions

Survey respondents from the general public did identify factors related to accuracy, currency and responsiveness of location-based mobile phone emergency services. Most prominent in their remarks was the need for acceptable quality levels. A recurring theme amongst respondents was that for such a warning system to work, the information provided by the service must be accurate and timely and reliable. In this manner it would lead to personal safety but otherwise fail. Respondents did not expect a service that was always accurate as they did not consider technology to be perfect per se, but they did emphasize the need for only a very small margin of error. One respondent wrote: “I have some concerns about the accuracy. Sometimes it may not direct you to the right position in the shortest available path.” A number of respondents distinctly discussed “quality” and others “product reliability” but emphasized that without quality and reliability the LBS warning service would be useless. Other conditions the general public identified included that the service should be heavily regulated, controlled, optional, and free to use. Some respondents were also very concerned about how personal information might be misused but when it came to safety were concerned about the possibility that incorrect information would be dispersed or late data arrival would only add to the confusion during an emergency. People also highlighted the pitfalls of late data arrival via SMS which if not timely could cause panic and chaos amongst the general community which would be even more hazardous during an emergency situation.

8 People’s trust in location-based services

When Expert C was asked about the impact of trust on location-based services for emergency warnings, he replied “[u]sing the telecommunications network channels as a mechanism for warning people in emergency services is something I would trust to the extent of it being better to have it than to not have it.” It is perceived that most people who received an emergency alert from an emergency authority would consider it to be beneficial. Expert C explained further: “the information that I received by that alert I would trust to the extent that I trust emergency services to get it right, but that is not the technology’s problem, that is just the general perspective on how reliable and trustworthy public authorities are in any case.” Similarly, Expert B commented that people trust firemen more than they trust politicians, so trust in a location-based emergency warning alert system for tsunamis, fires, earthquakes and so on, should be accepted by the general public, if not highly favored.

A close examination of the responses by the expert panel implies that people’s trust in the location-based mobile phone emergency service would actually reflect their trust in the actual services, in addition to their trust in the authority that controls and provides the services. The Redcoal-Rep preferred to rephrase the question reflecting: “Will people trust it? I think the question should be will they trust it more than the existing modes of communication, which is the media? I would imagine, to a large extent.” However, building people’s trust in these advanced services may require educating the general public about the specific benefits of these services for emergency management and also on the limitations of the capabilities. For Vic-Gov awareness was very important where trust in services and the authorities who offered them was a concern. “Once we have educated them [the public] on the fact that this technology exists and that, potentially, at any time they could receive such a message, a large percentage of the public would trust the message they will be receiving.” In general, people’s trust in location-based services is a key element to the success of the services within the national arrangements of emergency management in Australia. One respondent commented that while the service was good, that her only concern was whether LBS would be a trusted product for emergencies. This respondent also drew a close tie between trust and privacy. Another respondent rightly commented that if LBS became a highly trusted service that could be used for emergencies, only then would it be possible to prevent many deaths and other losses.

9 Risks associated with using location-based services

The risks associated with the use of location-based services as emergency services were considered to be just like any other technology (Expert C). Nonetheless, one of the social risks that could be specifically associated with using location-based services is the possibility of not informing or instructing individuals properly in the case of an emergency. According to Vic-Gov the risk was not so much with the LBS technology but rather how people might react when receiving a message.

Another risk that is not related to the characteristics of location-based services but in the way they might be utilized within emergency management activities is to rely entirely on these services in emergencies. Expert D described the risks with an over-reliance on any one technology or communication channel. There are inherent risks with using just a mobile phone to keep updated on the latest emergency news, without some kind of backup secondary outlet like television so that information could be reconciled in more precarious situations. Expert D noted: “I suppose that would be the biggest risk if their sole information source was their mobile handset and were not getting any sort of secondary information from television or radio, then there would sort of be that risk because it is always useful and very important to have ... secondary sources to make sure that they are consistent with each other.”

However, one of the experts argued that it is more important to think beyond the risks that are associated with LBS technical failures and to consider the risks associated with LBS in relation to the surrounding political environment in which these services are utilized by the governing forces in power. With regard to the social risk, Expert C claimed that LBS was just like any other technology, that it could be used for a variety of purposes: “[i]t is not the technology itself that is fundamental actually. The fundamental control that people have with respect to how much surveillance they are under, what controls they are under, to what extent their freedoms are constrained, is more fundamentally linked to the strength of their democracy than it is to any one or other technology that exists within their daily lives.” Accordingly, it is the political environment that can introduce concerns for people in the way location-based services might be utilized. Thus, Expert C was adamant about any social risk that could arise from LBS in emergency management: “[it] has more to do with the extent to which their society and the strength of their democracy protect them [the general public] than it does anything to do with the technology itself.”

In all the interviews with the expert panel it was found that any potential risk that may be associated with location-based services utilization for emergency management in Australia will be far less than the risk of not introducing these services at all. The Redcoal-Rep spoke about the difference between perceived risk and actual risk. For him, the perceived risk from the public is that the LBS infrastructure might be used for other applications other than for emergencies, heralding a type of function creep. But in terms of the actual risk, the Redcoal-Rep was circumspect in saying that “you need to consider the fact that any business technology may fail. That risk is common for any new service or even existing service that is in place.” The Redcoal-Rep also discussed the notion of relative risk, in this case, the risk of not implementing a nationwide emergency service. Quite often the perceived risk far outweighs the actual risk. Indeed, the risks of not introducing location-based services for emergency management in Australia have been manifested in the recent trend of the Australian Government which followed the tragic 2009 Victorian Bushfires in identifying the compelling need for utilizing location-based mobile phone technologies for emergency management purposes on the national level [26, 27].

10 Privacy issues

Emergencies, as unique usage contexts of LBS, should by their very nature be enough to alleviate any concerns people could have about privacy and the way these services are utilized. That is, it is generally hard to believe why someone might wish to exploit others during a time of crisis. SES were very honest in their appraisal: “I think there are privacy issues, but it is probably in our best interest to waive those privacy concerns, and it is more about people keeping safe. And to keep people safe you need to be able to tell people they are in the path of danger, and I think that waives those privacy issues.” A similar sentiment was echoed by Expert E, “[m]y personal opinion is that there would be a general expectation that, perhaps, privacy should fall away when there is a threat, particularly when the individual is threatened.”

The position of Vic-Gov on the matter of privacy was quite straightforward: “[i]t is not something that we are going to use to even identify the name of the person necessarily. All we are interested in is that phone number within the emergency area at the time of the event.” For Vic-Gov it has more to do with making the individual more resilient and providing them with information which helps them to make informed decisions. If people can call triple zero in Australia without any expectation of privacy, then the privacy associated with this [LBS] should similarly not be an issue reasoned Vic-Gov. It will be the same organizations which will handle the information, save for the potential for evidence to be used in exceptional circumstances like in a Coroners Court.

In the case of an emergency the essential identification of personal information, such as the mobile phone number, should never be perceived as a threat. This sort of identification might be the only approach for the government to provide locationbased mobile phone emergency services to people, thus the needed safety information to counter or deal with that emergency. The only difference here is that in triple zero calls, an individual volunteers their personal information for safety purposes, while in an emergency warning setting the Government makes a judgment regarding the safety and well-being of their citizens. Vic-Gov again reiterates: “[t]he only aspect that we are interested in is the number. If there was another way we could send a notification to that handset whether to the IMEI [International Mobile Equipment Identity], or something like it, that would do us as well. It is whatever will allow us to get the message to that handset in the most efficient manner.” The Vic-Gov official insisted that this mode of identification for emergency purposes cannot be labeled as collection of personal information and, therefore no privacy concerns should be perceived. She said: “[i]t depends ...on what your definition of collection is. I would prefer to talk about it as being purely identifying active handsets at a point in time because a particular event has occurred and we feel an obligation to notify those handsets that an event has occurred and there is the likelihood that they could be impacted by it. We are not collecting anything. We are identifying the handsets that were there at that point of time and that is the extent of it.” There needs to be a clear distinction between the possibilities of a breach in privacy in government applications like the national warning system, and those pertaining to commercial entities. In a commercial context it is expected that consumers might have grave reservations about LBS, even though carriers have been storing this information since the inception of their networks.

The identification process of individuals cannot trigger any privacy concerns since there is basically no breach to people’s privacy. Vic-Gov further explained that from the emergency management perspective, the Government will not have visibility of even who the individual is; they simply require a mechanism to notify a person that they may be in a potentially dangerous situation. Whether it is the handset ID or a handset phone number is irrelevant. Nonetheless, while the majority of people would most likely overweigh the potential benefits of LBS over any associated concerns, the benefits alone may not stop some individuals from continuing to perceive the use of LBS as an invasion to their privacy even during emergencies. “There are people in the community that would actually find that an invasion of their privacy. Strange as it may seem, there are people like that out there, but I think the majority of people would not be too concerned about receiving a message if it was aimed at helping them to survive a threatening situation” said Expert A.

It is argued that privacy in today’s society has been augmented as an issue of concern due to the political climate that has been progressively characterized by the introduction of unprecedented security measures forcefully attempting to counter all identifiable human- and natural-caused security risks. These measures, such as the CCTV Ring of Steel initiatives in New York and London, and body scanners in many airports around the world were introduced by several governments, including the Australian, as indispensable to the general public’s safety. They are however perceived by many as the beginning of the “total surveillance society” [28, 29]. As a result, new security initiatives such as the national location-based mobile phone emergency system, with the ability of its underlying technologies to locate and track mobile handsets almost everywhere, could easily trigger genuine concerns about privacy. For Expert E, things became a lot greyer once the extent of an emergency becomes drawn out, in a similar way to the issues surrounding Homeland Security in the United States. In this instance, the national security threat has lasted for eight years and is not about to go away any time soon, so privacy is curtailed for the public good. Now ask someone in the general community whether they would like to use such a warning system for a one off event like a Tsunami, versus some kind of terrorist threat and you might end up with some quite different results to what you expect. Expert E summarized his position as follows: “[s]o, would I mind if personally identifying information, which I have not given permission to use, was used by the police to warn me that there was a burglar in the street? Then no, I would not, and I do not think most people would. Would I mind if that information was used for something, which was generally for the good of police operations in Sydney? Yes, I would. I would be much more upset about it.”

Although there was an overwhelming appreciation for LBS utilization as an additional useful emergency tool by the survey respondents, nonetheless several comments heavily expressed the concerns people had about the privacy of the individual in Australia if and when LBS were utilized for emergency management. One respondent wrote: “I am very concerned about the impact this technology would have against civil rights, including lack of privacy.” Numerous individuals were concerned about the misuse or abuse of individual location data: “[m]y concern is what happens if government abuses the use of LBS?” and again, “there must be limits on the access of the services”, and another “I would be concerned with the negative aspects that may arise, specifically if the data is misused.” Now in all of these instances, individuals did point out that they saw an emergency warning system facilitated through their mobile as a good, beneficial, and positive idea that they would support, but individuals also were not devoid of thinking about the “what if” scenarios. One respondent listed his concerns as follows: “1. Loss of control over personal data, including location data. My privacy would be compromised. 2. The potential for my data to be misused by unauthorized individuals. 3. Anxiety relating to other parties knowing my location at any given time and making inaccurate assumptions about me/my family. Safety concerns are also relevant here.” On the latter issue of personal safety, one respondent raised the point of the potential for private information collected about geolocation to be distributed or shared amongst the third parties affiliations of telecommunications carriers. This issue was not just about sharing data but also that the data collected by the carrier could in no way be guaranteed in terms of integrity. The risk of unauthorized access of an individual’s location data would in fact be a breach to personal privacy, said another respondent.

Privacy issues associated with utilizing location-based mobile phone emergency services were perceived as a problem and a real source of concern to the people who had responded to the survey, and who were likely to consider themselves amongst the prospective users of these government emergency services. This is despite people’s critical appraisal of the significant benefits of the services for emergency management purposes (Table 3).

Interestingly enough, one explanation of why people might perceive the use of location-based services as an invasion to their privacy, even during emergency situations, is given by an emergency management expert who believed that individuals who had never been in a serious emergency before would still outweigh his or her privacy over anything else. The expert from SES who works in emergency services has experienced situations where people can be caught up in danger very quickly. While he did not mind receiving an SMS if he was found to be in the area, to assist others out of harm’s way, he commented that a citizen who had probably never seen a lot of these situations, might find himself/herself thinking that access to sensitive location data was an invasion of their privacy.


Table 3 People’s perceptions of privacy: representative responses

Table 3 People’s perceptions of privacy: representative responses ID Representative privacy related comments from the survey response 1 I agree that there are many advantages in using LBS. But, I also note that my location information can easily be misused as well. Tough laws need to be passed prohibiting unauthorized use of personal information (location) without user’s consent/authorization. But, even with the existence of tough laws, the possibility remains for others to use information about one’s location. 2 I like the idea that LBS should be used in case of emergencies. However, with recent events ... that law enforcement here ignored the rights to privacy, the conflict of rights to privacy and the importance of security need to be addressed. 3 I would be concerned about my location information being used without my permission. If part of using LBS included my location information being used by third parties e.g. advertisers, I would not use it at all. 4 I strongly support the use of location-based services for emergency management as I believe that it could really help save lives. At the same time, I hope it is used only for these purposes so that people’s privacy could be retained. 5 I would like the telecommunications firms to use LBS but only for emergency situations ... But, the problem these days is that our privacy is violated by these companies, and would you believe these companies would treat our privacy in full confidence? These days we all supervised by the government, security cameras on the streets, and even sometimes these reach our rooms and houses. Moreover, spy satellites can identify and get us even in our own places. Would you accept that LBS violates our freedom? These technologies are pretty nice but only if we use them right. 6 It is a good idea, but can be very intrusive and annoying if advertising companies get access to it. 7 LBS sounds like a good service for emergencies. However, if a person can be located constantly wherever they are this may cause concerns about being ethical to know where someone is 24/7. While many would use it for good, some may use it to benefit their own behavior. 8 Whilst I can see the benefits of using LBS, I have major concerns over the fact that these mechanisms can be used to track my location. I understand that my mobile phone can easily give a rough location as this is just a by product of the technology of mobile phone towers. I do not want my exact location to be known 24x7. I believe the technology should exist where with 100% certainty the feature can be turned off. 9 Although I have a few concerns of being tracked by the service provider, if it does not impinge on rights of personal freedom too much, I think that it is valuable and definitely beneficial. 10 This is an interesting idea as long as it does not affect people’s privacy or personal life in any way. 11 LBS would be a great help in emergencies as long as it is not used to interfere with the privacy of people using it in daily activities. 12 Something like LBS would be exceptionally useful if the privacy concerns are looked at; then the advantages will outweigh the concerns. 13 For me, I am totally on board with the use of LBS for emergency management. The only concern that I have is the potential abuse of personal information. Organizations must handle personal information properly when no emergency exists.

In addition to the lack of awareness about the seriousness of emergencies, and accordingly the possible benefits of LBS in such situations, people might also be unaware about the fact that providing mobile location information to the government in the case of an emergency is actually part of the service agreement package with all mobile service providers in Australia. Although these agreements only cover citizen-to-government (C2G) types of services, without any explicit mention to the government-to-citizen (G2C) service type. The possibility of provisioning such information is nonetheless consented by each person once he or she enters into a mobile phone service in Australia. Expert A reiterated the importance of this fact and emphasized that emergency warnings were an “information service” supported through service providers and definitely not a breach in privacy. It is a public service announcement and thus it cannot be opt-in or opt-out, “it is there permanently and you just have to accept it as being part of your acceptance of a service provision” (Expert A).

In regard to privacy and location information, one of the key experts who has long worked with location-based technologies argued that the pervasiveness of mobile phones and the abundance of technologies and applications that successfully integrate location information as part of the regular service offerings have all helped to positively change the social attitude towards the use of the personal locational information. As the expert discerned, location information has become a “common topic” amongst the general public that does not raise high sensitivity today as it used to about a decade ago. According to Expert C, much of this has to do with time. At the turn of the millennium when 911 happened there was a lot of talk about new location-based applications like friend finders, child finders, local information, navigation and the reaction of the people was “ ‘Oh, I don’t like the sound of that’. There were the big brother implications. There were the surveillance implications. There were the government control implications ... [but] come forward ten years and the last few years in particular, and the proliferation of personal navigation devices, there is an increasing amount of comfort with things like GPS and knowing where you are.” Indeed the introduction of “free” services like Google Maps (e.g. StreetView and Latitude) has somewhat desensitized users on the one hand, and educated them on the potential application on the other hand. For Expert C, location-based emergency services are a “social service” that he could not believe would be a controversial or contentious issue with the general public, and definitely not an election winning issue.

Expert C stressed the need to acknowledge the technical and physical limitations of the current telecommunications networks and positioning technologies in Australia, as these limitations would ultimately provide a rationale for the public to eliminate any misconceptions about possible infringements in privacy. It is worth quoting him in full: “[f]or a system like an authority to citizen warning service, there is that implication associated with the whole concept that you have to know where everybody is, and that actually ... is a significant technical challenge, practical challenge. A network operator cannot actually know moment to moment where everybody is. The actual determination and specific geographic location in a mobile network context requires resources, requires network signaling resources, it requires device resources if the device is contributing to the location determination. To be continually doing it moment by moment, to know where everything is actually is not a practical proposition. It is not a practical proposition with today’s technology. It is not even a practical proposition with foreseeable technologies because you have got to acknowledge that you are actually going to be consuming resources, and if it is moment by moment at arbitrarily small intervals that you are going to be consuming resources, it is something approaching infinity.” While Expert C raises some very important points to do with the feasibility of tracking citizenry moment by moment, the granularity of tracking still remains a relevant discussion point. Most people would agree that you do not require such fine granularity to understand the location profile of an individual. And as humans are creatures of habit, predictions are usually accurate to an established margin of error.

What is perhaps irrational, beyond the technical feasibility of tracking and monitoring citizenry is why a government would actually wish to track everyone anyway. The Vic-Gov representative dismissed the idea completely: “... the things not going to be on all day long just monitoring who is moving in and out of a network all around the country.” She concurred with Expert C regarding the load such a scenario would have on a carrier’s network. She also believed that a carrier would not want the government probing and monitoring to that extent. Expert E also pointed out that no carrier would want to risk damage to its brand or reputation by using the available locational information potentially for purposes other than emergencies. “The carriers themselves are terribly concerned to make sure that they do not abuse... personally identifying information ... in a way that could result in almost any criticism” (Expert E). Expert B emphasizes that the community will accept that some of their normal rights will be limited or waived in the event of a state of emergency. In this instance, people might not only accept, but expect to be ordered around for their own good and survival.


Fig. 4 Trust, privacy and risk

Nevertheless, there is still a need to clearly reflect the potential invasion of privacy in future government legislative amendments. The Whispir-Rep asserted: “I would like to see a recipient controlled system. That is the most respectful and appropriate way to engage communications. But that might not be practical. If there is a political will to or a desire to communicate to every handset, then all you are talking about is overriding people’s preferences and sending them a message regardless ... There are privacy issues to be dealt with. I am not saying that it is a reason not to provide a service but certainly the legislation needs to be changed to send a message to those people whether or not they have asked for them. My understanding of the legislative framework is that it needs to be changed to this use case.” Finally, as there shall always be concerns from some individuals and associations about infringements in privacy, even if the intended purpose of location-based mobile phone service utilization is for emergency management, the government of Australia can genuinely help to alleviate such concerns through communicating a set of guarantees about the use, collection, and storage of the location information under location-based mobile phone emergency solutions. As the Redcoal-Rep insisted, a large part of it had to do with how the government communicates the need for such services in case of emergencies. Expert D puts it all in perspective by saying that there are always going to be privacy issues concerning the general public. “You have always got to have a sector of the community who will be concerned about whether that information is somehow leaked out or made available or used for other purposes. So, the community-related determinant matters between stakeholders would have to be assured that the collection of location [information] would only be for the specific purpose of warning you of a quite threatening emergency. And even in that case, any information collected by the agencies about your current location would then, somehow, be de-identified if the information needs to be stored.” A summary of trust, privacy and risk-related matters between stakeholders can be found in Fig. 4. It should be noted that the union between two stakeholders indicates the dominant matter at hand. For example, the dominant theme found in the analysis between “government” and “customers” is “Trust”.

11 Potential barriers in the national utilization of location-based services for emergency management

11.1 Lack of national coordination

Had it not been for interstate disagreements, Australia would have already had a realized national location-based mobile phone warning system [30], some believe even as far back as 2006. Expert B discusses the problem as a lack of national coordination. A possible reason for this lack of coordination could be the lack of viable attractive business propositions of location-based mobile phone solutions through which emergency services can be successfully utilized on the national level in Australia. Expert B blamed the professionals involved who failed to come up with viable proposals for a national emergency warning system, and not due to a lack of political will. “I think it is partly that emergency experts need to get together with the technology computer experts and work out what to do because I cannot imagine the politicians are going to say: ‘No, we do not want a reliable integrated emergency warning system’. I think the problem is politicians will naturally react at short term. That is normal for them. So, you have to know how to cope with that when you are proposing something to them.” However, the lack of an inclusive national coordination to emergency management between the different States and Territories of Australia can possibly still be manifested in the decision of the government of Western Australia to keep its StateAlert emergency system instead of adopting the recently deployed national emergency warning system (NEWS). Under the COAG agreement, each state or territory retains full autonomy about the warning system it chooses to implement [31]. This provides an impetus for the future need of an extensive collaboration between the government of Western Australia and other governments of Australia to resolve certain issues related to systems integration, regulations and legislative jurisdictions.

11.2 Lack of a common approach for emergency warning in Australia

Another potential barrier in the plight towards the realization of a national location based mobile phone emergency solution in Australia is the lack of a common approach for the warning notification between different emergency organizations in the same State or Territory. This is despite the fact that comparable government emergency organizations from different states or territories in Australia have developed equivalent warning notification arrangements to the general public in the case of a specific emergency event [32]. This issue has also been noted by Expert B in the perceived need to get the relevant emergency authorities to agree on a common approach for emergency alerts before even talking technology. “[I]f you magically built a system to send everybody a message tomorrow, we still would not be able to send them messages because we do not have a coordinated decision-making process as to what message you should send.” This just further demonstrates that it is not merely a technology problem.

11.3 Financial issues

Some of the financial implications of utilizing location-based mobile phone services within the national emergency warning system were identified by expert interviewees and survey respondents alike. Expert A said that the cost of such a system was a “huge impediment” to progress. The two options to overcome the cost barrier included waiting until things got cheaper to build, or waiting until the pressure from the public was so great that cost no longer was a factor because it was overtaken by need. “I think lots of people will have considered it but they probably were reluctant on the cost of it and how often it will be used”, commented Expert D. If we ponder that an early warning system of this nature will rarely be utilized yet has to be available 24/7, it is a hard sell. Indeed, several comments from the survey respondents actually raised people’s concern about the financial burden of these services once they are utilized. Some respondents were concerned that the service would be fee/tariff-based and that only those who could afford it could opt-in which would raise significant equity issues. “As long as there is no extra cost to users, it is alright”, noted one individual. And another said categorically, “[i]t should be cheap or free.” Nonetheless, all interviewees basically agreed that the responsibility lay with the federal, state and territory governments in financing location-based mobile phone emergency solutions under the national emergency warning system. Vic-Gov said, “[e]very Australian citizen has the right to be advised if they are likely to be life threatened ... it probably rests at both a Commonwealth and a Jurisdiction level, the funding of such a solution.” A complementary remark by a citizen was that the additional cost should be borne/ supplied by government and that part of the Goods and Services Tax (GST) should be allotted to the scheme.

One of the interviewees suggested that part of the financial burden could be carried by the telecommunications carriers and mobile service providers in Australia as a condition of their operating license. Expert B pondered, “I think it has to be directly government funded and partly industry funded. So, for example, in the case of television and radio broadcasting, the radio and television broadcasters pay the cost themselves already. They do not charge the government a fee when they issue an emergency broadcast. It is a condition of their license and I think similarly with telephones you would do the same thing.” However, the Victorian Government official who was interviewed entirely dismissed the idea of the participation of the private sector in financing such systems: “[w]hen you dial triple zero you do not get an ad while on hold waiting a call taker. It has never been our intention that a system like this would be ever financed through any kind of advertising or support or a sponsorship.”

In all cases, the cost of funding these systems must be clearly justified to the public. Expert A reflected, “[i]t costs a lot of money to put these things into process and a government has to justify to the people and also to the opposition why that money has to be expended. And with the economic situation at the moment I think they are under more pressure to cut costs and when they look at the impact of a disaster it is only when we get impacts like the Black Saturday disaster, where a lot of people died in very small communities in our heartland, that we start to take notice.” Finally, the cost factor should never stand as a barrier in the face of realizing locationbased warning systems in Australia, although realistically there would be some kind of return on investment (ROI) figure that would need to be calculated somewhere. The Vic-Gov representative was not naïve about this, stating that it would potentially depend on a cost per message figure. But she also said, “[it] would break my heart that somebody might hover over that “cent button” thinking there is enough money in the budget to save those lives.”

11.4 Australia’s small emergency management budgets prevent the use of new technologies such as location-based services

Australia does not invest much in technology to counter the effects of natural events compared to the country’s investments on counter-terrorism technologies and programs. This is despite the fact that terrorism attacks are very rare in Australia [33]. Australia’s Federal Government cumulative investments on counter-terrorism programs, including public campaigns, has exceeded Aus$10 billion since the September 11, 2001 attacks, compared to only Aus$500 million in managing the potential consequences of a large-scale natural disaster occurring in Australia [33]. Expert A argued that such small budgets have prevented Australia from exploiting or investing heavily in technology, including location-based technologies, specifically in countering natural emergency events. As he argued, the main reason for keeping these budgets small is Australia’s great reliance on voluntary manpower during these types of emergencies. Expert A said: “... although we follow best practice [in emergency management] ... the use of technology has been a little bit overlooked or not been as embraced as it could have been.” Expert A points to the fact that Australia has a great reliance upon volunteerism. So to an extent we are already dealing with emergency services that are heavily restricted by budget constraints. To start discussing the potential for a technology-based system that would require a significant outlay to begin with and then to operate and maintain is probably being exorbitant.

11.5 Population distribution in Australia prevent effective mobile location-based emergency service

The use of location-based mobile phone services implies the government’s commitment and need to adequately reach and effectively target all mobile handsets within a defined emergency area of all carriers in Australia [27]. However, covering all of Australia with functioning mobile phone services would require massive investment in networking and underlying infrastructure, something that is not economically viable or practically feasible today or even in the near future, despite the notion of universal service obligation (USO) being so pronounced in Australia. For one respondent the vision of Australian-wide coverage was good but the reality was that the reception of signals was unreliable in some non-urban locales, and that things would remain the same until some major spending occurred. Expert A believed that this type of technology worked well in cities but for those who lived in smaller regional and rural communities the technology was not always reliable. He said, there was the potential for individuals to miss out on timely and valuable data. Expert A identified an issue of equity, when some members in the community would receive a timely message, and others would not. For looming emergencies that could be predicted 24–48 hours prior to enactment, timeliness was not such a great issue, but for those that needed more imminent warning, messaging to those greatest at risk was a problem. “We have a responsibility to all the communities and we should provide that equally. So, I think focusing on people that live in the urban areas because there are more of them is not actually doing what is best for the communities as a whole. And we should not go that way because we then start separating rural and urban. It becomes an equity issue as well and everyone is equally threatened by hazards in a place where hazards exist” (Expert A). To date the focus has been on providing communication services to Australia’s coastal strip but there is now a need to offer all Australians the same access to services.

11.6 Technology constraints and limitations

As one of its core obligations toward people, the Australian Government needs to seek a technology that is accessible by all mobile handsets in the case of an emergency. Constraints may be forced on location-based mobile phone emergency solutions if no such technology exists. The Redcoal-Rep advised: “[w]hatever service is developed, it has to be accessible by everyone. There is no point in having an emergency alert system that sends out emails when not everyone has an email address.” Unfortunately, none of the currently available technologies can fulfill the prime requirement of reaching every handset in the event of an emergency. In addition, the very few technologies that are accessible by most handsets working today do not represent an attractive solution to the Australian Government due to their coarse coverage definition and inaccuracies. These issues were clearly reflected in the comments of the official from the Victorian Government who specified the State’s thorough but unsuccessful efforts researching a technology that can be effectively utilized in location-based emergency systems on mobile handsets. The main issue is the existence of a mix of mobile technologies in Australia, and that 3G technology is not as straightforward as 2G. “I am not quite sure whether anything might even pop its head up, still on the 3G network that looks something like cell broadcast, but we will still have issues with the very large reach cells that are in more regional and remote locations. I do not have a good answer yet on how we would narrow that down when using something like cell broadcast. Where these things have been deployed elsewhere in the world, they are all based on cell broadcast. It is still a bit unknown even how well received or accepted they are” (Vic-Gov). So the geo-demographics of a given country have a great deal of impact on the success of location-based emergency solutions. A summary of the barriers that held back the Australian government’s introduction of the national emergency warning system are depicted in Fig. 5, juxtaposed against the mechanisms that supported their ultimate deployment.

Fig. 5 Toward the successful deployment of a National Emergency Warning System

12 Recommendations and road ahead

12.1 Towards a solution that evolves

Viable location-based emergency solutions should be capable of evolving over time by adapting to new technologies while not entirely relying on one specific technology. Expert C said it was imperative to look for a scalable and evolvable technical solution that would cater needs well into the future, at least ten years. For example, a focus on using SMS as a key or only warning channel would be concerning as it is an old technology. Expert C explained further, that while SMS had a high penetration, it was in the words of Peter Drucker: The future that has already happened. SMS is a switch circuit, public switch telephone network technology, and not a broadband internet technology. Expert C predicted the disappearance of SMS in the future. “If you look at LTE [Long Term Evolution] which is the next generation of 3G or 4G networks from the standards, they do not even support circuit service. There is no SMS in LTE. There is no SMS in WiMAX. There is certainly no SMS in DSL [Digital Subscriber Line] or cable connectivity. And yet, they are all telecommunications and network channels by which, if you are making a plan to have a national system for alerting people about emergency situations, they are the kinds of technologies that you should actually have at the forefront of your mind, to know how you are going to address that” (Expert C). In summary Expert C warned against going down a “blind alley” or “dead end” with SMS, and called any investment into it as “sunk capital.”

Other concerns about a SMS solution have also been voiced by other interviewees, specifically the scalability of its underlying technologies for mass public warning purposes. This concern was, particularly, expressed in response to recent trials in Australia in which several State governments used SMS to disseminate safety information to the people. Expert B was clear that neither the fixed landline solution nor the SMS solution was workable or would scale. Expert D supported this opinion, “[t]hey need a system that is definitely scalable from sending ten messages a minute to 100,000 messages in seconds or whatever. The scalability is a major issue.” In addition to SMS, concerns about cell broadcasting technologies have also been expressed since these technologies do not represent an attractive option for emergency management purposes. Expert B admitted to liking cell broadcast technology in mobile phones but added that it was not well supported by carrier or handset manufacturers. Expert D acknowledged that while cell broadcast was a feature that some ninety percent of mobile phones had set to default, that some handsets would have it turned off, leading to major issues after an emergency. One advantage of SMS over cell broadcast is that SMS was usually carrier independent, but from a performance point of view it is quite smart to get the cell tower to broadcast a message to all mobile phones in range (Expert D). However, most people are not familiar with cell broadcast or have not knowingly used it before, so “[f]rom a public acceptance point of view there would need to be some form of public awareness campaign because you do not just simply want someone right now to simply receive all these cell broadcasts and not knowing where they are from and what they all really mean” (Expert D).

Similar concerns about the cell broadcasting technology have also been shared by the Victorian Government official. She stated, “we have pretty much discounted it as the means by which we would move forward, because it is too coarse and it is too broad in its reach. And we are very specific, as good emergency management practices would say that you only notify the individuals that are within the area of the likely impact.” In Australia, going down the path of cell broadcasting for emergency warnings would probably mean that people who should not be contacted for a given warning are, due to the large cell size. As a result, you might have people who are completely disconnected to a warning, preparing as if they would be impacted, only to find the message is entirely irrelevant to them. This could have the effect of desensitizing the individuals from future warning alerts, like the boy who cried wolf. Such a message, depending on the directions given by the authorities, bring people closer together to an epicenter of a problem, rather than keeping people who are not connected with the emergency out of the affected zone. As an example, the Vic-Gov official spoke of a certain cell within Australia that had up to 18 kilometers of reach. She then went on to provide a scenario of an emergency that only needed to notify persons within a one kilometer radius from where the centroid of the cell was located. It quickly became apparent in this scenario that by using cell broadcast, there would have been “over-notifications” and the target segment of persons affected “over saturated.” Who knows what the effects of advising people 17 kilometers away from the epicenter of the problem would be, beyond the obvious issue that people would begin to feel that warnings were just irrelevant or unreliable to them in the future.

While there is a need to build a solution that evolves over time, by embracing newer technologies, a careful consideration should nonetheless be given to enable backward compatibility, allowing the solution to reach every handset still in service, including legacy devices. While evolvability is a key, as Expert A put it, “technology is always changing.” What is important is that the chosen technology is “equitable to everyone ... So, the service has to be at the lowest common denominator rather than the highest. It has got to be able to go out to the person who has the oldest machine rather than the latest.” One must not be at a disadvantage because of the device they use, and people with smart phones should not be in an exclusive club any more deserved of receiving warning messages than anyone else.

12.2 Creating a resilient solution

There is a need to build a solution that can withstand the severe effects of extreme events and be resilient enough to be ‘self-healing’ if disrupted for any reason. Expert D considered technical issues which would need to be resolved if mobile services were used near hazards like fires. Fires might, for instance, affect the actual channels of communication, and as a result reduce the ability to get messages out to the people who need them most. According to Expert D, these issues have yet to be resolved, despite their seeming simplicity. There is also the fundamental problem of extreme conditions that would render cell towers inoperable which are all part of the deployment issues that need to be considered when rolling out a national emergency service based on mobiles. “Even in a flood or a cyclone, if all your cell towers get blown over or lose power then your messages going out to location-based devices are going to be affected” (Expert D). Carriers in Australia, in cooperation with government authorities, have demonstrated that networks can be quite resilient even under the worst conditions (e.g. Cyclone Larry) and are particularly prepared to get business customers back up and running after a disaster within 24 hours wherever possible. One survey respondent said that “fail-safe’ technological systems need to be introduced as far as that is possible ...” So, from a deployment point of view the chosen system needs allow for the rapid set up of mobile phone towers to get the message out to people.

12.3 Avoid the ad-hoc system design approach

There is a need to avoid the ad-hoc uncoordinated approach in designing location based emergency solutions. Expert B was clear that if the government, the emergency agencies and the IT professional did not design the national warning system properly, that “lives [would] be lost and they [would] be held legally and criminally liable as a result.” Expert B was worried by this haphazard approach, examples of which emerged from the Victorian Bushfires Royal Commission.

12.4 Communicating with the public using mobile platforms

The content of the location-based warning message has to be crafted with great care, lest individuals receiving the message misinterpret warnings and directions. It cannot be complex. Expert A spent some time discussing the issues around mobile communications from the Government. He said the information sent out to the public had to be accurate and well intended, effective, correct at the time of delivery and from the very beginning well thought out and structured. There need to be clear guidelines that in the event of a problem in communications or interpretation that the next time a message is sent out the authorities get it right, so that the public do not become complacent or lose faith in the medium. The public need to understand that every personalized message they receive is urgent and is not just being sent out as a matter of course. It must not be treated as just another piece of junk mail. It has to be both professional and appropriate.

In addition, the dissemination of location-based mobile phone warning notification should adhere to well-defined protocols to assure the correctness of the message content and its intended destination. Misinformation or even disinformation would just add to the woes of an emergency response. Expert A insisted that there must be strict protocols for the dissemination of information and they must be adhered to, just like the processes that are presently in place with communicating emergencies to inform the media who then in turn inform the general public through traditional channels. “Currently, we have processes in place for informing the media, and it goes through a series of checks, certain people are only allowed to inform the media of things. They have special training in media management, they provide media releases, they are written in a certain way, they are vetted and then it goes out and it is put out” (Expert A). However, if we liken the correspondence on mobile phones to that more attuned to email communications, rather than television or radio, we begin to see the risks more clearly. “When it is instantaneous, you tap something on a computer screen and it is gone. You cannot retract it. So, the protocols have to be in place to ensure that only the right information goes out” (Expert A).

Moreover, the content of the message must be carefully chosen to match the exact intended purpose of the warning. And this, all within the context of a warning which needs to be sent out not hurriedly but in a timely fashion. A warning that does not arrive on time to avert disaster, is not a warning at all. And yet, despite the urgency “[t]here needs to be some hard thought and consideration to the content of the message depending on what the event is” (Vic-Gov). Some events will be easier to determine content for than others while other events might require multiple messages to be sent in succession as the nature of the disaster unfolds hour by hour. In the latter instance a “close-out message” would be advisable as you do not wish to have people waiting in anticipation and with some level of anxiety over next steps. Vic-Gov provided the following example of a chemical spill situation. “[T]he initial message maybe to inform the people who have been potentially affected by that chemical spill to go indoors, shut their door, turn off their air-conditioning. So, we have given them the message to keep them safe, depending on how long the impact of that chemical spill remains for. We need to also keep those people updated, I believe, and that might be an hour later, two hours later. We certainly also need to provide those people with a close-out message to tell them that it is now safe to open their door and open their windows” (Vic-Gov).

But, in addition to the content of the warning message the way the message is conveyed, being in text or voice, should be carefully considered, taking into account the timing of the emergency event. Vic-Gov demonstrated their advanced understanding on the topic when they pondered on the time-of-day issue. “If the event is occurring at night particularly, or in the very early hours of the morning a text message may not wake somebody up. And we are also pretty certain that there is a technology which will allow us to over the air, kind of, send an update to particular handsets before the messages got sent, and that could be an over the air distinctive type of siren, or it could be something more like a ringing of the phone and then deliver a text message.” It was also noted that unified messaging would be at play. A message sent between midnight and 4.30 a.m. would be in the form of a voice message, but otherwise text-based.

Finally, with the right technological advances the message designers should consider at some stage the rich ethnic diversity of Australia and the need to provide an option for the message recipient to choose the language of the location-based mobile phone warning message like most other electronic government services currently available to the public in Australia today. These issues are already within the interest of the Australian Government. While Vic-Gov was only considering the message content to be in English, they were open to the idea of—way down the track—to send the message in a translated form. Vic-Gov said this would be the only case in point for an add-on opt-in channel feature.

12.5 Trialing location-based emergency systems

Conducting trials and exercises on the chosen location-based mobile phone warning system before the national implementation is a point that has been explicitly expressed by SES representatives, who are on the frontline of emergencies almost on a daily basis. Trials and exercises should, however be dealt with great care so as not to cause any adverse outcomes on the public (e.g. panic or false alarms). The SES could not underscore this enough: “[y]ou have got to practice this sort of stuff and you have got to be very careful of the wolf business ...”

12.6 Use the location-based warning system for major events only

The location-based mobile phone warning system should only be used in case of a large-scale emergency or imminent disaster. As the SES pointed out: “[a]m I going to go and wake up a million people at 2 am in the morning to tell them there is a thunder storm coming through?” Expert A agreed with SES when he said: “[i]t cannot be something that is used on a daily basis for minor things, because we will end up causing grief to ourselves. It should only be used in situations that are deemed, where it is the only means of getting information out quickly.” For Expert A, other existing channels of communication could be used in situations where information did not have to go out immediately, such as in news reports on television and radio, etc. What you do not want is a system in place that people actually complain about as opposed to appreciate.

An optimum level of notifications needs to be achieved, as the frequency of receiving a notification may be a determining factor of the system’s usefulness by the general public. This issue has been recorded before in other emergency warning systems, as the representative of the State Emergency Services explained in more detail. “They [the Government] put these big signs on top of big sticks and they test them every day. And so, if the dam goes over the siren goes and after a couple of years the people got so sick of the thing going off. They go up and cut the wires. They did not want to know and it was becoming painful. That is a reality. That is another part of it, people’s perception. Do I want to be warned? People do not want to know about disasters, until they go wrong, and this is precisely what happened in Victoria” (SES). The Whispir-Rep reiterated the comments of the SES: “[t]he introduction of these technologies should be managed carefully so as not to lose face with the public.” The Whispir-Rep recounted that shortly after the Victorian Bushfires, every person in Victoria and Tasmania were sent messages by their carrier which “broke all the rules in terms of communication management.” Such messages actually have the propensity to harm mobile government communications. By their very nature they are disregarded by people because they are not real: “[s]o, the whole idea of this is the context of the boy who cried wolf too many times. What we want to see is fewer communications sent but those communications sent are targeted, well structured communications that people would be anticipating” (Whispir-Rep).

12.7 Acknowledge the limitations of location-based services

Just like any solution on the market, location-based mobile phone emergency solutions also have their limitations that need to be acknowledged by all parties from the outset. The first reality is that no matter how hard the government tries, they are never going to get 100 per cent coverage because people will have their phones turned off. “So, it is really important to understand the operational context in terms of what you are trying to achieve and what is a realistic outcome” (Whispir-Rep). At a more practical level, the SES emphasize the limitations of human comprehension, despite the brevity of the message, content can be misinterpreted. “Based on work we have done we know factoring in evacuations you need to provide time for message assimilation. I think when you are looking at a telephony-based warning system or an SMS one, some of the limitations is that you can only have a very small message. It is more about how to get somebody’s attention to then go and do something else, to go and get more information” (SES). The short message sent to the mobile phone can be likened to a siren. If nothing else, the siren gets your attention, so that you can listen to the radio, turn on the television, or pay closer attention to the directions given by in-person emergency services staff in the vicinity of the emergency. It is certainly not straightforward, and at times utterly complex when you are trying to tell people what to do or not to do based on their given circumstances. According to the SES there would be a specific notification sequence so that evacuation routes are not congested, causing even greater problems in surrounding areas. This would be extremely difficult to implement using a SMS system.

In addition, some extreme events could impose a challenge that cannot be met or is basically beyond the capabilities of LBS solutions due to the speed or high level of unpredictability of these events. This fact would require careful consideration from the government to plan for only a narrow selection of emergency event types that can be effectively managed under location-based mobile phone emergency solutions. Therefore, an early assessment of location-based mobile phone capabilities for Australia’s specific requirements and characteristics is highly necessary before the implementation of the services. For this reason, the system should be designed to deliver what is actually possible within the current capabilities of the extant technologies of location-based services. Plainly, as spoken by Expert B, “[w]e should avoid trying to build more than is technically possible at the moment, and we should limit the expectations of the community, because the information we can give via the warning system is going to be limited in its accuracy and timeliness. We have to limit the expectations people will get. They are not going to get much information. They are not going to get very precise information in most cases.”

12.8 Build a wide partnership and share responsibility of location-based emergency systems with non-government organizations

Toward a comprehensive national approach for location-based mobile phone emergency systems, there is a need to involve not only all levels of government in Australia but also to effectively acquire the participation of every voluntary and nongovernment organization (NGO) in Australia that has a close relation, one way or another, to emergencies. For Expert A, there needs to be an inclusive participation from all areas of government. Government agencies are ultimately responsible for communities. And if a Government notifies people to “evacuate”, there needs to be some explanation of the best method of evacuation. Not everyone who receives a message to evacuate is physically mobile. And what you do not want is a state of panic and to be flooded with calls coming back questioning directions. Some members of the community will need assistance in acting on directions. Expert A suggests that early warning systems are actually a “partnership between the system being put in place and the types of activities required for those notifications to be planned for and more effectively carried out. You may end up having to use local service groups, volunteer organizations to assist in doing some of the actions that are required, for example, the evacuation or the management or the leading of people to safe areas.” It will most certainly be a partnership between government agencies, local community groups and welfare and support groups that are called upon in normal emergency management practices. These are the groups that will especially have to embrace location-based mobile phone emergency notifications as they continue to provide their services on a voluntary basis. Expert D also identified a consultative stakeholder group that was as wide a group as possible to ensure acceptance. Expert D reflected, “I think that it is very critical that you incorporate as much consultation with a wide group as possible, because it is relatively fragmented in terms of the different federal, state and local levels, all have their own sort of emergency management groups and strategies, and it is always quite important that everyone be involved in any type of new system being developed or evolving. Otherwise, your acceptance level will be very low. If you do not do that, then you will find people saying: ‘Well, we were not involved in that consultation so we are not going to accept whatever the outcome is of that consultation’ ” (Expert D).

12.9 Educate the people of Australia about emergencies and emergency solutions

All levels of government in Australia need to start preparing the public on how to cope and how to deal with the potential threats of human and man-made emergencies and disasters, towards creating resilient communities that are capable of withstanding these extreme events until further professional assistance from different government emergency organizations arrives. Building resilient communities would greatly assist the objectives of the national emergency warning system in Australia including the future LBS component of the system, where these systems could truly be utilized as initial safety information channels. The SES contend that psychology should play a vital role independent of the technology used. They provide a plausible scenario that hits home the importance of having a community ready. “[Imagine] you have got people standing up there at the doors at Bondi [a well-known beach in Sydney] and the word says ‘There has been a 9.7 earthquake, just north of New Zealand and you have got exactly 45 minutes, you have got 2.5 meters of water coming up Sydney Harbour.’ You know what is going to happen? Absolute panic. All of the plans we have in place of orderly evacuation routes, of you go here, you go there, it is not going to happen.”

How best to avoid such panic is to work on building resilient communities. In a severe event, the SES or other emergency services personnel will probably not be able to reach individuals given the amount of infrastructure that has been damaged. During this time, individuals, families, business owners, need to work together to overcome hardship. This has very little to do with location-based services per se and more to do with social networking. In fact, what might eventuate is that support groups begin to post messages online to help people share vital information and provide feedback to government authorities of the situation on the ground, if a disaster is to continue for some time. While the SES acknowledged there might be some problem with the cultural mix in Australia, education was a key to breaking the barriers when it came to people in the community helping one another. “What we need to be moving to is to that preparedness mitigating mindset, where we are educating our children and our communities how to prepare for a natural disaster. You have got to take it back to the beginning. The preventive side of things. You have got to stop people being in situations and then of course if they are going to be in those situations prepare them for what needs to be done” (SES).

Part of this public preparation should be spent towards educating the people on what to do when they receive the location-based warning message on their mobile handsets. The Whispir-Rep agreed with SES that the challenges of introducing such a warning system were not going to be technical, as so much as cultural and how best to educate people on how to respond to the messages they are receiving. “So, it [location based mobile emergency warning system] needs to be going hand-inhand with an education program and people need to be made aware of that they may from time to time receive those messages. So, I think those hurdles need to be addressed as part of the solution.” While the preparation could target the vast majority of people in Australia, there will be still some people that need the help of the local government service groups or volunteer organizations. The Whispir-Rep gives two scenarios—the aged person who is a little deaf and is sent a tsunami alert on their mobile phone, and the bus loaded with Japanese tourists. “What are those two communities of people going to do in those circumstances and how do you manage the fall out of just broadcasting these types of communications?”

Fortunately, educating the public is a concern that is already on the agenda of the Australian Government. Vic-Gov confirmed that they had always planned to deploy this type of technology with a substantial education campaign. “It is not simply education to the public, it is education within the various emergency service agencies. It is education through all layers of other interested parties as well” (Vic-Gov). These would include, among others, principals or authority figures of schools who have hundreds of children under their care on a daily basis. Education would be necessary wherever there was a large concentrated gathering of people. Vic-Gov followed up by providing the following examples: major places of interest, building managers, shopping centre managers but added that she was unsure whether she had yet considered all the layers and levels that would go into a substantial education campaign.

12.10 Real collaboration between the telecommunications carriers mobile and service providers

Realizing location-based mobile phone emergency services on the national level in Australia requires the effective collaboration between all the telecommunications carriers of Australia, not just the incumbent operator. The Redcoal-Rep imagined a better collaboration between the major carriers was needed, and noted that this relationship would be significant if the service was to be successful. Indeed there is a need not just for carriers and service providers to better collaborate but for the business side to be more in tune with the government mandate(s). In the context of emergency services, one cannot solely talk about an innovative business model but about the jointly developed government and business model that is required to get such a service off the ground.

12.11 A solution the telecommunications carriers can also gain from

The participation of the mobile telecommunications carriers in Australia is central in location-based emergency systems. The Whispir-Rep stated categorically, “[n]othing is going to happen without the support of the carriers.” This was also expressed by the Victorian Government official: “[t]o collect the data, we need the cooperation of the carriers.” The carriers are able to provide a fundamental piece of the puzzle in that they know the make-up of their infrastructure better than anyone else, and they can provide details of their assets, their sites, their cells and even their customers, if required. Vic-Gov noted the need for this data would be to purely know to whom they should send out the message to the active handsets that have been identified.

There has been some contention over whether or not a carrier should charge for such a service during an emergency to the general public but the overwhelming consensus in Australia’s case, is that the cost should be borne by the government. This does not mean that the carrier does not receive any revenue. On the contrary, by the mere fact they are sending a message to a handset, the revenue must go back to them (Vic-Gov). Accordingly, utilizing the carrier networks to provide location based mobile phone emergency services strongly imposes the cost factor as one of the possible determinants of their participation. The Whispir-Rep is clear that the government must engage the carriers with respect to emergency service messaging of this nature, as such a system would place a heavy load on the infrastructure of any mobile network provider. In addition, more infrastructure would be required to enable the government the capability to speak to everyone’s mobile handset in a given area. Unless carriers receive some type of subsidy or have an interest in the solution or outcome, they would be unlikely to make such a significant outlay for little in return.

13 Conclusion

This paper presented the results of a qualitative study into the issues surrounding the national utilization of location-based mobile phone emergency services in Australia, as articulated by the stakeholders of the services. The results of the analysis showed Australia’s need for the application of location-based mobile phone services within the country’s national emergency management arrangements, and the need to regulate and control the services under a well-defined legal framework. Several disagreements between stakeholders were recorded in the analysis over some of the issues pertaining to the utilization of the location-based mobile phone service within the national emergency warning system, specifically in relation to some of the design aspects of the location-based emergency system, the privacy of location information under the system implementation, and the administrative structure needed to deploy the services. Other issues of importance were also revealed. These included the government and telecommunications carrier potential liabilities under the utilization of the national location-based mobile phone emergency system, the expected responsibilities and roles of the government and other stakeholders in the utilization, and some of the social implications of the location-based government emergency services, such as people’s trust in the services and in the government, and the risks perceived as associated by utilizing the services. Potential barriers to the national utilization of the services and recommendations toward setting realistic objectives for the services in Australia are also presented. What is clear from the study is that future mobile government applications will require a greater interplay between stakeholders, including telecommunications carriers and supporting value chain members and the general public who are the ultimate end users of such a system. Such personalized communications between government entities and citizens has begun to occur on electronic commerce systems related to taxation and social security but the introduction of personalized communications based on the location of a mobile device is heralding in a new breed of adaptive solutions that will revolutionize the manner in which people respond to their context.


1. Marshall, C., & Rossman, G. B. (1999). Designing qualitative research (3rd edn.). Thousand Oaks: Sage.

2. Cecez-Kecmanovic, D. (2001). Critical research in information systems: the question of methodology. In E. M. Trauth (Ed.), Qualitative research in IS: issues and trends (1st edn., pp. 141–163). Hershey: IGI Publishing.

3. Hennink, M. M. (2008). Emergent issues in international focus group discussions. In S. Hesse-Biber & P. Leavy (Eds.), Handbook of emergent methods (1st edn., pp. 207–220). New York: Guilford Press.

4. Office of the Emergency Services Commissioner (2008). Office of the Emergency Services Commissioner. Department of Justice. Melbourne, Victoria. Available via. au/wps/wcm/connect/DOJ+Internet/Home/About+Us/Our+Organisation/Business+Area+Profiles/ JUSTICE+-+Office+of+the+Emergency+Services+Commissioner. Accessed 20 November 2008.

5. The NSW State Emergency Service (2008). About the SES. Wollongong, New South Wales. Available via. Accessed 09 April 2009.

6. Whispir Company (2009). The Whispir story. Accessed 17 September 2009.

7. Redcoal Company (2009). Enterprise SMS Solutions: Email SMS/Web SMS Solutions: Mobile Phone Tracking. Accessed 17 September 2009.

8. Miles, M. B., & Huberman, A. M. (1994). Qualitative data analysis: an expanded sourcebook (2nd edn.). Thousand Oaks: Sage.

9. Patton, M. Q. (2002). Qualitative research & evaluation methods (3rd edn.). Thousand Oaks: Sage.

10. Leximancer Company (2010). Leximancer: from words to meaning to insight. https://www. Accessed 16 June 2010.

11. Fishbein, M., & Ajzen, I. (1975). Series in social psychology. Belief, attitude, intention, and behavior: an introduction to theory and research. Reading: Addison-Wesley.

12. Mayer, R. C., Davis, J. H., & Schoorman, F. D. (1995). An integrative model of organizational trust. Academy of Management Review, 20(3), 709–734.

13. McKnight, D. H., & Chervany, N. L. (2001). What trust means in e-commerce customer relationships: an interdisciplinary conceptual typology. International Journal of Electronic Commerce, 6(2), 35–59.

14. Pavlou, P. A., & Gefen, D. (2004). Building effective online marketplaces with institution-based trust. Information Systems Research, 15(1), 37–59.

15. Heijden, H. V. D., & Ogertschnig, M. (2005). Gaast Lvd effects of context relevance and perceived risk on user acceptance of mobile information services. In The 13th European conference on information systems (ECIS 2005), Regensburg, Germany, May 26–28 2005.

16. Davis, F. D., Bagozzi, R. P., & Warshaw, P. R. (1989). User acceptance of computer technology: a comparison of two theoretical models. Management Science, 35(8), 982–1003.

17. Agarwal, R., & Prasad, J. (1997). The role of innovation characteristics and perceived voluntariness in the acceptance of information technologies. Decision Sciences, 28(3), 557–582.

18. Parasuraman, A., Berry, L., & Zeithaml, V. (1988). SERVQUAL: A multiple-item scale for measuring service quality. Journal of Retailing, 64(1), 12–40

19. Zeithaml, V. A., Parasuraman, A., & Malhotra, A. (2000). A conceptual framework for understanding e-service quality: implications for future research and managerial practice (Working Paper 00-115), Marketing Science Institute, Cambridge, Massachusetts, Accessed 09 November 2007.

20. Yang, Z., Peterson, R. T., & Cai, S. (2003). Services quality dimensions of Internet retailing: an exploratory analysis. Journal of Services Marketing, 17(7), 685–700.

21. Liljander, V., Van-Riel, A. C. R., & Pura, M. (2002). Customer satisfaction with e-services: the case of an on-line recruitment portal. In M. Bruhn & B. Stauss (Eds.), Jahrbuch Dienstleistungsmanagement 2002—Electronic Services (1st edn., pp. 407–432). Wiesbaden: Gabler Verlag.

22. Stone, E. F., Gueutal, H. G., Gardner, D. G., & McClure, S. (1983). A field experiment comparing information-privacy values, beliefs, and attitudes across several types of organizations. Journal of Applied Psychology, 68(3), 459–468.

23. Smith, H. J., Milberg, S. J., & Burke, S. J. (1996). Information privacy: measuring individuals’ concerns about organizational practices. MIS Quarterly, 20(2), 167–196.

24. Junglas, I., & Spitzmuller, C. (2005). A research model for studying privacy concerns pertaining to location-based services. In The 38th annual Hawaii international conference on system sciences (HICSS’05), Hawaii, January 3–6 2005.

25. Punch, K. F. (2005). Introduction to social research: quantitative and qualitative approaches (2nd edn.). London: Sage.

26. The Victorian Bushfires Royal Commission (2009). Victorian Bushfires Royal Commission interim report. Parliament of Victoria, Government State of Victoria. Melbourne, Australia. Available via. Accessed 03 October 2009.

27. The Victorian Department of Treasury and Finance (2009). Request for Information (RFI) for: location based identification of active mobile handsets for emergency notification purposes. RFI Number: SS-06-2009. Melbourne, Victoria. Available via. display/ Accessed 19 November 2009.

28. Garfinkel, S. (2000). Database nation: the death of privacy in the 21st century (1st edn.). Sebastopol: O’Reilly & Associates.

29. Rule, J. B. (2007). Privacy in peril: how we are sacrificing a fundamental right in exchange for security and convenience (1st edn.). New York: Oxford University Press.

30. Bita, N., & Sainsbury, M. (2009). Bungling silenced Victoria Bushfires warning. Available via. Accessed 02 August 2009.

31. The Australian Government: Attorney General’s Department (2009). Rudd government implements COAG agreement on telephone-based emergency warning systems (joint media release). Barton, Australia Capital Territory. Available via. nsf/Page/MediaReleases_2009_FirstQuarter_23February2009-RuddGovernmentImplementsCOAG AgreementonTelephone-BasedEmergencyWarningSystems. Accessed 02 August 2009.

32. The Australian Government: Department of Transport and Regional Services (2004). Natural disasters in Australia: reforming mitigation, relief and recovery arrangements. Commonwealth of Australia. Canberra, Australia. Available via. rwpattach.nsf/VAP/(99292794923AE8E7CBABC6FB71541EE1)~Natural+Disasters+in+Australia+ -+Review.pdf/$file/Natural+Disasters+in+Australia+-+Review.pdf. Accessed 18 February 2009.

33. Templeman, D., & Bergin, A. (2008). Taking a punch: building a more resilient Australia. The Australian Strategic Policy Institute. Available via. publication_details.aspx?ContentID=165. Accessed 02 February 2009

Anas Aloudat is a Ph.D. candidate in the School of Information Systems and Technology, at the Faculty of Informatics, at the University of Wollongong. His thesis is investigating the utilization of nationwide location-based services for emergency management within Australia from social and behavioral perspectives. Mr. Aloudat holds a Master of Science in Computing from the University of Technology, Sydney (’03), and a Bachelor of Science in Computing from the Faculty of Science at Mu’tah University in Karak, Jordan (’93). He is presently a sessional lecturer/tutor and research assistant at the University of Wollongong. He is a member of the Civil Emergency Alert Services Association (’07), a member of the Disaster Preparedness and Emergency Response Association (’09), a member of the IEEE Society on Social Implications of Technology (’09) and has been a member of the Research Network for a Secure Australia since 2006.

Katina Michael (MIEE’04, SMIEEE’06) holds a Doctor of Philosophy in Information and Communication Technology (ICT) from the Faculty of Informatics at the University of Wollongong, NSW, Australia (’03); a Master of Transnational Crime Prevention from the Faculty of Law at the University of Wollongong (’09) and a Bachelor of Information Technology from the School of Mathematical and Computing Science, NSW, Australia at the University of Technology, Sydney (’96). She is presently an Associate Professor at the University of Wollongong in the School of Information Systems and Technology (’02–‘10) in Australia, and has previously been employed as a Senior Business and Network Planner at Nortel Networks (’96–‘01). She has also worked as a Systems Analyst at Andersen Consulting and OTIS Elevator Company. Michael has published several edited books, but more recently co-authored a 500 page reference volume: Innovative Automatic Identification and Location Based Services: from Bar Codes to Chip Implants (Hershey, PA: IGI, 2009). She has published over 90 peer reviewed papers including in Proceedings of the IEEE, IBM Journal of Research and Development, and Computer Communications. Michael researches predominantly in the area of emerging technologies, and has secondary interests in technologies used for national security and their corresponding social implications. In 2007, Michael was a recipient of a substantial Australian Research Council Discovery Grant DP0881191 entitled: “Toward the Regulation of the Location-Based Services Industry: Influencing Australian Government Telecommunications Policy


The authors dedicate this paper to the 173 people who lost their lives in the Black Saturday Victorian Bushfires in Australia on February 7, 2009.


The authors wish to acknowledge the substantial funding support of the Australian Research Council—Discovery Grant DP0881191 entitled “Toward the Regulation of the Location-Based Services Industry: Influencing Australian Government Telecommunications Policy.”


Location-based services, Emergency management, Mobile government, Regulation 


  • COAG: Council of Australian Governments
  • EMA: Emergency Management Australia
  • ESO: Emergency Service Organizations
  • GPS: Global Positioning System
  • GST: Goods and Services Tax
  • IPND: Integrated Public Number Database
  • IN: Intelligent Networks
  • IMEI: International Mobile Equipment Identity
  • LBS: Location-Based Services
  • LTE: Long Term Evolution
  • NEWS: National Emergency Warning System
  • NGO: Non-government organization
  • R&D: Research and Development
  • RFI: Request for Information
  • ROI: Return on Investment
  • SES: State Emergency Service
  • SMS: Short Messaging Service
  • USO: Universal Service Obligation
  • VBRC: Victorian Bushfire Royal Commission
  • WiMAX: Worldwide Interoperability for Microwave Access

Citation: Anas Aloduat, Katina Michael, Toward the regulation of ubiquitous mobile government: a case study on location-based emergency services in Australia

Planetary-Scale RFID Services in an Age of Uberveillance


Radio-frequency identification (RFID) has a great number of unfulfilled prospects. Part of the problem until now has been the value proposition behind the technology-it has been marketed as a replacement technique for the barcode when the reality is that it has far greater capability than simply non-line-of-sight identification, towards decision making in strategic management and reengineered business processes. The vision of the internet of things (IOT) has not eventuated but a world in which every object you can see around you carries the possibility of being connected to the internet is still within the realm of possibility. However incremental innovations may see RFID being sold as a service (much like photocopiers are maintained today) than a suite of technologies within a system that are sold as individual or bundled packaged components. This paper outlines the vision for such a product service system, what kinds of smart applications we are likely to see in the future as a result, and the importance of data management capabilities in planetary-scale systems.

Section I.


Increasingly radio-frequency identification (RFID) will not be viewed as just another barcode-type technology. Instead it will be used in innovative ways for which it was never originally intended. While by its very nature RFID tells us “what is,” industry has focused its attention on achieving adequate read rates using this non-line-of-sight technology, rather than on the value-added “where is,” “when is,” and in “what condition.” Indeed, the value is not merely in identifying a product, but knowing where that product is, when it was last there, and in what condition it was when it was last sighted. To know the what, the where, the when, and the condition of an object or subject will one day grant the firm a type of divine omnipresent view (but not strictly speaking omniscient view) over its entire operations, an idea that has been explored by Michael and Michael and coined uberveillance [1]. With respect to the retail supply chain, for instance, uberveillance is the all pervasive ability to surveil an item or person handling an item, end-to-end, from the primary producer to the end user. The future of RFID is in managing visibility, managing velocity, and managing variability, giving organizations the kind of real-time data they (and their customers in particular) have craved for. It is the ability to be agile in decision making, responding to changes in the service economy.

Section II.


The Auto-ID Center has long touted the vision of the internet of things (IOT). Brock [2] first used the term to imply an open platform for innovation but the vision of a “smart world” today remains an unfulfilled prophecy. Some have blamed this uneventful happening on the closed, proprietary, and somewhat exclusive system designed by the Auto-ID Center, pointing to technical barriers, while others have described governance-related barriers to participation. Whatever the reason for the shortcomings, we are left with a technology with great potential but unrealized capability. The International Telecommunication Union's (ITU) interpretation of the IOT is one that is more attractive and perhaps amenable [3]; a vision where almost every object you can see around you carries the possibility of being connected to the internet. This means that your domestic appliances, your clothes, your books, and your car may one day be assigned a unique IP address, just as both computers and web pages are assigned them today, to enable digital communications. Neither the original vision of the Auto-ID Center nor the vision of the more recently established EPCglobal has addressed the interactivity that occurs between nonliving things and living things, but it seems only logical that if we hope to enact revolutionary changes to business processes that this must be the next radical transformation in our corporate, community, and personal spheres. It is what has led the Auto-ID Labsto recant on their claim to the IOT concept toward a more plausible web of things (WOT) [4].

A. Problems with RFID Adoption

Potential benefits of adopting RFID in supply chain management (SCM) are widely recognized and reported. The actual benefits are yet to be achieved in RFID implementation as compared to the mandated milestones. Three hurdles dominate the delay. They are related to high levels of acquisition cost, risk, and specialist technical skills. First, specialist technical skills are required to manage the wide variety of RFID devices and tags with different frequencies and capacities, and their software application protocol interfaces (API) under varying application environments. Second, the rapid developments in RFID technologies and their fluctuating reading reliability have caused significant risks for real-life industrial implementations. Companies are worried about obsoleteness before they adopt solutions. Companies are also very much concerned about the customizability of the solutions they purchase to their specific and unique business conditions and operations. Third, despite all efforts made so far to reduce the costs of RFID devices and tags, as well as associated middleware and other software components, there is still a perception that RFID systems are too expensive for the enterprise to invest in to gain promised benefits. This is particularly true due to the lack of best practice guidelines for deploying these components.

Section III.

RFID as a Service

Enter the ability to see every business process that happens in the world as a “service,” and even more provocatively to claim that every product that is created should be considered a “service” [5]. The future of RFID will hinge on the successful cocreation of a service between stakeholders. This notion of cocreation does not claim, for instance, merely that one stakeholder is a participant in the creation of a service, but that they are part creators of a service, that they live and breathe it as if it were their own. This is the act of continually sharing sources of knowledge interactively and intimately between what was once considered disparate members of a single (albeit meshed) chain. Although intricate dependencies between members of any chain (supply or value) have been known to exist, cocreation is about oneness of mind through the feedback mechanism. It seems this is the only way in which RFID will really prosper and will be guided by robust design principles that are all-inclusive and shared between a set of stakeholders. And perhaps nontraditionally, this stakeholder set will be composed of more than just the firm and the customer; cocreation will require representatives from private and public organizations to serve holistic requirements in order to overcome cross-functional challenges. This goes beyond the concept of coproduction which emphasized the need for a firm and a customer to work together to produce an offering. Without cocreation, it is claimed that there can be no real value [6].

This new level of complexity encountered in cocreation is underpinned by theories in design science and innovation. In order to transform, or to make changes that are considered disruptive or even radical, existing ideas are brought together in new ways to satisfy the needs of all stakeholders. When ideas do not satisfy the desires of the firms, or add meaningful value, they are scrapped or individual stakeholders forgo representation. Social innovation, social entrepreneurship, and service innovation are terms that are used synonymously in the literature to describe this kind of activity. Highly successful ventures usually involve collaboration across sectors between companies, the nonprofit sector, and government. This establishes enough of a buy-in between stakeholders who are willing to collaborate openly to minimize the risk of failure in what some would consider the ambitious creation of a new service. Such thinking is characterized by organic growth and investment in research and development, not just on keeping things stable.

Section IV.

The Product Service System

Currently, companies must take risks in investing in acquiring expensive RFID components and technical skills, whether using internal or external or joint project teams. This adoption mode may not be practical nor may it be necessary, especially to small and medium enterprise (SME). On the one hand, SMEs, individually, may not have the practical financial strengths to gain RFID benefits. On the other hand, SMEs are always associated with other SMEs or large corporations. For example, small and medium manufacturers and suppliers of automotive components may be physically located in an industrial park or region, operationally associated with their customers or business alliances. Such associations form a logical foundation for these SMEs to jointly solve problems to do with high acquisition costs, risk, and specialist technical skills. For example, they can share the specialist technical skills and middleware services, thus reducing the cost and risk. A new business model is therefore needed for RFID adoption.

The concept of the product service system (PSS) has been increasingly used as a new business model in implementing advanced technologies including RFID [7]. PSS, unlike the traditional model of focusing just on products, recognizes that services in combination with products are more likely to yield higher profits for the business. The adoption of PSS leads to significant change in the manner in which business is conducted in a value chain. The revenue of a manufacturer comes from the sale of providing product functionality while retaining the product ownership rather than from the sale of products. One of the most successful real-life examples of integrating services into products is that office users are renting photocopiers instead of buying them. The rental is charged on the utilization level (e.g., number of copies). Users are ensured to have the photocopying functionality during office hours through a guarantee of timely repairing and maintenance services from a service stakeholder in this PSS. As another example, Rolls-Royce (R-R) delivers power-by-the-hour instead of transferring ownership of the gas turbine engine to an airline company [7]. At the other end, an example of integrating products into services is that of mobile communication providers giving a free mobile phone handset to customers who sign up for a service. Another example is that internet service providers (ISPs) deploy connection facilities in hotels free of charge but share the revenue obtained from the residents' internet usage.

Following the PSS business model, the usage of automatic identification services is sold to end users while RFID solution providers retain the ownership of RFID devices, software, and networks. End users do not have to invest in acquiring RFID hardware devices that are not charged by ownership but usage. RFID manufacturers share and reduce technical risks and total costs with end users by retaining the ownership and by providing upgrades to their devices. In addition, RFID solution providers are responsible for technical support for RFID systems throughout the implementation process. Such support is shared among multiple end users, leading to further reduction in maintenance and operating costs, technical risks, and the requirement for scarce technical skills. This new business model based on the PSS concept has shown a potential in overcoming some major hurdles that have hindered the progress of RFID across industrial applications.

However, RFID products, both hardware devices and software systems, have not yet been designed and developed for suitable deployment within a PSS business model. In order to tackle this key challenge, research and development efforts have been carried out to develop RFID-enabled gateway solutions that are suitable for a PSS business model [8]. RFID gateway solutions include 1) gateway hardware, and 2) gateway services. A RFID gateway hardware hub acts as a server that hosts and connects RFID-enabled devices, called smart objects, in a standard way. The gateway hub also provides a suite of software services for managing operations and events of smart objects. A significant contribution of RFID gateway technology is to provide services that capture real-time data and convert them into useful and usable real-time information for upper level enterprise application systems.

In a PSS framework, the gateway hub is the core product around which associated software services are deployed to form a product service system. Gateway hub products can be deployed in application environments just as photocopier products are rented or deployed in office applications. Technical support and services can be centrally provided to ensure that smart objects and gateways are in proper working order. Common services for RFID device management such as definition, configuration, and execution can then be operated by a central service provider and shared among different enterprise users of RFID technology.

While the gateway technology provides a technical solution to introduce the PSS concept for RFID adoption, business issues are still open for further investigation and experimentation. The revenue model among stakeholders is unclear. For example, how RFID device manufacturers collect their revenues is not clear in the PSS framework, e.g., through equipment rentals or the number of tag interrogations. A similar challenge exists on how RFID service producers will collect their revenues, e.g., through subscription or the volume of real-time information transactions. These issues must be fully addressed before the PSS approach takes effect in real-life industrial deployment.

In a different light to PSS, but in a similar paradigmatic shift, is the movement away from middleware-based applications to cloud computing-based applications for end users. Middleware can be considered computer software that connects multiple applications together. Middleware-based RFID applications were the first generation. They were usually situated in a server, processing data emanating from “dumb” readers with little processing power to translate them into a comprehensible business event. But now, the entire data processing has shifted to edgeware and cloud computing. Edgeware-based applications, also known as edge of the network applications, are typically in mobile data collecting nodes. In the case of RFID, these are mainly readers. Larger data management by means of edgeware is becoming increasingly common due to higher processing power and higher memory capabilities in the readers. The data generated by the tags are gathered by the readers and managed by edgeware-based applications. The resulting output from the edgeware is then transported to the cloud (or a remote server sitting in the internet), where it is further processed in accordance with the end-user requirements. Cloud computing is that operational setup where information and communication technology (ICT) is consumed as a service (e.g., software, platform, and infrastructure). The future innovations in RFID are going to be in rich tags. As both readers and tags are becoming smarter, the edge is becoming smarter. Subsequent generations will have embedded information about themselves that they can selectively and intelligently communicate with other objects in their wireless neighborhood. This would essentially form what Gadh termed as the wireless “internet of artifacts” [9].

Section V.

The Vision

RFID is often seen as the enabler of a new paradigm for computing whereby users employ information services through direct interaction with natural objects and manufactured artifacts, places and, when appropriate, living entities [10]. RFID effectively implements a transparent binding of such entities in the physical world to their info-simulacrum and vice versa, and through this link creates the opportunity for new types of systems. A core ingredient for the delivery of this vision is the availability of a comprehensive universal system of automatic identification for all tagged physical entities. Such a system would implement a fully automated data capture and maintenance of contextual, usage, and other metadata at planetary scale [11].

Moreover, such a system will have to accommodate those features of modern RFID that have made possible its current functionality, namely, the fact that practically all modern widely available passive ultra-high-frequency (UHF) RFID tags have very low storage capacity and support only simple logic in order to minimize power consumption. As a consequence, building complete and useful RFID-based systems requires that the majority of processing and storage be offloaded to surrogate services on the internet [12]. Emerging consensus seems to indicate that to support RFID systems several kinds of network services would have to be provided, specifically resolution services that link unique identifiers from diverse schemes and their metadata, and repository services that maintain and publish data related to individual identifiers. Both services should be widely accessible and available across the globe to reflect the globalized movement of manufactured artifacts typical in modern commerce.

The scale and complexity of these services both in terms of geographic scope and number of stakeholders involved is unprecedented [13]. The only system sharing its properties is the internet, which also provides a model (and the underlying infrastructure) for the provision of these services. However, the specific needs of RFID are not restricted to the transfer of data only but most importantly extend to the capture, management, and publication of persistent metadata with each element of this chain, setting its particular challenges and imposing further constraints (e.g., analytical and reporting mechanisms of the captured data, with respect to business intelligence).

Although the requirement for the development of such networked services to support planetary scale RFID was identified over a decade ago [14], the depth and complexity of the challenges presented from a service and data management perspective have been fully recognized only in the last few years and are still only partially understood. In the following section, we will attempt to identify some of the main problems and identify future research directions adopting a data management approach. In particular, we identify the main challenges in resolution and repository systems when the scale of the system encompasses the whole planet. Note that there are complementary research questions related with the provision of global RFID services, for example, those relating to questions of service positioning and adaptation to energy consumption patterns and workloads. There is significant research activity in these areas especially in the context of cloud computing that would surely benefit RFID as well [15].

Section VI.

The Pressing Need for Data Management

Looking closely at RFID repositories, their role is to manage entity usage information represented as application-level event records. Such services are operated either privately by individual entity custodians or by third party service providers. Conceptually, they can be considered a particular type of loosely federated distributed database, specified through public interfaces that provide methods to record, retrieve, and modify event information.

Typically, event data are inserted in the repository by different data capture applications operating at the network edge, which would often include legacy systems. Data are consumed by a variety of applications usually located at the network core, for example, enterprise resource management, data mining, and consumer-facing applications. Conceptually, the repository services are thus rather well defined and appear to be straightforward to operate, but in practice they demand particular attention due to their very large size and potential complexity of the derivative relationships between data stored. For example, one feature that merits further consideration, as it is often the source of such complexity, is the so-called containment relationship. This technique is used to create composite entities out of constellations of individual items, which can be subsequently referenced through a single handle. These composite structures are temporally defined and support multiple levels of encapsulation. As a consequence, they may lead to considerably higher complexity of even simple queries as serials within constellations have to be traced and the respective containment relationships expanded in order to produce correct results.

The current norm is for RFID repositories to be implemented as relational databases (RDBMSs). This is of course not unreasonable as RDBMSs have been the principle paradigm in data management since the 1970s. The success of this technology has been partly due to its “one-size-fits-all” approach that is, employing a single code base for all application domains. This has proven to be a very cost-effective solution and has enabled the use of advanced data management techniques across a variety of application areas using the same small number of systems. But when used for RFID service provision, RDBMSs may incur a very high implementation cost without offering a correspondingly high performance advantage.

RFID repositories share many common features with stream-based systems, which combine real-time and persistent data, and data warehousing, where compression and column orientation play a critical role on performance. This has forced relational databases to their limit and still represents a considerable challenge. Recent work provides evidence that specialized software can achieve a 10- to 50-fold improvement in many of these cases [16] and we seek to achieve similar performance in this case. We anticipate that the design and development of domain-specific data store engines for the main services can become a critical element in attempting to lower the barrier of entry to planetary scale RFID for a variety of medium and smaller scale organizations and for individuals. Furthermore, making these implementations open could facilitate their adoption akin to the way Berkeley internet domain name (BIND) has facilitated the adoption of domain name system (DNS) on the internet.

RFID resolution is typically achieved by maintaining a record of the complete sequence of successive custodians of a particular entity and associated metadata, from the time of initial tagging and until its expiration. Data used for such resolution must be relayed by individual repositories which register the fact that information is held for particular entities at specific locations but should not replicate the information itself.

RFID resolution can take one of two modes, one-off and standing queries. One-off queries are executed once at preset time and return results synchronously or asynchronously. They can execute either in direct or relayed style and they are comparatively simple with the main complication the possibility of inefficient or withheld access to data by specific repository operators, which may prevent the system from achieving correctness or predictable response time.

The so-called standing queries are longer running specifications of interest in patterns of application-level events, and depend upon future situation updates from potentially new data sources. In this mode of operation, individual applications subscribe to specific queries and are notified when the conditions specified in the query are met. Typically, these queries relate to the existence of a new custodian or the presence of the entity at a specific location, both of which may imply a change in ownership or a prominent event in the entity lifetime. Complexity in standing queries is due to the involvement of multiple repositories, a potentially large number of subscribing applications to a particular query, and the complex distributed internal structure of the discovery service required for performance reasons.

Standing queries present close similarities to continuous query models of stream processing and distributed event management systems. The execution profile of a standing query often matches the following pattern: event metadata are inserted as a continuous stream and are subsequently cross checked against stored data, for example, access control credentials and policies. When specific criteria have been met, suitable notifications are delivered to all subscribed applications. To carry out these tasks, it is necessary to transform standing queries into an executable query plan, optimize the query plan or generate a set of candidate plans, and map query operations onto the particular network topology. Such queries could express complex spatial, temporal, and semantic relationships and include serial and class level patterns.

This modus operandi implies the need for an expressive language for their specification with rich language features, which at the same time allows for a high performance implementation for stream-based matching. Processors optimized for RFID are not currently available and we also expect significant efficiency gains through the implementation of different distributed event management techniques, for example, multilayer and broker-network architectures.

Section VII.

Future Applications

Enter the future possibilities for RFID that are sure to overwhelm more traditional business models; perhaps what some consider the stuff of science fiction, but tested enough to now be considered science fact [17]. The insurance industry is an excellent example of how technology has been used in innovative ways to introduce premium models that were previously considered impossible to implement. In 2006, IBM and Norwich Union in the United Kingdom teamed up and installed microchips coupled with global position system (GPS) receivers to track and monitor the driving behaviors of about 7000 cars [18]. By measuring the risk based on age, gender, and time of driving, they were able to introduce customized car insurance premiums. If you are a male, under the age of 25, and driving after 11 p.m. on a Friday night, for instance, expect to pay full fees. Adjust your travel behaviors based on certain driving curfews, and expect to pay far less on your premium. It will not be too far out before implantable solutions for humans based on RFID make it possible to monitor real-time blood alcohol levels, heart rates, temperature, and other physiological characteristics—the patents were filed in some cases two decades ago.

Web-services-based applications will form the underbelly of pervasive computing. The building blocks of the web services domain were established when middleware became prominent in the requirement for interoperability. Middleware brought uniformity and standardization, allowed for heterogeneity of various hardware components and operating systems, and provided a set of common services to developers and end users. Today, web services sit in the internet cloud serving multiple clients but with middleware components still very much acting as the enabler. Web services together with web-enabled technologies such as sensor motes will play a pivotal role in the context of ubiquitous computing in combination with RFID technology.

The convergence of sensor capabilities in RFID tags further expands their sphere of utility in applications such as perishable products. Sensor technology is being fused into RFID such that different variables measured by sensors can also be reported by tags instead of just plain IDs. The types of sensing capabilities reported to have been fused into RFID tags include temperature, acceleration, and chemical, among others. RFID-sensor fusion can help us to monitor large scale environmental factors by networking the readers with RFID sensors spread within certain bounds. This would help us to make real-time queries about the area under observation (e.g., bushfire prone zones) and also offer results at a much higher resolution than previously attempted.

Sensor-based tags have also given rise to a new category of tags known as semipassive tags. Semipassive or battery-assisted tags are different from the conventional passive tags, whereby, a battery source is provided in the tag to power the on-board sensors. The tag has other intelligent features such as sleep mode to conserve power. Applications where sensor-based tags have been introduced include tracking fresh cut flowers, monitoring temperature of drugs, monitoring blood and organs for transplant, etc., [19].

The diffusion of RFID and mobile technologies is greatly empowering a number of sectors. Miniaturized readers and tags are being embedded into mobile phones to expand their capabilities, while advanced wireless and mobile phone technologies are also being incorporated into readers. The connectivity of mobile technology to the internet makes it a suitable domain for development of web service components. Real-time-location-based systems consist of a group of sensors or passive or active RFID tags, working in concert to track the position of objects or people of interest in regular intervals. Several techniques have been devised to utilize the capabilities of existing RFID infrastructure in predicting locations of target items in an indoor setup. Real-time location-based operations will constitute a large chunk of RFID operations. The continuous updates provided by RFID systems enable transparency, speedy operation, counterfeit prevention, and staff safety by tracking people in hazardous or sensitive work environments. This capability complements the other utilities of an RFID system in an enterprise, as many organizations have the need of continuously knowing the location of their resources inside a complex indoor setup. Some examples of these are: locating tools inside a big factory floor or locating patients inside a hospital.

Opening office doors simply by showing your hands may have been used to demonstrate the capabilities of RFID in the 1990s but entrepreneurs and some government officials are now thinking outside the box. RFID-based applications have significantly gathered momentum in the medical domain. Consider, for instance, the swallowable sensor device, patented on April 2, 2009 [20], the U.S. health bill which was put forward to Congress in July 2009 containing a national medical device registry based on a possible class II implantable device, life supporting and/or life sustaining in nature [21], and the RFID implant that can detect the H1N1 virus patented in October 2009 [22]. Once upon a time having an implantable could only be imagined for restorative purposes (e.g., heart pacemaker, cochlear implant); now we are looking for new ways in which to improve services. A study carried out by IDTechEx RFID Knowledgebase [23] predicted that the two biggest contributors to demand in RFID in the healthcare sector would be pharmaceutical tagging and asset/patient and patient tracking. With automated patient tracking, many repetitive tasks such as keeping tabs on patient records, their daily drug doses, and their movement about the hospital will be delegated to automated systems. This will also reduce the number of human errors in the tasks. Enter the concept of uberveillance, in its ultimate form an omnipresent electronic surveillance that makes it possible to embed ICT devices in the human body for a variety of applications [24].

This does not mean that we can expect all humans to be walking around with chips implanted in their bodies, well not for the present anyway. Although constantly changing, the current culture probably does not warrant this kind of pervasive monitoring and tracking. But surveys are now showing time and time again that most people do not mind this kind of ubiquitous tracking of nonliving things and animals. If the online and mobile social networking phenomenon is anything to go by, 20 to 30 years from now, RFID embedded technologies might see a full-blown uberveillance society where everyone shares microdetails about themselves and their household with their respective community of interest for the cocreation of social services, particularly pertaining to infrastructure requirements engineering. This kind of web of things and people (WOTAP) scenario will only happen if RFID is embraced within the paradigms of integration, convergence, and coexistence. The future scenario is not about RFID rendering all other auto-ID technologies obsolete, nor is it about a story of migration from one technology to the next. RFID will be about harnessing the power of the technology within a hybrid wireless network context, knowing all too well it is the end-point data collection mechanism, the smallest common denominator of knowledge that can be acquired (the individual unit). Consider the capabilities of RFID with sensor technology, RFID and the wireless Internet, and RFID and global positioning systems. The natural trajectory when one ponders what these new convergences may herald is nothing short of breathtaking.

Section VIII.


But to ground ourselves in the current realities and some of the technical and nontechnical challenges that RFID still presents us with, including with respect to privacy and security issues, legal/regulatory, socioethical and economic/market issues, is to admit to the need for greater coproduction among stakeholders, especially the participation of end users from the outset of service design (i.e., cocreation). RFID is far from perfect, and a greater investment is needed by all sectors to bring about a more robust and economical technology, possibly following a PSS model, that all acknowledge as adhering to legal, ethical, and policy-related standards [25]. Item level tracking, for instance, comes with its own endowed advantages and benefits for some organizations within a retail supply chain context but may not be desirable for other application areas. A level of harmonization needs to be reached between the level of required visibility in a given service and adhering to a consumer's right to informational privacy [26]. Solutions can be devised and built-in to the design of a service to overcome such challenges; they just need to be innovative. If a consumer perceives that the value proposition to them of using a given technology outweighs any costs they may experience, then they are likely to adopt the technology. By including consumers early in the process of cocreation and coproduction of RFID technology, more innovative services are destined to come to fruition. The challenge ahead will be in harnessing planetary scale RFID services using nontraditional business models like those presented in this paper that provide us with an unforeseen level of uberveillance management and decision support.


1. K. Michael, M. G. Michael, Innovative Automatic Identification and Location Based Services: From Bar Codes to Chip Implants, PA, Hershey:IGI Global, 2009.

2. D. L. Brock, The Electronic Product Code (EPC): A Naming Scheme for Physical Objects, Jan. 2001.

3. The Internet of Things, 2005, [online] Available:

4. E. Fleisch, What is the Internet of Things? An Economic Perspective, Jan. 2010.

5. C. E. Helfat, S. Finkelstein, W. Mitchell, M. A. Peteraf, H. Singh, D. J. Teece, S. G. Winter, Dynamic Capabilities: Understanding Strategic Change in Organizations, U.K., Oxford:Blackwell, 2007.

6. S. L. Vargo, M. A. Akaka, "Service-dominant logic as a foundation for service science: Clarifications", Service Sci., vol. 1, no. 1, pp. 32-41, 2009.

7. T. S. Baines, H. W. Lightfoot, S. Evans, A. Neely, R. Greenough, J. Peppard, "State-of-the-art in product-service systems", Proc. IMechE B J. Eng. Manuf., vol. 221, pp. 1543-1552.

8. T. Qu, G. Q. Huang, Y. F. Zhang, H. D. Yang, "Analytical target cascading for optimal configuration of production service systems", Proc. Conf. Artif. Intell. Cogn. Sci., vol. 66, pp. 1627-1646, 2009.

9. R. Gadh, "RFID: Getting from mandates to a wireless internet of artifacts", Comput. World: Wireless Views, Oct. 2004.

10. G. Roussos, V. Kostakos, "RFID in pervasive computing: State-of-the-art and outlook", Pervasive Mobile Comput., pp. 110-131, 2009.

11. Welbourne, L. Battle, G. Cole, K. Gould, K. Rector, S. Raymer, M. Balazinska, G. Borriello, "Building the internet of things using RFID", IEEE Internet Comput., vol. 13, no. 3, pp. 48-55, 2009.

12. G. Roussos, S. S. Duri, C. W. Thompson, "RFID meets the Internet", IEEE Internet Comput., vol. 13, no. 10, pp. 11-13, 2009.

13. G. Roussos, Networked RFID: Systems Software and Services, U.K., London:Springer-Verlag, 2008.

 14. S. S. Chawathe, V. Krishnamurthy, S. Ramachandran, S. Sarma, "Managing RFID data", Very Large Data Bases, pp. 118-119, 2004.

15. A. Bavier, M. Bowman, B. Chun, D. Culler, S. Karlin, S. Muir, L. Peterson, "Operating system support for planetary-scale network services", Proc. 1st Symp. Networked Syst. Design Implement., vol. 1, pp. 253-266, 2004.

16. Stonebraker, S. Madden, D. J. Abadi, S. Harizopoulos, N. Hachem, P. Helland, "The end of an architectural era (it's time for a complete rewrite)", Proc. Very Large Data Bases, pp. 1150-1160, 2007.

17. M. Roberti, "Two visions of an RFID-enabled future", RFID J., 2008, [online] Available:

18. K. Michael, A. McNamee, M. G. Michael, "The emerging ethics of humancentric GPS tracking and monitoring", Proc. Int. Conf. Mobile Business, pp. 34-41, 2006-Jul.

19. M. Roberti, "Sensing new RFID opportunities", RFID J., 2006, [online] Available:

20. M. R. Arneson, W. R. Bandy, R. A. Davenport, K. J. Powell, M. C. Sloan, System and Method for Manufacturing a Swallowable Sensor Device, April 2009.

21. To Provide Affordable Quality Health Care for All Americans and Reduce the Growth in Health Care Spending and for Other Purposes, pp. 1001-1008, 2009.

22. VeriChip Corporation to Present Its Glucose-Sensing RFID Microchip and Virus Triage Detection System for the H1N1 Virus at ID World International Congress the World's Premier Event on Identification Technology, October 2009.

23. Harrop, R. Das, G. Holland, "RFID for healthcare and pharmaceuticals 2009–2019", Proc. IDTechEx, 2009.

24. M. G. Michael, K. Michael, "Uberveillance" in Macquarie Dictionary (Australia's National Dictionary), Australia, Sydney:Sydney Univ. Press, pp. 1094, 2009.

25. Supported by the European Union under the 6th Framework Programme for Research and Technological Development within the Information Society Technologies (IST) Priority, 2009.

26. B. D. Renegar, K. Michael, "The privacy-value-control harmonization for RFID adoption in retail", IBM J. Res. Develop., vol. 53, no. 2, pp. 8:1-8:14, 2009.


Katina Michael

Centre for Business Services Science, University of Wollongong , Wollongong, Australia

Katina Michael

Katina Michael

Katina Michael (Senior Member, IEEE) received the B.I.T. degree in information technology from the School of Mathematical and Computing Science, University of Technology, Sydney, N.S.W., Australia, in 1996, the Doctor of Philosophy degree in information and communication technology (ICT) from the Faculty of Informatics, University of Wollongong, Wollongong, N.S.W., Australia, in 2003, and the Master of Transnational Crime Prevention degree from the Faculty of Law, University of Wollongong, in 2009. Currently, she is an Associate Professor at the School of Information Systems and Technology, University of Wollongong (2002–2010), and has previously been employed as a Senior Network Engineer at Nortel Networks (1996–2001). She has also worked as a Systems Analyst at Andersen Consulting and OTIS Elevator Company. She has published several edited books, but more recently coauthored a 500 page reference volume: Innovative Automatic Identification and Location Based Services: from Bar Codes to Chip Implants (Hershey, PA: IGI, 2009). She has published over 85 peer-reviewed papers. She researches predominantly in the area of emerging technologies, and has secondary interests in technologies used for national security and their corresponding social implications.


George Roussos

Department of Computer Science and Information Systems at Birbeck College, University of London, London, U.K.

George Roussos

George Roussos

George Roussos (Member, IEEE) received the B.S. degree in mathematics from the University of Athens, Athens, Greece, the M.S. degree in numerical analysis and computing from the University of Manchester Institute of Science and Technology, Manchester, U.K., and the Doctor of Philosophy degree from the Imperial College of Science Technology and Medicine, University of London, London, U.K. Before joining Birkbeck College, University of London, as a Lecturer he worked as the Research and Development Manager for a multinational information technology corporation in Athens, Greece, where he was responsible for the strategic development of new IT products in the areas of knowledge management and mobile internet; as an Internet Security Officer for the Ministry of Defense, Athens, Greece, where he designed the Hellenic armed forces internet exchange and domain name systems; and as a Research Fellow for Imperial College, London, U.K., where he conducted research in distributed systems. He is currently investigating the effects of social activity on system architectures, and exploring mechanisms to support navigation and findability. Dr. Roussos is a member of the Association for Computing Machinery (ACM), SIGMOBILE, the IEEE Communications Society, and the IEEE Computer Society.


George Q. Huang

Department of Industrial and Manufacturing Systems Engineering, The University of Hong Kong, Hong Kong

George Huang

George Huang

George Q. Huang received the B.Eng. degree in manufacturing automation from Southeast University, Nanjing, China, in 1983 and the Doctor of Philosophy degree in mechanical engineering from Cardiff University, Cardiff, U.K., in 1991. Currently, he is a Professor at the Department of Industrial and Manufacturing Systems Engineering, The University of Hong Kong, Hong Kong. He has been previously employed as Research Fellow and Lecturer in various universities. He has been conducting research projects in intelligent product design and manufacturing in a context of supply chain logistics. He has published over 250 research papers, half of which have appeared in reputable journals in addition to two monographs and two edited reference books. Dr. Huang serves on editorial boards of a number of international journals. He is a Chartered Engineer and a member of the American Society Of Mechanical Engineers (ASME), the Institution of Industrial Engineers (IIE), the Institution of Engineering and Technology (IET), Hong Kong Institution of Engineers (HKIE), and Hong Kong Logistics Association (HKLA).


Arunabh Chattopadhyay

Wireless Internet for the Mobile Enterprise Consortium (WINMEC) at the Henry Samueli School of Engineering and Applied Science, University of California Los Angeles , Los Angeles, CA, USA. 

Arunabh Chattopadhyay received the B.S. degree from Jamia Millia Islamia (JMI) University, Delhi, India, in 2005 and the M.S. degree in electrical engineering from the Indian Institute of Technology, Kanpur, India, in 2007. Currently, he is working towards the Ph.D. degree at the Wireless Internet for the Mobile Enterprise Consortium (WINMEC) Center, University of California Los Angeles, Los Angeles. His areas of interests are in RFID and distributed database systems.

Rajit Gadh

Wireless Internet for the Mobile Enterprise Consortium (WINMEC) at the Henry Samueli School of Engineering and Applied Science, University of California Los Angeles, Los Angeles, CA, USA

Rajit Gadh (Member, IEEE) received the B.S. degree from Indian Institute of Technology, Kanpur, India, the M.S. degree from Cornell University, Ithaca, NY, and the Ph.D. degree from Carnegie Mellon University (CMU), Pittsburgh, PA. He is a Professor of Engineering, Director of Wireless Internet for the Mobile Enterprise Consortium (WINMEC) Center, University of California Los Angeles (UCLA-WINMEC), and Director of UCLA Smart Grid Energy Research Center. He has taught as a Visiting Researcher at the University of California Berkeley, has been an Assistant, Associate, and Full Professor at the University of Wisconsin—Madison, and did his sabbatical as a Visiting Researcher at Stanford University, Stanford, CA, for a year. He has lectured and given keynote addresses worldwide. Dr. Gadh has won several awards from the National Science Foundation (CAREER award, Research Initiation Award, NSF-Lucent Industry Ecology Award, GOAL-I award), The Society of Automotive Engineers (Ralph Teetor award), IEEE (second best student-paper, WTS), the American Society Of Mechanical Engineers (Kodak Best Technical Paper award), AT&T (Industrial Ecology Fellow Award), Engineering Education Foundation (Research Initiation Award), William Wong Fellowship award from the University of Hong Kong, and other accolades in his career. He is on the Editorial board of the ACM Computers in Entertainment and the CAD Journal.

B. S. Prabhu

Wireless Internet for the Mobile Enterprise Consortium (WINMEC) at the Henry Samueli School of Engineering and Applied Science, University of California Los Angeles, Los Angeles, CA, USA

B. S. Prahbu received the Doctor of Philosophy degree. Currently, he is a Senior Research Engineer at the Wireless Media Lab and Wireless Internet for Mobile Enterprise Consortium (WINMEC), Henry Samueli School of Engineering, University of California Los Angeles (UCLA). He is currently engaged in research in the areas of adopting wireless technologies (RFID, Wi-Fi, Bluetooth, GPRS, GPS) for enterprise applications. His areas of interest include RFID ecosystem for manufacturing, development of a generic wireless sensor interface, RFID and sensors in healthcare (both in-patient and ambulatory), and semantics-based automated applications. He has been the lead architect of a RFID middleware project, a pioneering effort in developing a comprehensive RFID architecture which supports multiple RFID technologies to work synergistically to provide best-of-breed solutions to many industry verticals. He has over 30 research publications in peer-reviewed journals, conferences, and books.

Peter Chu

Wireless Internet for the Mobile Enterprise Consortium (WINMEC) at the Henry Samueli School of Engineering and Applied Science, University of California Los Angeles, Los Angeles, CA, USA

Peter Chu received the B.S. degree from the National Taiwan University, Tainan, Taiwan, in 1990 and the Doctor of Philosophy degree from the University of Wisconsin—Madison in 2001.

Currently, he is a Senior Researcher at the Henry Samueli School of Engineering and Applied Science, University of California Los Angeles (UCLA). He is a seasoned Research Manager who has supervised and steered multiple industry and academia research projects in the field of smart grid, RFID technologies, mobile communication (WiFi, Bluetooth, Zigbee, GPRS, 3G), media entertainment (DRM, mobile music, video, imaging, gaming, etc.), 3-D/2-D visualization of scientific data (astronomical, power system, industry process data, etc.), and computer-aided design. He has over ten years of experience in research and development of software architectures, frameworks, and solutions, and has delivered multiple project solutions and software packages to the industry globally. He leads active research collaborative projects with companies such as Siemems, Qualcomm, Motorola, HP, Raytheon, Maersk, and Northrop Grumman. He holds two patents and has published more than 30 papers in professional engineering and scientific journals, books, and conference proceedings. He had published papers focused on RFID research and more recently was invited to author a book chapter on “Mobile, wireless and sensor networks: Technology, applications and future directions” (Wiley). He has been invited to Korea and Taiwan to speak on the current status of RFID and sensor network applications. Dr. Chu received the Best Paper Award in Excellence for Applied Research at the 2004 Wireless Telecommunications Symposium.

Citation:  Katina Michael; George Roussos; George Q. Huang; Arunabh Chattopadhyay; Rajit Gadh; B. S. Prabhu; Peter Chu, "Planetary-Scale RFID Services in an Age of Uberveillance", Proceedings of the IEEE, Year: 2010, Volume: 98, Issue: 9, pp. 1663 - 1671, DOI: 10.1109/JPROC.2010.2050850

IEEE Keywords: Radiofrequency identification, Internet, Radio frequency, Technological innovation, Decision making,Technology management, Business process re-engineering, Packaging, Supply chains, Australia

INSPEC: surveillance, business process re-engineering, decision-making, Internet, radiofrequency identification, strategic planning, vision, RFID services, uberveillance, radiofrequency identification, barcode tagging, nonline of sight identification, decision making, strategic management, reengineered business process

Author Keywords: vision, Innovation, radio-frequency identification (RFID), service

RFID—A Unique Radio Innovation for the 21st Century  

In 1948, the Proceedings of the Institute of Radio Engineers published Harry Stockman's seminal work on “communication by means of reflected power,” which many consider as the first paper on radio-frequency identification (RFID). The paper concluded by expressing the expectation that “considerable research and development work has to be done before the remaining basic problems in reflected-power communication are solved, and before the field of useful applications is explored.” It is only appropriate that after more than 60 years following the publication of this work by its progenitor, in this special issue, the Proceedings of the IEEE review current developments towards the realization of the goal outlined by Stockman.

This special issue explores the state of the art across the RFID technology landscape from hardware, to systems, as well as applications and support for innovative business models.

Indeed, while RFID technology has been around for decades, it is only in the last ten years or so that considerable progress in technology and standardization, resulting in large-scale manufacturing of high-performance RFID system at affordable prices, has reignited interest in RFID, and has significantly extended the scope of possible applications. To a certain extent, addressing the main problems associated with RFID technology itself has been only the beginning of this process, as similarly extensive breakthroughs have been and are still required within associated information systems so that they can take advantage of the technology. For example, while it has become technically and economically feasible to tag a wide variety of manufactured artefacts for some time now, enterprise IT systems have been unable to cope with such detailed information and the high volumes of data generated as a result of IDs that are unique for each item. As a result such systems have already undergone considerable development so as to simply be able to record such information, with further work required in the future.

Stockman also correctly anticipated that applications would play a central role in taking RFID technology forward. While the first generation of RFID involved the concurrent reading of one or a small number of tags that moreover carried only a simple identifier, today's novel applications are making greater demands on tags, readers, middleware, infrastructure, and IT in terms of affordability, performance, and flexibility. Notable among them are the initiatives by the Department of Defence and Wal-Mart in supply chain operations, which have played a central role in increasing awareness, and in highlighting the business value and the challenges in deploying RFID. By tracking assets, supplies, and personnel, many enterprises are increasingly experimenting with new business models to integrate RFID within their digital ecosystems.

While innovation in basic RFID and supporting technologies continues to advance the field, the marketplace also plays a central role by eliminating the less viable options. To be sure, this interplay between the research community and the engineering and business community has been instrumental in the development of RFID, and in this special issue, we aim to represent both sides and their concerns.

RFID is increasingly seen as far more than a simple and effective automatic identification technology. Academic and industrial proponents view RFID as the cost-effective technical solution for the development of open, shared, universal ubiquitous computing infrastructures thus pioneering the next paradigm in computing. From this point of view, RFID is seen as the core ingredient that enables the coupling of physical entities and digital information into cyberphysical systems and is widely expected to bring about pervasive computing One of the main challenges towards the realization of this vision, often also expressed using the term internet or web of things/artifacts,1 is the provision of networked services that support interaction between conventional information systems and such augmented natural objects and manufactured artifacts.

This special issue explores the state of the art across the RFID landscape from hardware, to systems, applications, and support for innovative business models.

The first two papers consider techniques that can lead to improvements of RFID tag performance across applications. Moretto et al. employ modeling and simulation to investigate the loading effect and its implications for RFID tag antenna performance. In particular, they propose an optimal model of shunt resistance and calculate boundaries for this effect with regard to distance from the reader, which imply support for larger tag memories, on-tag encryption, and improved performance in hostile environments. Bolomey et al. introduce the concept of transfer impedance to characterize RFID systems. Furthermore, they employ two metrics to assess the performance of RFID tags, and illustrate their application in several case studies. They conclude by demonstrating how their model can be used in practical situations to investigate the tradeoffs for RFID tag design in specific applications.

Furthermore, Dardari et al. survey the application of ultrawideband technology to RFID considering specific opportunities for improved area coverage, better resilience to interference, higher multiple-access capability, and higher ranging resolution that can facilitate more accurate localization.

The following three papers consider the case of RFID-enabled wireless sensor networks. Roy et al. examine how sensors can be integrated into tags, with emphasis on enhancements to link and multiple-access layers, and support for advanced power management. The paper reports on two key innovations introduced by the authors, namely, a programmable tag powered through energy harvesting and a software-defined RFID reader. Bhattacharyya et al. discuss a scheme that allows RFID tags to be used as low-cost sensors by mapping a change in some physical parameter of interest to a controlled change in RFID tag antenna electrical properties. The paper provides three application types for which this class of RFID sensing is well suited, including temperature threshold sensing, displacement sensing, and fluid level sensing. Lakafosis et al. consider the case of printed electronics on flexible and paper substrates. They highlight their unique capabilities and the benefits of using paper as the ultra-low-cost, conformal, and environmentally friendly substrate for mass-scale and ubiquitous implementation of such applications, thus eliminating the need of expensive RFID reader infrastructure.

Merilampi et al. also consider the use of printed electronics for RFID. Specifically, they investigate the effect of the conductive ink layer thickness on the performance of printed ultra-high-frequency (UHF) RFID tag antennas. The relationship established between performance characteristics and ink thickness provides a basis for tradeoff optimization between the cost and read range requirements in certain applications.

Hande et al. present a piezoelectric vibration energy harvesting design for active RFID tags. Vibration data from high-value assets used during disaster relief have been analyzed and their results provide a comprehensive description of their prototype including system form factors, efficiency, and lifetime.

Nikitin et al. demonstrate how by using hollow metal heating, ventilating, and air-conditioning (HVAC) ducts can provide a potential communication channel between passive UHF readers and tags. HVAC ducts behave as electromagnetic waveguides with much lower signal attenuation compared to free-space propagation and the authors have been able to achieve a 30-m read range for standard tags with free-space range of only 6 m.

Chen et al. propose a novel EPC application level events (ALE) compliant logical reader abstraction defined on spatial zones and implemented by combining tracking information from passive RFID and positional information from active RFID. This approach allows for fine-grain, near-real-time tracking of high volumes of assets within large spaces, at significantly lower infrastructure cost.

Sani et al. presented an implantable RFID for medical applications paying special attention to its communication range and antenna design. Their research demonstrates that a passive tag solution allows only for a limited communication range due to the electrically small size of the antenna and nulls in the radiation pattern. Active tags are found to have distinct advantages in this domain.

Gentili and Iadanza address the problem of positive patient identification within a pediatric intensive care unit. They implement a tracking and identification system using IEEE 802.11 and active RFID technologies. The system appears to result into a substantial improvement according to the total risk priority number methodology, a technique employed by carers to assess patient risk, when compared to a non-RFID system.

Michael et al. discuss different alternative futures for RFID from establishing a rather simple alternative to bar code tagging to fulfilling its full potential as a core ingredient for the internet of things. They outline a vision for an RFID product service system, the kinds of smart applications that are likely to emerge in the future as a result of this, and the role of data management capabilities in planetary-scale systems.

Finally, Baker et al. report on a recent empirical study dealing with the RFID investment decision. The study examines the factors that affect this decision in the case of early RFID adopter and nonadopter companies. While the adoption cost remains a primary concern, the opportunity for strategic benefits in decision making is seen as a key factor for RFID adoption.

This collection of papers brings out the state of the art, the technical and engineering challenges that are faced by the field, the directions taken by the academic and the industrial community, and the opportunities in technology, standards, and business. RFID has gone from a niche industry now to becoming part and parcel of underlying technology in consumer and enterprise spaces. The future of RFID is expected to be even more exciting including intelligent tags, tags that can scavenge energy from the environment, readers and tags that can create meshes of self-organizing intelligent networks, embeddable tags, etc. We hope that this collection of papers forms the genesis of intellectual thought leadership discussions that go on to create a vibrant, viable, and sustainable RFID community.

Keywords: Special issues and sections, Radiofrequency identification, Technological innovation, radiofrequency identification, corporate modelling, innovation management, innovative business models, RFID technology

Citation: Rajit Gadh, George Roussos, Katina Michael, George Q. Huang, B. Shiv Prabhu, Peter Chu, "RFID—A Unique Radio Innovation for the 21st Century", Proceedings of the IEEE, Volume: 98, Issue: 9, Sept. 2010, pp. 1546 - 1549, DOI: 10.1109/JPROC.2010.2053871

The Social Implications of Location Based Social Networking



Location based social networking (LBSN) applications are part of a new suite of emerging social networking tools that run on the Web 2.0 platform. LBSN is the convergence between location based services (LBS) and online social networking (OSN). LBSN applications offer users the ability to look up the location of another “friend” remotely using a smart phone, desktop or other device, anytime and anywhere. Users invite their friends to participate in LBSN and there is a process of consent that follows. Friends have the ability to alter their privacy settings to allow their location to be monitored by another at differing levels of accuracy (e.g. suburb, pinpoint at the street address level, or manual location entry). This paper explores the impact of LBSN upon society, especially upon trust between friends. The study used focus groups to collect data, and a qualitative approach towards analysis. The paper concludes that while there are a great many positive uses of LBSN, there are some significant problems with current applications, and that better design is required to ensure that these technologies are not exploited against a user to commit harm.

Section I. Introduction

Location Based Social Networking (LBSN) applications such as Google Latitude, Loopt and BrightKite enhance our ability to perform social surveillance. These applications enable users to view and share real time location information with their “friends”. With the emergence of this technology it is crucial to consider that “technology alone, even good technology alone is not sufficient to create social or economic value” [1]. Further to not contributing “sufficient” economic or social value, Kling and other scholars have identified that technologies can have negative impacts on society [2].

As location based social networking technologies are used between “friends” they have the potential to impact friendships, which are integral not only to the operation of society but also to the individual's well being [3]. By enabling real-time location tracking of “friends” LBSN puts LBS technologies in the hands of “friends” while also enhancing the experience of online social networking (OSN). In essence it meshes together the positives and negatives of OSN and LBS creating a unique domain of enquiry, forcing researchers to ask new questions. The purpose of this paper is to explore the implication of location based social networking upon “friendships”, with a particular focus on the impact upon trust.

Section II. Social Informatics

Social informatics aims to “explore, explain and theorize about the social technical contexts of information communication technologies” [4] with a view to developing “reliable knowledge about information technology and social change based on systematic empirical research, in order to inform both public policy issues and professional practice” [5]. In this way social informatics looks at the broader picture of the implementation of information communication technologies (ICT), to understand their operation, use and implications. By undertaking research on location based services from a social informatics perspective, the credible threats of the technology, and the circumstances they arise within and their severity can be identified. One of the key concepts underlying the approach of social informatics is that “information technology are not designed or used in social or technological isolation. From this standpoint, the social context of IT influences their development, uses and consequences” [6]. Social informatics takes a nuanced approach to investigating technologies and explores the bidirectional shaping between context and ICT design, implementation and use [4] as is depicted in Figure 1.


Figure 1. Bidirectional Shaping between Context and ICT Design

This approach, which combines the social aspects and the technical aspects of technology, has been found to be useful for understanding the social shaping and consequences of information communication technologies [7]. Examples of social informatics research include the vitality of electronic journals [8], the adoption and use of Lotus Notes within organizations [9], public access to information via the internet [10], and many other studies which employ a nuanced perspective of technology in order to understand the social shaping and consequences of ICT. Social informatics research also investigates new social phenomenon that materialize when people use technology, for example, the unintended effects of behavioral control in virtual teams [11]. Social informatics is not described as a theory, but as a “large and growing federation of scholars focused on common problems”, with no single theory or theoretical notion being pursued [4]. What social informatics does provide is a framework for conducting research. The framework of social informatics research is that it is problem orientated, empirical, and interdisciplinary with a focus on informatics.

Social informatics research in the area of LBS and OSN has highlighted the implications of using these technologies, including the concepts of trust, control, privacy and security. In addition OSN studies have exposed the ability of these technologies to alter and impact upon social relations. These studies provide a guide for concepts of interest to study in terms of the emergent technology of LBSN. Studies on LBSN however have not investigated the implications of the use of sophisticated LBSN applications, as are currently available. This research aims to address this gap by engaging in a social informatics based investigation of the implications of LBSN.

The problem addressed by this research is: under what conditions do location based social networking technologies enhance or reduce trust between “friends”? This research is concerned with the formulation of the socio-technical landscape that location based social networking applications exist within. The purpose of which is to understand the bidirectional relationship of society and technology and discover the circumstances within which trust will be negatively affected by the use of the technology. The nature of social informatics warns against a simplistic cause and effect approach to technology [12]. As such this research topic does not contain simple propositions that A causes B, rather it is developed upon a set of questions that reflect the interrelated social and technical aspects of the research.

  • Who are the users of the technology?

  • What is the technology used/misused for?

  • What relationships will it be utilized within?

  • How is trust categorized in these relationships?

  • What circumstance(s)/ context will it be used for?

  • What are the technological capabilities?

Section III. Focus Groups

A focus group is a “research technique that collects data through group interaction on a topic determined by the researcher” [13]. A key characteristic of focus groups is the insight and data produced by the interaction of the participants [14]. Focus groups are primarily used within preliminary or exploratory stages of a study [15]. This study uses focus groups to explore and discuss the use and implications of LBSN with the aim of generating a nuanced understanding of the socio-technical framework that LBSN operate within. The unit of analysis for the study was both at the individual and group level [16]. Focus groups enable individuals to express their “attitudes, beliefs and feelings” and the interaction between participants enables these views to be explored on a group level.

A. Design

Five focus groups were conducted for this study. This is justified on the basis that data becomes “saturated” with very little new content emerging after the first few sessions are conducted. The focus groups were conducted with students enrolled in a third year core subject covering professional practice and ethics, in the information technology and computer science curriculum at the University of Wollongong in the first week of May 2009. The background of these students means that it can be assumed that they are technology literate and able to grasp and understand (if not already using) emerging technologies. The focus groups were run in the tenth week of session, when it could be assumed that students were equipped with refined analytical skills to identify ethical and social aspects of technology. A further benefit in utilizing tutorial classes for the study is that the groups were pre-existing and therefore group members were able to easily relate, and also comment upon incidents which they shared in their daily lives [17].

Large focus groups can consist of between 15 to 20 participants and are appropriate for topics that are not emotionally charged. Larger groups are renowned for containing “a wide range of potential responses on topics where each participant has a low level of involvement” [13]. It should be noted that each focus group in this study had on average 15 active participants. The majority of participants were aged between 18 to 22 years old with several mature age students aged between 30 to 45 years old in each class. There was an approximate 60/40 mix of domestic and international students in each of the focus groups. The majority of international students came from China and Singapore.

B. Questions and Stimulus Material

Two moderators were used to conduct the focus groups. In order to maintain consistency between moderators and encourage a neutral approach to the focus group discussion a Question and Stimulus pack was created. The moderators played an active but neutral role, facilitating discussion and probing the participants in order to engage a deeper discussion of the issues. The purpose of developing the focus group questions and stimulus material was threefold; firstly to ensure conformity and standardization across all focus groups, secondly to provide direction and stimulus for the discussion and thirdly to provide participants with knowledge relevant to the focus group discussion. Furthermore the questions and stimulus material enabled the focus group to be structured into three sections of enquiry as demonstrated in figure 2.


Figure 2. Focus Group Sections

The purpose of the focus group questions was to obtain an understanding of the socio-technical framework of LBSN. In order to develop the questions the researcher reviewed the literature on LBS, LBSN, OSN and Trust, along with general media, including blogs and web articles on LBSN and Google Latitude. The questions developed focused upon:

  • Whether participants would use LBSN

  • Why would/(not) participants use LBSN

  • Who they would allow to see their location

  • Who they would like to know the location of

  • What issues surround the use of LBSN

  • The use of LBSN in relationships generally

  • The use of LBSN in relationships focusing on trust

In order to facilitate discussion, open-ended questions were used.

C. Data Analysis

The first stage of the data analysis is the transcription of the focus groups. The data was then analyzed by drawing “together and comparing discussions of similar themes … [to] examine how these relate[d] to the variables within the sample population” [17]. The method of analysis was manual qualitative content analysis. Qualitative methods are constructivist in approach [18]. They take an “interpretive, naturalistic approach to [their] subject matter” and explore things in “their natural setting attempting to make sense of, or interpret phenomena in terms of meaning people bring to them” [19]. In most cases, qualitative research results in the discovery of themes and relationships. Qualitative content analysis is concerned with capturing the richness and describing the unique complexities of data and as such provides understanding. This method allows the researcher to position, relate and ultimately understand the abstractly inferred content from a higher level processing of text and interaction.

Section IV. Results

A. Propensity to Adopt LBSN

There were three categories of response to the question would you use LBSN: adoption, non-adoption and those who had already adopted. Within each of these categories there was a spectrum of responses with participants identifying conditions of adoption or non-adoption to qualify their position. Overall most participants were in favor of non-adoption. Each of these categories of response is explored below.

1) Participants who had Adopted LBSN

Two participants had already adopted a LBSN application. In both cases the LBSN chosen was Google Latitude. One of the participants had ceased using Latitude while the other still had it installed. The participant who no longer used Latitude stated: “I got it and got rid of it because it was just weird”. When the participant was asked why it was “weird” they responded: “because it was like running in the background and you could either sign in and then it kept logging in all the time and I didn't want my brother knowing where I was all the time.” The only person who this respondent had listed as a “friend” on Latitude was his brother as at the time, Latitude was fairly new and the respondent did not think that many people used it.

The second participant who had adopted LBSN, and was still using it was doing so without any “friends”. This participant noted that Latitude: “really wears the battery down fast. I'll exit Google Latitude and it will ask- ‘would you like to continue sharing your location’ and I'll do that but then I'll have no battery left. So it is kind of useless. I still have it. Every now and then I'll log in and update my location. There is not a lot of point.” This second participant observed that without updating your location automatically there is “not a lot of point” to the application. The barrier to allowing automatic updates in the second participant's view was not the “weird” feelings it generated, but the battery power requirement. However this user had “no friends” registered to share their location with.

2) Participants who would Adopt LBSN in the Future

Of the participants who responded that they would adopt a LBSN like Google Latitude, most set out conditions of use to qualify their position while others identified availability of technology to support Latitude as a barrier to adoption. Some focus group participants were indifferent while others identified that they were open to adopting the technology without imposing any specific conditions. The conditions of use that participants specified were the accuracy of the device/application, the level of control over the visibility of their location and when the application would be used.

The condition of adoption based upon the accuracy of the device was expressed in terms of both high and low accuracy. In terms of low accuracy one participant expressed: “Participant: Depends how accurate. [Moderator: Accurate down to street level. |Participant: I think that would be kind of weird, I wouldn't like that.” This participant perceived street level accuracy as “weird”, and stated they would not adopt LBSN if it had such a high degree of accuracy. In terms of high precision accuracy one participant said that they would use a LBSN but “it would have to have a high quality network.” This participant had used LBSN before in China but experienced problems with it and after a “one day test … I didn't go ahead because the feasibility and reliability was not good, it had nothing to do with the privacy problems.”

Several participants would use LBSN upon the condition that they would be able to control the visibility of their location. Visibility was expressed in terms of controlling the level of location information (no information or street, suburb and state level) displayed, as well as control over who had access to the location information. In terms of visibility one participant commented that they would use it if they could specify: “[d]ifferent levels of visibility. Gaming friends at the state level; family — no problem because you trust them; girlfriend — no problem. Obviously the level of relationship trust would be the determining factor in how much access each person would be able to have.” This participant identified that the level of location information disclosed correlated to the different level of trust in each relationship. Other participants simply desired the ability to “easily block your location at all times” or “deactivate” the device.

In relation to who has access to location information one participant indicated that they would use it: “only on family. … Or if children are alone [and] I want to know where they are. But not with friends because if friends know where I am maybe they wonder why I am there and they ask and I have to answer like small, small details…” Identifying that some people do not want to disclose information about themselves to friends as it would open up a Pandora's box of questions about where they were and what they were doing and who they were with and so on. Another participant stated they would use LBSN but “confine it to a restricted group like … close family”, while another would use it if they had kids: “[i]fI have kids I will put it on their phone”.

Participants identified that they would only use LBSN in certain situations for example one participant said they would only use it if they were traveling stating: “[t]he only use I see in it is if I was traveling. I went on a holiday in Tasmania and my mum was worried about where I was because I wouldn't contact her and stuff. And with this she would be able to know where I am constantly, and if I am lost somewhere they would know the last place I was at.” Another participant identified that: “[t]his thing comes in really handy in unforeseen situations, maybe you are in a car and you cannot call a person to come along. So those are a few situations where it can be helpful but for security and privacy. If I can find myself in the database and I can only be seen by my close family that will be really good.” This demonstrated that there were situations within which the utility of LBSN would motivate individuals to adopt the technology although there were some concerns about security and privacy by some participants.

Finally there were three responses which did not identify conditions upon adoption. The first response was by a participant who would adopt LBSN however, they did not have the requisite device. They reflected: “the technology that I have will not let me [conduct LBSN] because I have an older phone. I tried using it but it wouldn't work.” The second response identified that they would use it without conditions and that it did not pose any privacy concerns for them. I'd “use it but I'd stop using from boredom more than anything else, it wouldn't be because of privacy. There doesn't seem like there is a point to it. It is not a privacy thing.” The final response to mention in this section is by a participant who was open to the adoption of LBSN. “I reserve judgment until I see it in action. The general idea is pretty useful I guess. I am open to it. If you have someone's email address you can find out where they live and you can find out anything you want about them… I'm not too worried about it at this point because I think it is probably too late to start worrying about how much protection … you know… your identity and your location, it's all out there.” This participant drew upon the idea that identity and location information is already available on the Internet or in caller detail records or direct marketing material, concluding that it is therefore “probably too late to start worrying about how much protection” we place on further exposure of location information.

3) Participants who would Never Adopt LBSN

The majority of participants indicated that they would not adopt LBSN. Participants gave the following reasons; it is unnecessary or a hassle, it raises ethical concerns, segregates from human contact, or they did not want to disclose their location. The participants who identified that it was unnecessary or a hassle included the following responses: “I don't have time”  “Would be a hassle I don't use stuff like that”  “Unnecessary, I don't care exactly where my friends are. I wouldn't use it to find them whether or not they would use it to find me”  “If you are a close enough friend then would you not just call them?”  “There are other ways of getting in contact, so do we need this location based networking to get in contact. Phone calls are easy enough to make. I am saying you can have it, it is just social networking, whatever, if you just want to keep in contact with friends and that but you can also do that in other ways as well.” All these responses indicate the view of some participants that LBSN is not a necessity, and that existing technologies can be used or should be used- “would you not just call them?” A side note to observe from the latter three responses above is that these participants regarded the existing technologies, which do not allow for unobtrusive observation of location, should be used in preference to LBSN.

Participants identified a range of ethical concerns from using LBSN to prank people “because they trust it”, such as LBSN being used by “serial killers” or for the purpose of “stalking”. More detailed ethical concerns were discussed in responses to “Why would/(not) participants use LBSN?” In addition to the ethical concerns one participant commented that LBSN would change the dynamics of communication with the effect of segregating users from human contact. “It segregates people from human contact. Instead of calling them up and asking them what they are doing, you will just search thlem and see what they are doing without them knowing. It is like stalking.”

A large proportion of the participants who would not use LBSN explained their view on the basis that they did not want to share their location information. Some of the remarks included that LBSN was “[a]nother layer of what people already know about you”  “I don't like people knowing where I am half the time”  “I wouldn't use it. I just don't want everyone knowing where I am 24/7. Even if like you have the option to turn it off or whatever, I would still feel like even when it is off it is kind of … I don't know I'd still feel unsure about it”  “like you may forget to turn it off and not want people to know where you are like, if you are cheating on your girlfriend. And if she goes on and sees that you are at another girl's place”  “If you have it on 24/7 and then there are brief stints where it is off then people are like “he is up to something” or “what is he doing now”. Even if they don't know what you are doing, they might think that you are doing something suspect because this is the time that it is off”  “People like to do that — they like to think ‘Oh he could be doing something suspect, lets find out what it is’.”

Two key ideas emerge from these responses. Firstly, that some people are concerned about revealing too much information about themselves like “I don't want everyone knowing where I am 24/7”. Secondly that revealing location can be dangerous-not in and of itself-but because of what people do with that information. As the latter two responses illustrated, people's curiosity and desire for gossip can lead them to use location information for the wrong purposes and infer “suspect” scenarios.

B. Reasons Why Participants Would/Would Not Use LBSN

The second discussion question was why or why not participants would use LBSN. Some participants provided reasons for their position in response to the first question, however this second question required the respondents to expand upon that discussion and identify specific purposes for using and not using LBSN regardless of their response to the first question. The participants’ responses are summarized in Table I with a discussion of the responses in the two following sections.

1) Reasons Why Participants Would Use LBSN

The reasons that participants stated they would use LBSN included the ability to keep track of or monitor children, employees or friends, store a travel journal for themselves and others to view, to provide parents or carers with peace of mind while they were traveling or for fun. Following are excerpts of some of the responses provided by the participants.

TABLE I. Reasons to use/not use LBSN

Reasons to use LBSN

• Monitoring or tracking of children, employees, friends

• Travel journal

• Parents peace of mind while traveling


Reasons not to use LBSN

• Intrusion into peoples’ lives

• Impact upon trust

• Drain the batteries in device

• Privacy

• No one uses it

In relation to monitoring or tracking participants expressed: “[t]he only reason that I would use it is if I wanted to know where someone was and they weren't telling me where they were”  “Well if you were one of those people who always had to know where someone was then it would be useful because then you wouldn't be always calling them [saying] ‘where are you, where are you?’”  “If I had a business I would use it on my employees, especially if they had their own vehicles, so I would know where the employees are going.”

Participants also expressed that they would use LBSN if they were traveling: “[t]he only use I see in it is if I was traveling”  “Used for traveling, when you want your friends back at home to keep track of where you are”  “If you are traveling from location to location so you can see where you are and also for people who want to see where you are and who want to know what time to expect you. So they can see how long it will take before you arrive.”

And finally one participant noted that “maybe I would use this just for fun. Like, ‘where are you?’ for fun. If I don't want to use it, I'll just turn it off”.

2) Reasons Why Participants Would Not Use LBSN

Participants gave several reasons why not to use LBSN including that it would present an intrusion into peoples’ lives, impact upon trust, drain the batteries in the device, present privacy concerns and because no one else uses it. Following are some excerpts to clarify and expand upon these reasons.

Participants who identified that LBSN presents an intrusion into peoples’ lives made the following comments: “[c]omes across more as a tool for surveillance rather than a social networking tool” “Parents putting it on their children's phone — negative use for it. Good for the parents but I don't think the child will like it”  “It is just an intrusion into your kid's life, that really shouldn't be there — too much of an intrusion and not enough freedom for when you are getting older and everything, and deserve more freedom” I “Coming home from work and going to the bar but saying to your wife that you are stuck in traffic- ‘oh really but it says you're at the bar, honey’… That kind of problem would come up because people have a tendency to be doing things that they are not supposed to be doing.” These comments illustrate how LBSN can stand in the way of the human desire for freedom and autonomy with the ability to stray from plans.

Participants merely stated that privacy, trust and battery life were reasons for non-use. The participants however elaborated more upon the reason that no one else uses LBSN stating that: “I probably would not use it because no one else uses it so why would I have it. Like it might not be popular now so that is a reason for now, but in the future when everyone else has it, it might not be a reason. So its popularity might affect whether or not I would use it.” In response to this remark another participant commented that: “But when things become more popular, like MS Windows, then people decide to hack MS Windows because it is the same thing that everyone uses. So if everyone started using this, someone out there might find a way to hack it and take advantage of it.”

C. Viewing and Disclosing Location

Participants were asked “Who would you allow to see your location?” and “Who do you want to view the location of?” More responses were elicited from the first question, demonstrating that participants are more concerned with who is able to see their location rather then who they can see. Table II below summarizes the participants’ responses.

TABLE II. Viewing and Disclosing Location Information

People who can View

• No one

• Family/close friends/trusted people

• Friends

• Anyone

• Everyone

People to View

• Everyone

• Friends

• Prime Minister Kevin Rudd

• Parents (depending on the circumstances)

The majority of participants would allow their “family’ or “close friends” to view their location or specified people that they considered to be “really really trusted”. Many participants would allow “family” or “close friends” but not both categories. One participant specified that they “would not request [to use LBSN with] any family member [but] … I might accept it if they add me but I would never actually ask this from my family”. Another participant would add a sibling but not parents and when asked why not stated that: “I tell them a lot but I just don't want them to know absolutely everything. There is this thing where you want to be your own person, have your own space, you don't want to be like trapped. Because you act differently because you think ‘oh shit my parents are always going to be watching what I am doing and where I am’ and that is not good, I don't like that.”

Some participants would add their friends, however specified that it would not be just an acquaintance or “some mate you just bumped into on the road”. However other participants would add everyone or anyone: “Everyone — who would really want to know where I am? … unless I win the lotto” “I'd let anyone. But I would turn it off if I was doing something that I didn't want people to know about”  “If you were doing something and you wanted privacy you would turn it off. But otherwise if people want to enjoy laughing at where I am then I don't really mind.” Although these participants did identify that they would allow anyone or everyone, they did impose some conditions upon their answer. The participants were not as specific about who they would view the location of. Many suggested that they would want to track everyone, even Prime Minister Kevin Rudd, or just their friends.

Section V. Issues surrounding the use of LBSN

The focus group participants were asked what they thought were the potential issues with the use of LBSN. Figure 3 represents the broad categories of responses provided by the participants. The shade of color provides an indication of the number of times each issue came up within the focus groups; the darker the shade, the greater the frequency the issue arose. Security was the premier concern, followed by privacy and trust. Social relations, control, and technological issues were also important to participants.

Figure 3. Issues Surrounding LBSN

A. Security

The focus groups drew out three main issues in relation to security; security of self, security of information and security of others. In relation to security of self, participants commented that LBSN could be: “used as a bullying thing … if you see someone in an area and there is no one else really around that area then bullies could go and use it to get that person”. Another participant identified that “I can watch you on Google Latitude — if you update it every three or four hours and know where you are and build a profile”. Other participants mentioned that it could be used for “stalking” or “pedophile tracking.” One participant commented that it could be used for covert tracking: “I think that if the location is set to continuous tracking there won't be any notification sent from Google Latitude. So if anyone gets a hold of your mobile and sets it to continuous tracking they can follow you around.” The scenario depicted by this participant however, is not entirely accurate, as Latitude does provide notification that it is running in the background, however this notification is only given once a month for the first few months and then once every three months. Therefore covert tracking with latitude would be possible for at least one month or in other cases a few weeks. There are some other LBSN applications that are now entering the market, however, that provide no notification whatsoever.

Participants questioned the security of information retained by the service provider, questioning whether Google would “share our information”, or third party hackers who would “hack into the system [and then] would be able to find whoever, whenever”. In relation to security of others one participant noted that “[my friend's] location and activities  are secured to me, as long as I have my cell phone. If I lose it, and another person finds it … they can easily see the location of my friends”. Therefore having the ability to access a friend's location information can pose a potential threat to the other person's security if the device is lost, stolen, or given to a third person not authorized to view the location information.

B. Privacy

Participants identified privacy as an issue, as LBSN applications primarily involved sharing personal information. The main issue, which emerged, was the intrusion into personal life caused by LBSN. Example remarks included: “[s]omeone can track you and see whether you have gone to a medical centre, so if you wanted to be tested on something and you didn't want anyone to know about it because you would be rejected by society”  “random things like being at the doctor's surgery and having the phone in your pocket and you don't want everyone prying into your life”  “if you were doing anything — not necessarily a crime — but something you wanted to keep secret.” An additional issue was questioning the privacy policy of Google Latitude (and therefore Google) and whether that would “override” the legislation of some jurisdictions to allow for law enforcement authorities who have a warrant to obtain detailed records of one's location.

C. Trust

Participants identified three ways that LBSN could affect trust. Firstly, LBSN users could use the application to “lie” or “hide things”, taking advantage of the trust other users place in the device and creating situations of false trust. Secondly, that LBSN could cause people to “start losing trust — losing trust between everyone, between your closest friends, your boyfriends, girlfriends”, and would make people “start questioning everything and everyone and get bitter and old and grey and home alone”. Therefore LBSN would discourage trust and create distrust between individuals. Finally, participants identified that LBSN would provide people with the ability to look “too deep, watching who is where and who is near, and infer little schemes or soap operas”, and contribute to “random social problems when someone looks up their boyfriend and there is some other person at their house”. Both the latter two comments, present scenarios where the user places greater trust in the device than the individual being monitored, and this shift in trust is the cause of the social problem.

D. Control

Participants commented that “lovers” or “parents” could use LBSN as a method of exerting control. In both proposed scenarios, the control was seen as a pre-existing element of the relationship, and LBSN as a tool for exercising control. Some control-related comments which were representative in the use of LBSN included: “control by a crazy lover”  “it is not about the children it is about having access to the children. About control.” One participant, as noted earlier, spoke about control with respect to owning one's space, and therefore owning one's personhood. This participant noted parental control in this context was a form of indirect control. They might not be telling you what to do, but they are keeping tabs on you.

E. Social Relations

Participants also commented on the effect of LBSN upon social relations. “It takes away from the social part of social networking; we are not communicating with each other we are… just viewing it and it is more of a pervasive thing or voyeuristic thing than a social thing” I “People might use it to avoid certain people as well.” It was noted by another participant however, that at the same time, LBSN could also be used to generate discussion.

F. Technological

Technological issues identified were related to perceived battery consumption, and whether the location tracking/monitoring technology would work indoors. Reliability and accuracy were also important factors discussed, as was whether all new mobile devices now had the feature built in and whether data charges applied to usage.

G. No Issues

Some participants commented that there were no issues with LBSN: “[t]he Google Latitude application is great, if you don't like the system you can deactivate it,” and “[n]o issues, if your friends location is secured to you, so long as you have the phone.”

Section VI. Discussion

People and relationships form the backbone of society. Pahl [20] describes friendship as a “social glue” that provides the fulfillment of the “need for belonging and ‘reliable alliance’ — that is, for a bond that can be trusted to be there for you when you need it” [3]. Research on social networking applications, shows that new technologies can have potential negative implications upon social relationships [21] and privacy [22]. Additionally, location based services (LBS) have social ethical implications [23]. Social networking applications have the potential to become an engrained and integral part of social interactions causing those who do not have the technology to be either excluded or succumb to the adoption of the technology [22]. A bad experience with a LBSN may not only impact an individual, but one's relationships, and more broadly one's ability to trust in others and in society more generally. One might ponder that having knowledge of where someone is all the time should in fact enhance trust, that there is certain predictability behind where a loved one physically is located or where they say they are located. However, technology is not perfect, it is not always accurate, it does not always work as it should, and there is no such thing as a perfect “location” system. Humans also require their autonomy, their freedom, an ability to make every-day mistakes without prying eyes [24].

A. Theoretical Importance

This research provided an investigation of the sociotechnical context of location based social networking technologies and applications in terms of “trust” and “friendship”. Such an investigation has several theoretical contributions. Firstly, it provides an understanding of the concepts of trust, friends and friendship within the context of information communication technologies, and social networking in particular. Secondly, it adds to the scholarship in the area of social informatics, providing an example of how social informatics as a theoretical framework can be employed to arrive at a holistic contextualized understanding of the operation of ICTs. Thirdly, it contributes to the limited scholarship on location based social networking with the view to continue the scholarly dialogue on the design, use and implementation as well as implications of the technology and ICTs in general.

B. Practical Importance

Trust and friendship are important aspects of society, and as such the implications of the use of technology upon these concepts are important from a practical as well as a theoretical perspective. The outcomes of this research can be utilized to inform the creation of policy, guidelines or legislation designed to curb the negative implications of the technology upon society. A recent paper by Grimmelmann [25] argued that although “policy makers cannot make Facebook completely safe… they can help people use it safely”, similarly this applies to the emergent technology of LBSN. The outcomes can also be used to educate individuals, and provide stimulus for a dialogue within the broader community about the implications and benefits of social networking and location-based services. Additionally, the designers of the technology can utilize this research by incorporating concerns or user requirements in new or existing applications.

Section VII. Conclusion

LBSN applications provide users with the ability to conduct real time social surveillance upon their friends, including the acts of real-time tracking and monitoring. This study, through the conduct of a social informatics investigation into LBSN, has identified the potential implications of use of LBSN upon relationships, including its critical effect upon trust. The potential implications can be summarized as security, privacy, trust, control, and an impact on societal relationships. The results from the focus group provided a broad view of the use, design, implementation and context of LBSN, and insight into the possible implications of use. The conclusion to be drawn from this study is the nuanced understanding of the operation of LBSN and its implications as well as the circumstances within which it will have a negative impact upon trust. In addition, this research identified that LBSN did present a credible threat to trust between “friends” and that LBSN applications need to be more robustly designed and implemented to reduce the evident potential for an individual user to suffer harm at the hands of another.


1. R. Kling, "What is social informatics and why does it matter?", The Information Society, vol. 23, no. 4, pp. 205-220, 2007.

2. K. Robert, K. Sara, "Internet paradox revisited", Journal of Social Issues, vol. 58, no. 1, pp. 49-74, 2002.

3. B. Misztal, Trust in Modern Societies-The Search for the Bases of Social Order, Cambridge:Blackwell, 1998.

4. S. Sawyer, K. Eschenfelder, "Social informatics: perspectives examples and trends", Annual Review of Information Science and Technology, vol. 36, no. 1, pp. 427-465, 2002.

5. R. Kling, "Learning about information technologies and social change: the contribution of social informatics", The Information Society, vol. 16, no. 3, pp. 217-232, 2000.

6. R. Kling, "Social informatics", Encyclopaedia of Library and Information Science, pp. 2656-2661, 2003.

7. R. Kling, "Social informatics: a new perspective on social research about information and communication technologies", Prometheus, vol. 18, no. 3, pp. 245-264, 2000.

8. R. Kling, L. Covi, "Electronic journals and legitimate media in the systems of scholarly communication", The Information Society, vol. 11, no. 4, pp. 261-71, 1995.

9. W. Orlikowski, "Learning from notes: organizational issues in GroupWare implementation", The Information Society, vol. 9, no. 3, pp. 237-50, 1993.

10. B. Kahin, J. Keller, Public Access to the Internet, Cambridge, MA:MIT Press, 1995.

11. G. Piccoli, B. Ives, "Trust and the unintended effects of behvaior control in virtual teams", MIS Quarterly, vol. 27, no. 3, pp. 365-395, 2003.

12. D. Mackenzie, "Introductory essay" in The Social Shaping of Technology, Philadelphia:Open University Press, pp. 2-27, 1999.

13. D. Morgan, Focus Groups as Qualitative Research, California:Sage Publications, 1996.

14. A. Gibbs, "Focus group research", Social Research Update, vol. 19, pp. 1-4, 1997.

15. R. Krueger, M. Casey, Focus Groups: A Practical Guide for Applied Research, California:Sage Publications, 2000.

16. P.S. Kidd, M. B. Parshall, "Getting the focus and the group: enhancing analytical rigor in focus group research", Qualitative Health Research, vol. 10, no. 3, pp. 293-308, 2000.

17. J. Kitzinger, "Qualitative research: introducing focus groups", British Medical Journal, vol. 311, no. 7000, pp. 299-302, 1995.

18. D. Druckman, Doing Research: Methods of Inquiry for Conflict Analysis, California:Sage Publications, 2005.

19. M.D. Gall, W.R. Borg, J.P. Gall, Educational Research: An Introduction, New York:, 1996.

20. R.E. Pahl, On Friendship, Wiley-Blackwell, 2000.

21. R. Gross, A. Acquisti, "Information revelation and privacy in online social networks", Workshop on Privacy in Electronic Society, 2005.

22. D. Boyd, N. Ellison, "Social network sites: definition history and scholarship", Journal of Computer-Mediated Communication, vol. 13, no. 1, pp. 210-230, 2008.

23. M.G. Michael, S.J. Fusco, K. Michael, "A research note on ethics in the emerging age of überveillance", Computer Communications, vol. 31, no. 6, pp. 1192-1199, 2008.

24. M.G. Michael, K. Michael, "Uberveillance: microchipping people and the assault on privacy", Quadrant, vol. 53, no. 3, pp. 85-89, 2009.

25.J. Grimmelmann, "Saving Facebook: privacy on social network sites", Iowa Law Review, vol. 94, no. 4, pp. 1137-1170, 2009.


Informatics, Social network services, Privacy, Accuracy, Context, Google, Batteries
social networking (online), Internet, mobile computing, social aspects of automation
qualitative approach, social implications, location based social networking, perceived positive impacts, perceived negative impacts, Web 2.0 platform, location based services, online social networking, focus groups, implications, location based services, online social networking, location based social networking,trust, friendship

Citation: Sarah Jean Fusco,  Katina Michael, M.G. Michael, Roba Abbas, "Exploring the Social Implications of Location Based Social Networking: An Inquiry into the Perceived Positive and Negative Impacts of Using LBSN between Friends",  2010 Ninth International Conference on Mobile Business and 2010 Ninth Global Mobility Roundtable (ICMB-GMR), 13-15 June 2010, Athens, Greece, DOI: 10.1109/ICMB-GMR.2010.35

Social-technical issues facing humancentric RFID implantees

Social-technical issues facing the humancentric RFID implantee sub-culture through the eyes of Amal Graafstra


Radio-frequency identification (RFID) tags and transponders have traditionally been used to identify domesticated animals so that they can be reunited with their owners in the event that they stray. In the late 1990s, industry started to investigate the benefits of using RFID to identifying non-living things throughout the supply chain toward new efficiencies in business operations. Not long after, people began to consider the possibilities of getting RFID tag or transponder implants for themselves. Mr Amal Graafstra of the United States is one of the first, and probably most well-known ‘do it yourselfer’ (DIY) implantees, who enjoys building customized projects which enable him to interact with his private social living space. Since 2005, hundreds of people have embarked on a mission to interact with their mobile phones, their cars, and their house via a chip implant, providing personalized settings for their own ultimate convenience. This paper presents some of the socio-technical issues facing the RFID implantee sub-culture, namely health and safety, privacy, security, regulation, and societal perceptions. The paper concludes with a list of recommendations related to implantables for hobbyists.

Section 1. Introduction

While some cultures embrace the practice of decorating the human body with tattoos and brands, others still perform the age-old art of scarification [1]. Of greater currency today however is the act of body piercing using a plethora of metallic materials, including titanium. Some have even opted to modify the body in outward appearance by using large subdermal or transdermal implants on their heads and forearms [2]. But beyond the purely cosmetic body modifications that some subcultures engage in [3], there are now techno-hobbyists who are transforming the manner in which they interact with their personal social living space through the use of functional high-tech devices known as radio-frequency identification (RFID) tags and transponders.

On the 22nd of March 2005, Mr Amal Graafstra was implanted with his first radio-frequency identification tag [4]. Anecdotal evidence from other do-it-yourselfer implantees agree that Graafstra has been a pioneer in this field, doing things “first” and also “better” than most other implantees meddling in the high-tech art. In the Beginning of 2006 Graafstra even published a book about the applications he had built [5]. Other high profile implantees [6], some of whom preceded Graafstra, include: Kevin Warwick (University of Reading academic) [7], Scott Silverman (CEO of VeriChip Corporation) [8], Rafael Macedo de la Concha (Mexico's Attorney General) [9], Dr. John Halamka (Harvard Medical School's CIO) [10], Gary Retherford (employee at [11], Mikey Sklar (a UNIX engineer) [12], Jonathan Oxer (a LINUX guru) [13], and Meghan Trainor (doctoral student and artist) [14]. This paper however is not concerned with professional “research-oriented” RFID implantees, such as Kevin Warwick, nor with consumers/customers who have been implanted with commercially available Veri Chip technology, nor with individuals who have used RFID for their artistic performances, such as Eduardo Kac [15]. Rather, this paper is concerned with understanding do it yourselfer (DIY) implantees who are usually technically-savvy citizens and are predominantly interested in novel convenience-oriented solutions. This paper focuses on the challenging socio-technical issues and questions that DIY implantees are faced with, related to health and safety, privacy, security, regulation and societal perceptions.

Section 2. Literature Review

A number of academic articles and book chapters have been published on the life and works of Amal Graafstra, including his own full-length book titled RFID Toys [5]. Graafstra featured in his own IEEE Spectrum article in 2007 [16] and several other academic works about him have been written between 2008 and 2009 [17], [18]. He has also figured in hundreds of popular stories in all forms of media-print, radio and television that have received worldwide coverage, e.g. [19], [20], [21], [22]. Most recently Fox News wrote about him [23] and the Discovery Channel interviewed him. While anyone in Graafstra's position would have probably commercialized their ideas by now, Graafstra remains content in pursuing things that are ‘fun’ rather than things which ‘make money,’ although he admittedly does have an entrepreneurial streak about him. Despite the attention, Graafstra remains level-headed, and it is clear upon speaking with him, that he is more about innovation than he is about becoming famous.

Section 3. Methodology

This paper takes on a non-traditional ICT methodological form in that it is written in two voices; Part A is written in the first person voice of Amal Graafstra where he describes events as a participant and Part B is written in the third person voice where Michael and Michael are relating events about Graafstra, and Graafstra is relating events about others. In 2007, Michael and Michael embarked on a full-length interview with Graafstra [24]. Some two years after the interview was conducted, the interviewers requested that Graafstra reflect on his own ideas and commentary as stated in the original interview transcript [25], and make amendments as he saw fit. Time is a very important element when one considers new radical technologies and applications, especially those that seem to evoke a great deal of interdisciplinary debate. Take the launch of the ENIAC in 1948 for instance, and the misconceptions that ensued [26], although few could have possibly predicted that such awesome machinery would find its way into humans.

In Part A, Graafstra’ s story is depicted “uncut”, and Michael and Michael do not interrupt the flow or stream of ideas but can be credited with evoking responses to questions that Graafstra is seldom asked. The usual media hype disappointingly focuses on whether Graafstra is the ‘devil’ and falls short of those all important philosophical questions about the future trajectory of technology. K. Michael has a background in information and communication technology (ICT) and law, while M.G. Michael has qualifications in philosophy, history and theology and has written on topics related to bioethics and the misuse of new technologies by society. The rich combination of backgrounds and experiences has brought about an interdisciplinary discussion between the three authors in Part B. It does not mean that the authors agree on all points, but new research should not necessarily bring about agreement, but debate toward further discussion. In some sense, this is what the IEEE ISTASIO Conference is about, respecting diverse opinions and looking at new technologies in an interdisciplinary manner that may help to shed light on future developments and how society is to absorb them.

3.1. Case Study: Amal Graafstra

According to Yin (1984, p. 23) a case study “investigates a contemporary phenomenon within its real-life context”. The case study in this paper is of a human subject, Mr Amal Graafstra. Graafstra can be considered a participant-researcher in this study while Michael and Michael act as independent observers of the subject within his real-life context.

3.1.1. Background

Amal Graafstra is the Director of Information Technology for OutBack Power Systems. He is the owner of several technology and mobile communications companies. Amal loves thinking up interesting ways to combine and apply various technologies in his daily life. A self-starter, Amal dropped out of community college and started his first company at the age of seventeen. The company was called The Guild, and it provided dial-up Internet access to customers, while small set-ups were still feasible.

Some years later, Amal started his second company Morpheus, which specialized in web hosting and web development. For some time the company did well, but as cheaper hosting services became available, it became more and more difficult to compete in the market. Amal then decided to rebuild Morpheus by supplying managed computing services to the medical industry. In parallel, Amal did some work for WireCutter, a wireless mobile messaging company that were involved in creating mobile marketing campaigns for various radio stations, sending SMS text messages to mobile phones. Graafstra decided to pour his heart and soul into the company he called txtGroups but this too was unable to make ends meet, and soon Twitter rapidly overtook txtGroups as a social text platform. His most recent employment is as the head of an information technology (IT) department where he enjoys creating novel and innovative solutions that enable the business to grow.

3.2. Interview

The interview conducted in 2007 between Graafstra (the subject) and K. Michael (the interviewer) was semistructured and contained 25 questions. The main themes addressed included:

  • Background (upbringing, schooling, qualifications, employment, age and place of residence)

  • Adoption of technology habits, value proposition for RFID implants, and prospects of commercialising intellectual property around humancentric chip implants

  • Motivations for going with an implantable technology as opposed to wearable or luggable device

  • Self-perceptions, whether he is a hobbyist or entrepreneur and what words, terms or phrases he uses to refer to himself (i.e. cyborg versus electrophorus)

  • Thoughts on implantation, who was to conduct the procedure, any barriers or challenges to overcome, and whether or not he had to ask permission to get the implant

  • Feelings on the actual implant process, how it made him feel, whether it was painful or painless and how he dealt with the aftermath of the implantation

  • Attitudes and perceptions towards the application of microchip implants in humans and ethical issues, discussed in terms of specific scenarios and stakeholders

  • Values on mandatory, voluntary, commercial and noncommercial and government-mandated humancentric applications pertaining to issues of consent, opting in/out

  • Views on the location of implantation, the type of tag that should be used, the durability of the tag, and its potential functionality

  • Experiences with Christians or civil libertarians who oppose his use of RFID and his counter-arguments to such notions as the fulfillment of prophecy/“mark of the beast”

  • Personal philosophical and spiritual perspectives

  • Knowledge on the prospect of RFID implant viruses spreading, relationship impacts, potential health risks and security breaches, and other general concerns.

3.3. Ethnography and Participant Observation

Graafstra was asked by Michael and Michael to write a reflection on the original transcript, in actual fact to take on the role of a participant observer. This reflection was integrated into the original transcript, forming Part A of this paper. The reflection remains ‘untouched’ save for changes in formatting and expression. These are the raw thoughts of Amal Graafstra, captured in an ethnographic style [27]: “[i]t is a distinctive feature of social research that the ‘objects’ studied are in fact ‘subjects’ … unlike physical objects or animals, they produce accounts of themselves and their worlds.” Michael and Michael have added relevant bibliographic sources to Part A, and in Part B the content from the original interview conducted with Graafstra is qualitatively analyzed to draw out anthropological and sociological orientations. It is here where the third person voice is used by the authors but where also, events related to Graafstra himself, are cited through direct quotation.

Part A-Participant Observation

In Part A, Amal Graafstra tells his DIY tagger story as a participant observer. He is both the object and subject of his narrative. Graafstra takes us on a tour of where and how it all began-his early interest in computing, in what he calls fun “projects”, and finally what led him to get an RFID tag implanted into his left hand in 2005. Graafstra then takes us on a journey of how he acquired his implant, and how it makes him feel to be a bearer of beneath-the-skin technology. He dedicates a great deal of space discussing health and safety issues relevant to RFID implants and concludes by emphasizing the importance for DIYers to take personal responsibility for their actions.

Section 4. In the Beginning…

Technology has always been an interest of mine. From a very early age I was doing what lots of other inquisitive toddlers were doing … tearing things apart out of curiosity and not being able to put them back together. I was intrigued with seemingly magical things. Wood blocks can only hold one's interest for so long. But a record player or a telephone, those things just held some kind of mystery that needed exploration.

It was not until third grade however, where two very unlikely set of circumstances occurred which introduced me to the boundless potential the world of computers had to offer. I had the privilege of going to a country school. It was literally nestled in a forest, the trees of which we would build forts in during recess. It was very small with only four rooms, one for each grade. Oddly enough, the third grade classroom had a PET computer in it - the only one in the entire school. It had no disk or cassette tape storage and no operating system, just a PET version of BASIC in read only memory (ROM). For the greater part, it sat unused in the corner, a simple and momentary curiosity for most… but not to me. I turned it on and got a simple flashing cursor. What could it mean? What does it want me to type? The mystery was just too great to resist, but without any book or instruction manual, or anyone who knew anything about it at the entire school, I did not get far at all and started to lose interest.

Luckily, that year the school started a new program called Reading Is Fundamental (R.I.F.), where each student was allowed to pick out and keep a free book twice a year. I loved choose-your-own-adventure (CYOA) books, and started picking through the piles to find all the CYOA books available. I noticed there were two books in my stack of potential keepers that said “Computer Programs” on the cover. As I thumbed through those two books I saw there was “programming code” for IBM and Apple II computers, and I wondered if the PET would understand any of it. I picked one out and brought it back to the classroom, and that is when the fun began. If either the IBM or Apple code had worked perfectly “as-is”, it may not have captured my imagination. The fact was, I had to ask for a PET programming book from the teacher, who did manage to track one down. With it, I could cross reference the code in the CYOA book with the PET BASIC book to make the code actually work. By the end of third grade, I was obsessed with the notion I could use a special language to tell the computer exactly what to do and it would do it. I felt like anything was possible! I immediately started begging my parents to buy a computer.

4.1. Technology and Having Fun

There is something special about the latest gadget that comes out or the next release of a fondly regarded software application. It is more than just being able to get a greater number of tasks done; it is also about exploring new possibilities. The creativity one can express through building solutions that work well and people use offers a sense of accomplishment and even pride. That building process might turn out to require creating an entirely new technology of some sort, but for most that process is about extending existing technologies in some way.

Typically, extending a technology is done through standardized channels such as software components, libraries, software development kits (SDKs), and application programming interfaces (APls). In the hardware realm one uses integrated circuits (ICs) with integrated functions, or entire original equipment manufacturer (OEM) hardware modules designed to be integrated into products. What I really love to do however is take an existing product and enhance it, sometimes using methods outside the typical channels. Some people might call that “hacking” but to me it is more about getting into the nuts and bolts of a product and making it do what you want it to do.

For example, I wanted to change out the deadbolt in the front door of my home to work without a key. I purchased an electronic deadbolt that worked with a key or by entering a PIN code by keypad. That was fine for a couple days, but the first time I had a handful of groceries and tried to enter the PIN code, I knew I wanted more. I wanted the deadbolt to unlock faster, without a key and without having to enter a PIN code. I just wanted it to know it was me and let me in, even if I had a handful of groceries. I ended up enhancing that electronic deadbolt to also accept RFID tags as a form of authentication. Later I expanded this idea further to allow a PC to log entries, allow me to set alerts, and even allow me to use other forms of authentication like email and text messages to unlock the door (great for letting neighbors in to check on your pets while you are away). There is no way I would be able to find a residential deadbolt that could do all that, let alone pay less than I did to build it myself.

4.2. Hobbyist or Entrepreneur?

I definitely have an entrepreneurial streak in me. I have started several service-based technology businesses and essentially worked for myself for 15 of the last 17 years or so. When it comes to RFID however, it's mostly just a hobby. I've done some consulting here and there, but when everyday people hear about my implants and the little projects I have built, they tend to ask me if I have any patents and/or plan to market some of these ideas.

The truth is most people have no idea what constitutes a good idea versus a patentable idea versus a marketable idea, or the amount of hard work and risk it takes to bring that little idea all the way to a market successfully. I have not had a good enough idea or met the right people yet with the business experience who could really take these things as far as they would need to go to be successful. Currently my now out-of-print niche market book RFID Toys has been the only commercial venture I have undertaken with regard to RFID, and for the time I have put into it I have basically made around $0.75 USD per hour. Not to mention the whole process was more stressful than it was fun. It seems to be a universal law that states “when you turn a fun hobby into a job, it usually stops being fun”.

So at this point I am much more content with running my little RFID forum, answering people's questions as best I can, helping to solve problems, and putting out some good quality examples others can use to get a basic understanding of hobbyist RFID.

Section 5. Getting the RFID Tag Implant

5.1. The Idea

When I think back to when I first heard about RFID implants, I was very young, perhaps seven or eight years old. I remember my mother telling me how pets were getting these new computer chips and that she did not think it was right. She, and basically everyone I grew up around, thought these things were evil and they would end up controlling humanity via satellite. I remember trodding around in the back yard contemplating the end of civilization as I knew it because of these “horrible devices”. I did not doubt that point of view or those technological misconceptions for quite some time.

The thought of RFID implantation did not resurface until years later when I was faced with the decision of whether or not to implant my own pets with a “tracking chip” (a term still used by vets which does not help dislodge ever-prevalent misconceptions about RFID implantation). By then though I was much more sensible about my approach to technology, and I thoroughly annoyed the veterinarian by asking a ton of technical questions he could not answer. After doing more research (without the aid of a content rich Internet in the early 90s) and really looking into how it worked, I had my pets implanted and I came away with a much better understanding of what the technology could and could not do.

Over a decade later, in March 2005, I found myself moving heavy equipment in and out of my office almost every day. My office door had one of those latches that locked every time it closed, and I really hated having to fish around for my keys all the time. That got me thinking about how archaic the idea of a standard metal key really was. A key is nothing more than a hunk of metal, cut with a certain pattern that identifies me as “authorized”. The typical key and lock system is also lock-centric, meaning the lock is the unique bit and each key that accesses it has to be duplicated from that unique key pattern. Once a unique key pattern is duplicated and distributed, tight control over that lock is essentially lost. I wanted a key-centric solution, meaning each key would be unique and that unique key could be used with various locks. Being unique myself, ideally I wanted that unique key to be me.

I started looking into biometrics, things like face recognition technologies and fingerprint readers. The problem I ran into was the fact that these solutions, when done the right way, were very expensive and resource intensi ve to implement. At the time, there were also serious and valid concerns over the security and reliability of biometric solutions. Also, because I would need to put the camera or fingerprint reader outside, I was also concerned about vandalism. At the time, there were not many reliable biometric options rated for outdoor use that could tell the difference between my real face and a picture of my face, or my fingerprint versus a latex glove fingertip filled with water pressed against the sensor where the remnants of my own fingerprint left on the sensor would betray me. However, I did find a variety of very inexpensive RFID readers, and writing my own software to work with them was a no-brainer. The only down side to RFID was the fact I had to carry around an access card. That got me thinking about pet implants again, and I realized I could get the benefits of RFID without having to carry around anything.

5.2. The RFID Tag Acquisition

The first thing I did was look into getting an actual pet tag implanted, but there were a few issues with pet tags. I discovered there were many different kinds of RFID, and they did not all play well with each other. As it turned out, I could not find any cheap readers that would read the pet tags, and nothing really existed in the OEM hardware space which would have allowed me to easily integrate the pet tag into a custom built access control solution. Another issue was that pet tags have a special porous “anti - migration” coating on them that is designed to allow flesh to grow into and lock the implant in place, making removal or replacement nearly impossible.

There was another option for RFID implantation; the Veri Chip. I had already heard about how the Food and Drug Administration (FDA) had approved the VeriChip for implantation into humans, but the Veri Chip had the same issues pet tags had. Hardware options were very limited and expensive, and the tags also had anti-migration coating on them. I also found out that you must be registered in the Veri Chip database to receive one of their implants, which I had issues with considering my goals and intended uses were all private in nature.

Left hand with EM4102 implant and USB reader

So, I figured I would just start with a basic keycard system and find some cheap RFID readers that were easy to interface with or were designed as OEM hardware I could easily integrate into my project. I found several reader options that read EM4102 based tags, so I started looking around for RFID tags based on the EM4102 chip. What I found just about made me jump out of my seat. I found a website that sold EM4102 based RFID tags that came in a glass ampoule form factor just like the pet tags! In addition, these did not have any coating on them. I immediately ordered the reader hardware and a few glass tags (figure 1).


While I waited for the equipment to arrive, I started calling tag manufacturers to find out what differences there might be between the glass tags I ordered (which were not designed for implantation) and implantable pet and human glass tags. It turns out there were only a few insignificant differences, the first of which was that tags did not have the anti-migration coating on them. Second, the EM 4102 based tags did not use the International Organization for Standardization (ISO) animal implant data protocol, which I did not care about either. Finally, they were not manufactured or sold as sterile equipment. After several difficult conversations with various manufacturers, I found out the glass used in the tags I ordered and the animal (pet/livestock/human) implantable tags were the same stuff. That was good enough for me, so as soon as the tags arrived, I was arranging my first implant procedure. At the time I was running a managed computing service designed for medical clinics and had several doctors as clients. Once I confirmed the glass tags worked, I scheduled the implant procedure with one of my clients, a cosmetic surgeon, and started building projects. At the time, I did not tell anyone that I was scheduled for an implant procedure, partly because I was so busy creating my first access control project and partly because at the time I did not consider getting an RFID tag implanted in my left hand to be that novel of an idea. A couple days later after a five minute procedure my left hand was RFID enabled and I had a basic access control system built for my office door.

5.3. A Cyborg or an Electrophorus?

People often ask if I feel any different now, or if I can feel the tags under my skin. Over 5 years later, the answer to both questions is no, not really. I do not feel any different, nor can I feel either implant unless I physically poke one with my finger. In fact, I often forget they are there until I have to use them.

At first it was kind of weird though, and during times of boredom I found myself mindlessly poking at them and feeling the implants under my skin. There was this kind of this cool factor to using them. I would put my hand to the front door and it would unlock, and people would be like “What!? Hold on … what just happened?” and at the time I kind of did feel like a cyborg of sorts.

But over time, the novelty wore off, and now they are just the useful tools I always wanted them to be. Even the interesting conversations I used get into with people regarding safety, security, privacy, religious concerns, and the future of the technology itself now tend to be redundant and repeat themselves constantly. Even my definition of what a cyborg is has changed.

The well-known Professor Kevin Warwick underwent the first human implantation of an RFID tag long before I even thought about doing it. He called that project Cyborg 1.0, which captured both headlines and imaginations. My definition of cyborg is a bit different however. A person with a cochlear implant or even a pace maker, those people are truly mixing technology with biology to become a cybernetic-organism (cyborg). What I have done is simply move an RFID tag from my pants pocket to a skin pocket. There is no biological interaction, and to me that interaction is what defines a cyborg. Michael and Michael [28] distinguish between what is traditionally considered a cybernetic-organism and DIY implantees who are merely “bearers” of technology (i.e. an electrophorus). I think that it is a good idea to have a term that separates us from cyborgs.

So why even bother with implanting a tag in the first place? A lot of people also ask me why “take the risk” putting it under my skin? Why not wear a watch or ring or something with a tag in it? The simple answer is-I won't wear a watch or a ring for very long without losing it. It would be like wearing a backpack everywhere you went; you would just want to take it off all the time due to it being uncomfortable. When I looked at what was possible with glass encased tags and the history these types of RFID implants had with pets, I really did not think twice about getting one implanted. Not to say that I did not do my research first [29], but the actual decision to get a tag implanted was made in a matter of seconds, and I have never regretted it.

Section 6. Is Implanting an Rfid Tag in the Body a “Safe” Practice?

Safety is a big issue, and is still a concern for every do-it-yourselfer (DIY) tagger that is considering or has already undergone an implantation procedure. Given DIY tagging is done through the sheer will of one's own accord, every tagger must take full responsibility for their decisions and actions, their health, safety, and the ultimate outcome of their RFID implantation endeavors.

Table 1. Primary safety concerns for DIY taggers

As the DIY community grows, and more people get non-FDA approved glass tags implanted in non-FDA approved locations, so too the concerns over the safety of RFID implants will grow (Table 1).

6.1. Sterilization

A common method for sterilizing medical equipment is to place it into an autoclave, where heat and pressure destroy any pathogens. The temperature reached inside an autoclave however, is well above acceptable operational and storage specifications for most RFID tags. Due to this, I did not autoclave my glass tags. Both my implants were sterilized by soaking them in a liquid antiseptic for a few minutes before the implantation procedure. As others learnt of what I had done and expressed interest in getting a RFID implant, I suggested they avoid using the autoclave to sterilize their tags as the heat may damage them.

I later performed a test, placing five 2×12mm EM4102 based glass tags in an autoclave for a full one hour cycle. All five tags came out sterile and in working order. On the RFID Toys forum, other users reported similar success with the autoclave and EM4102 tags, leading me to now suggest purchasing at least two tags and putting them through the autoclave prior to implantation. Of course, testing the tags after the sterilization process and before implantation is strongly suggested.

I believe read-only EM4102 tags are able to withstand the high temperatures of the autoclave because the IC chips typically have their unique IDs laser etched into ROM at the factory. Other tag families such as the Philips HITAG with writable memory blocks may not fare as well with such high temperatures, and significant damage to the writable blocks may occur.

6.2. Location

For his Cyborg 1.0 project, Professor Kevin Warwick decided to implant a glass encased tag into the upper inside of his left arm, beneath the inner layer of skin and on top of the muscle [31]. The location seemed to offer a safe haven for the fragile glass casing. Nine days later the tag was removed without complication.

Unlike the typical VeriChip or pet identification applications where a handheld reader is brought in close proximity to the implant, I use my implants in applications where the tag must typically be brought to a fixed reader. Because the normal operational range of small cylindrical glass tags is anywhere from one to four inches, I chose to implant both my tags (one in each hand) into the webbed area between my thumb and index finger, just under the dermis layer. This location allows me to easily position my RFID tags very close to a reader, while still providing an amount of soft tissue to cushion and protect the tags from blunt force impact. Being just under the skin and not in muscle tissue also allows for easy removal or replacement. Most, but not all, DIY taggers have chosen the same location for their implants.

6.3. Migration

Glass encased RFID tags which are designed for implantation in animals or humans typically have an anti-migration coating of some sort affixed to the glass casing. This porous material allows the implantee's flesh to grow into the material which stops the tag from moving around in the body.

The primary purpose of keeping the glass RFID tag located at the selected implantation site has more to do with consistency and ease of use than potential health risks. Veterinarians need to be able to reliably scan the same area on every pet to determine if the animal has a microchip. If tags were able to migrate from their implantation site, vets may fail to successfully scan and identify a tagged pet. In the case of tagging livestock, you do not want to accidentally have a tag migrate into a piece of meat that ends up on the consumer dining table or in scrap pieces of carcass which may be rendered for a variety of food chain-related uses.

Like myself, the DIY tagger community has taken to using glass tags which are not designed for implantation, and as such do not utilize this coating. The lack of coating allows tags to be removed or replaced much more easily than if they had this coating, and after five years neither of my tags have migrated from their implant sites. This may be due to the fact that my tags rest in congruous elastic skin tissue rather than fibrous muscle tissue which is bundled into separate strands that an implant could move between.

6.4. Structural Compromise

The thought of a glass capsule being crushed into small sharp shards while it is still inside one's body does not produce feelings of excitement or enthusiasm. Concern over the structural resilience are warranted, since the cylindrical glass capsules encasing the RFID tag's electrical components (IC, antenna coil, etc.) have very thin walls and are easily crushed using common medical instruments like forceps.

The FDA initially considered the Veri Chip as a class II device which requires special control testing [32]. However this testing did not include any sort of structural integrity test. No crush/penetration tests were performed, and key factors such as lateral stress or compression limits. are unknown. Later, the FDA reclassified the Veri Chip [33], placing it in the type III group of devices which has even fewer controls. The health risks specifically identified in the K033440 reclassification include [34]; adverse tissue reaction, migration of implanted transponder, failure of inserter, failure of electronic scanner, electromagnetic interference, electrical hazards, magnetic resonance imaging incompatibility, and needle stick. No mention of glass casing fracture or structural compromise.

After five years using my own implants and talking to many DIY taggers who have followed suit, I have not heard of anyone having any issue with crushed or compromised tags. Still, the concern is valid, and the choice of implant size, location, orientation, proximity to bone and other inflexible tissues all play a role in avoiding structural compromise.

6.5. Removal and Replacement

At the time of this writing, I have not observed any accounts of DIY taggers getting their implants removed or replaced. However, the implantation of glass tags that do not make use of a polypropylene polymer based anti-migration coating should enable the tags to remain detached and separate from the body, making removal easier.

Rather than implanting tags deep into muscle tissue, which would require invasive surgery to locate and remove, DIY taggers tend to prefer shallow implantation just under the skin. This reduces both the complexity of locating and the size and nature of the incision required to remove the tag. It also means the body is less prone to inflammation and infection-related side effects.

6.6. Cancer Risk

What started off the recent cancer discussion surrounding animal identification RFID implants was a paper published about a French bulldog who received an RFID “pet microchip” implant in September of 2003 at age 9. In April of 2004 he was examined and found to have a “lump” at the implant site [30]:

“[o]n April 2004, Leon, a 9-year-old male French Bulldog, was examined by the referring veterinarian, based in Guelph, Ontario (Canada), for the sudden growth of a subcutaneous 3×3-cm mass located on the dorsal midline of the neck, just cranial to the shoulders. The dog was regularly vaccinated against the most common canine infectious diseases and rabies, and was micro chipped (Indexel, Merial, Lyon, France) in September 2003.”

This news spread quickly, and older studies were dug up revealing similar links in laboratory mice and soon the firestorm was in full swing. I started getting all kinds of concerned emails from DIY taggers, media interview requests, and more hate mail from concerned members of the public. After reading the studies however, it became clear to me that the risks were not as exaggerated as the media and RFID critics made them out to be.

For example, many articles citing the above-mentioned study claimed the French bulldog “had a giant tumor surrounding the implant” and that the dog had died “an untimely death” from that cancer. Upon simply reading the paper I found both those assertions were false [30];

“The microchip was found, not embedded within the tumor, but immediately adjacent to it, surrounded by a very thin fibrous wall (approximately 1 mm thick) and some fresh hemorrhage.”

Reading further I found [30];

“After surgery, the dog was not vaccinated or microchipped again. Up to now, the dog is well, and no recurrence has been observed.”

So basically the dog was doing fine two years later when the study was published in 2006, and the paper calls out various other possible causes such as postinjection fibrosarcoma (a well-known pathologic entity) characterized by inflammatory peritumoral infiltration, multinucleated giant cells, and myofibroblastic cells.

The plainly published facts did not seem to matter though. Both mainstream media and RFID critics alike jumped all over the academic paper and dug up other studies from which to pull completely out of context findings. However, other papers cited within that French bulldog study do point out implants which were embedded in the center of neoplasms. So what is going on here? I started looking into other studies after visiting sites like [35] publishing statements like the following:

“[i]n almost all cases, the malignant tumors, typically sarcomas, arose at the site of the implants and grew to surround and fully encase the devices. These fast-growing, malignant tumors often led to the death of the afflicted animals. In many cases, the tumors metastasized or spread to other parts of the animals. The implants were unequivocally identified as the cause of the cancers.”

The bottom line for myself and other DIY taggers was simple: should we be concerned about this? For the most part, what I found after digging into many of these studies was that these laboratory mice were either genetically prone to cancerous growths or subjected to radiation and/or chemical carcinogens in an effort to intentionally stimulate cancerous growth. So now the question becomes, what would cause cancer to grow around an implant? There could only be two things; the glass used to encase the RFID tag or the anti-migration coating used to lock the implant in place in the flesh. In both instances more research is needed, however it is my personal opinion that the porous coating will likely be revealed as the leading factor in stimulating cancerous growth in the area immediately surrounding implantation sites in predisposed specimens.

6.7. Taking Personal Responsibility

While I believe everyone today needs to take a bit more personal responsibility when it comes to the decisions they make, for a DIY tagger this is especially true. A draft DIY tagger code is depicted in Table 2.

Table 2. DIY tagger code

Part B-Socio-Technical Issues

In Part B, Michael and Michael relate events about Graafstra, and Graafstra relates events about others. The whole Part is written in the third person voice. Where direct quotes are used, Graafstra's sentiments and interview responses are captured verbatim. In this part the main socio-technical issues facing RFID implantees is discussed, including security, privacy, data ownership (personal versus commercial), social issues (e.g. religious responses and socio-political concerns), law and policy. Due to space limitations the authors do not go into great detail in each of the socio-technical issues addressed, rather, this remains the aim of a future work-in-progress. Part B concludes by acknowledging the role of all the stakeholders in the feedback mechanism towards social innovation.

Section 7. RFID, Implantees and Security

RFID is a very broad term that encompasses a plethora of technologies that are all designed differently but do one thing; identify something via radio frequency (RF) communication. That includes everything from the World War II identification friend or foe (IFF) systems to implantable tags to RFID enabled credit cards. As recent as 2006, the United States Department of Homeland Security (DHS) was debating the use of RFID for humans. In reports [37] and [38], it is clear that while one DHS full committee found that deployment of RFID for human identification should be done with caution, the second report by a subcommittee ruled that the practice was inappropriate [39]. The recommendation by the DHS subcommittee read [38]:

“[t]here appear to be specific, narrowly defined situations in which RFID is appropriate for human identification. Miners or firefighters might be appropriately identified using RFID because speed of identification is at a premium in dangerous situations and the need to verify the connection between a card and bearer is low. But for other applications related to human beings, RFID appears to offer little benefit when compared to the consequences it brings for privacy and data integrity. Instead, it increases risks to personal privacy and security, with no commensurate benefit for performance or national security. Most difficult and troubling is the situation in which RFID is ostensibly used for tracking objects (medicine containers, for example), but can in fact be used for monitoring human behavior “For these reasons, we recommend that RFID be disfavored for identifying and tracking human beings. When DHS does choose to use RFID to identify and track individuals, we recommend the implementation of the specific security and privacy safeguards …”

Many RFID technologies are insecure by design, or employ weak or flawed encryption methods. However, that is not to say that an RFID system using an insecure RFID technology is itself insecure by default. Despite the early 2006 findings of the DHS reports, there are U.S. RFID-based schemes which are now in widespread use. Graafstra points to the “trusted traveler” RFID-enabled NEXUS card as an example [40]. The NEXUS card is a U.S. government issued travel card that has an ultra high frequency (UHF) RFID tag inside, which does not employ any encryption technology. Any Generation 2 (Gen 2) UHF reader can read the unique code stored in the tag. The RF technology used by the NEXUS system is insecure, but the NEXUS system that allows one to travel across various borders is not inherently insecure, so one's identity is theoretically not at risk. Graafstra elaborates: “[t]he Gen 2 ID stored in my card is a unique number, but that number in no way gives up any information about me to an attacker who may be able to read it-it is just a number. The systems that link that ID number to actual important information about me are secured in far superior ways than the systems that store your library card account, or in some states, even your dri ver license information.”

Like NEXUS travel cards, the VeriChip medical implant does not employ encryption in any way. Any passive 134 kHz reader capable of understanding the VeriChip data protocol can read the ID of any VeriChip implant. Even though these IDs are tied to medical records, the ID itself is useless to a random attacker because access to those records also requires both access to a medical network and a health professional's account password. Systems that employ encrypted RFID tags have, in the past, relied heavily on the crypto algorithms in the RFID tags themselves to secure the system in which RFID technology was integrated into.

Graafstra uses the example of ExxonMobil's pay-at-the-pump SpeedPass system and the many vehicle immobilizer systems that make use of the 134 kHz TI DST tag, which secures communication through a challenge/response mechanism. The problem with these systems Graafstra outlines is that because they do not possess any other security mechanisms outside of the RFID tag's encryption, the systems are vulnerable to fraud by cracking the encryption algorithm used by tags to generate proper responses to the challenges issued by commercial readers. Once the DST tag crypto had been cracked [41], ExxonMobil had to redesign their SpeedPass payment system to implement credit card style fraud detection to detect and prevent fraudulent transactions. Other tag chipsets that employ encryption mechanisms like MiFare and HIT AG S have also been compromised, leading systems designers to rethink security and start balancing RFID encryption with other security mechanisms.

Graafstra points to the fact that his left hand contains an EM4102 tag, which by design does not utilize any security measures. The tag ID is readable by any 125 kHz reader able to understand EM4102 tags and get close enough to read the tag. He comments, “[e]ven so, I use that tag to unlock my back door when I get home from work. Many would argue that my home is completely insecure because my implanted tag is not secure. I do not disagree, but I also do not believe that I am at any greater risk of home invasion as a result.”

7.1. Security Context

Quite often people think security is a pass/fail scenario. Either something is secure or it is not. In reality, a security policy is a collection of systems, methods, and procedures that protect an asset by removing enough value and/or applying enough deterrence that a potential attacker will not even bother or quit trying. To get to the heart of the matter, you have to start with the premise that nothing is truly secure. If there is enough desire, determination, and resources available to an attacker, they will eventually succeed.

The inherent lack of encryption in many RFID tags impacts DIY taggers building personal use applications differently than it does commercial enterprises like Veri Chip, ExxonMobil, and VISA/MasterCard with their public use applications. Graafstra argues that despite the fact that he uses an insecure RFID tag to unlock the back door of his house, if a random attacker were to get close enough to read the ID of the EM4102 tag implanted in his left hand, they would not have any way to derive his identity (e.g. name), his home location (e.g. where he lives), or his phone number. This is however discounting the simple fact that one can be covertly followed in a public space. Graafstra believes an attacker intent on entering his home would generally use more mundane approaches such as breaking a window, than going to the effort of a technical approach. Graafstra's observations are quite correct, for the time being, until more and more DIY taggers start to rig up their personal living spaces with readers.

7.2. Designing with Security in Mind

7.2.1 RFID Cards in the Corporation

Assuming the encryption algorithms used by “secure tags” today have been or will soon be cracked, system designers need to shift from exclusive reliance on tag encryption and incorporate other features to make their systems more secure. Starting with the RFID tag itself, several businesses integrate RFID access control tags with their employee name badges. These can be constructed with a simple push button membrane or switch that connects the RFID antenna to the tag IC. Graafstra recommends that given the user already has to handle their name badge in order to place it close enough to a reader to get a valid read, why not require a simultaneous press of a switch while doing so? For Graafstra, such a simple design change would eliminate almost every possibility for a non-consensual read by malicious users.

Access control systems can also be designed with more intelligence than they currently possess. Graafstra relates the following scenario with respect to physical access control to a corporation. Assume Dave of XYZ Corp has been the victim of a malicious card scan. The attacker intends to emulate Dave's card ID to gain access to the building by mixing in with the morning rush of people. Dave enters the building first, and then the attacker enters five minutes later. Dave goes to his desk by way of the elevator and a couple of other security doors where his badge is used. The attacker takes a different route to his target, using his emulated Dave badge. The system should be able to recognize the odd access pattern through validation and alert security, possibly offering up an employee photo along side a time stamped video of the various RFID access events. Security personnel could then quickly determine if there was an attempted security breach they needed to address. If so, they could lock down Dave's badge so it no longer functioned, and even set up real-time mobile alerts to tell roving security guards if and where the badge was trying to be used. In theory, Graafstra is correct, system designers for the greater part are not thinking foolproof security blueprints but the reality is that budgeting and security staff resourcing would possibly not allow for such sophisticated security interventions; detection is one thing, acting on an email or mobile alert is another.

7.2.2. RFID Implants and Diy Tagger Protection

Graafstra has spent a great deal of time thinking how DIY taggers could protect themselves from what he terms “casual” security attacks. He has documented his solution as follows. Using the read/write memory blocks that many types of tags have is a good way to increase both the risk and the amount of effort an attacker would have to exert in order to successfully execute an attack. For example, the HIT AG S 2048 tag in his right hand uses 40 bit encryption to protect the contents of its 255 byte read/write memory blocks. The 40 bit encryption will not stop a serious attacker but it will diminish the casual attacker's ability.

Graafstra elaborates in detail: to enhance the security of a system, the memory space can contain a pseudo-random rotating hash which is used in conjunction with the tag's read onl y unique serial number to confirm authorized entry. The hash is generated based on a secret key that only your system knows, coupled with an incrementing counter used to salt the hash. When the hash is read, the system uses much more powerful encryption algorithms to calculate and match the hash stored on the tag than the tag itself is capable of utilizing. The counter value is derived and checked against the system counter to ensure the encrypted hash is correct for the tag IDand to ensure the counter value is moving forward and not staying still or moving backward. Upon successful authentication, the counter is updated and a new hash is written to the memory blocks. If an attacker were able to break the 40 bit encryption to gain access to the memory contents, a successful attack is still orders of magnitude more difficult to pull off than plainly emulating an unencrypted tag. Also, a successful attack would provide a very small window of opportunity as any use of the original card would invalidate the cloned tag's counter/hash combination.

Section 8. RFID Implantees and Privacy

8.1. Misconceptions About RFID Technology

There are a lot of misconceptions in the general community about how various RFID technologies work, prompting unfounded fears of global positioning system (GPS) satellites tracking embedded tags and implants. This is not to say that in the future RFID tags will not be able to interface with a number of different mobile technologies but for now this kind of global tracking is unavailable. And this not because it is not technically feasible to do so, but rather because large-scale agreements have not yet been entered into between a variety of stakeholders.

Active RFID tags can transmit data very long distances, anywhere from a few feet to 10 miles or more, but they use battery power to do so and are bigger and bulkier than passive RFID tags. Inversely, passive tags like those used in retail inventory applications and glass encased implants are typically smaller. They do not have internal power sources, and can generally communicate with readers from only a few inches to a few feet away depending on chipset, size, and frequency used. Certain experiments have shown, under ideal conditions, that passive UHF tags can be read from several hundred feet, but those are special test cases not practical real-world scenarios. Even so, the prevalent fear amongst every day consumers is that, somehow, carrying an RFID tag of any kind will allow “them” (e.g. government agencies) to track your every move.

Today, people's activities are logged constantly. From every non-cash purchase you make to every RFID “fast pay” toll booth archway driven under to every phone call made, something somewhere is logging that activity. Graafstra points out the potential for data mining through a variety of sources, emphasizing that “[n]obody is upset about this type of information gathering as they are about RFID technology … [and that] the backlash from specific segments of the public seems to center on embedded tags, whether they are embedded in clothes, in driver license cards, or people's bodies.” For Graafstra, the stated concerns indicate people believe RFID is capable of more than it really is, and that those perceived capabilities culminate as fear of massive privacy invasion on an unprecedented scale.

8.2. Some Consumer Concerns Warranted

Although Graafstra does acknowledge that some consumer concerns with respect to RFID are valid, he believes the concern is misdirected at the technology itself rather than on human factor issues, e.g. consent. He emphasizes that unobtrusive reads amount to privacy problems, and that to some extent history has already proven that this is a valid concern. Clothing manufacturer Benetton, for example, was found to be embedding RFID tags into women's garments in an effort to quickly identify past customers as they walked into their storefronts [42]. Graafstra also singles out the idea of function creep, inferring that consent given for one use may be extended at a later date as the application grows. People who have to travel over toll roads and bridges may opt to use an RFID tag permanently affixed to their windscreen for automatic payment may find that the terms and conditions they originally signed up for have changed, and in some instances without warning. For example, some state governments collect data from RFID tollway tags to monitor traffic patterns on their roadways without notifying users. Furthermore, logs of which tags passed what checkpoint at what time are kept for undisclosed periods of time and log data could potentially be shared with an unknown number of requestors. Graafstra questions whether the next step will indeed be to issue speeding fines based on how fast people have traveled from checkpoint A to B.

8.3. RFID Tags: Personal Versus Commercial Use

Now let us take a hypothetical look at RFID privacy in a hostile environment, and the differences between personal use and commercial use contexts. When you sign up for a commercial service that utilizes RFID in some way, you surrender your personal information which is tied to that unique tag ID. Assuming the company does not share your tag ID or your information with any other person or company, your information is still associated with that tag ID and could be used to violate your privacy through nonconsensual reading of the tag. The problem gets worse if that company sells or shares that data with other companies or people.

In a personal use context, you never surrender your personal information to anyone, and your tag ID is in no way associated with you. The best any snoopy corporation or government could do would be to aggregate non-identifiable data together to determine patterns of anonymous tag IDs. Of course, there is always the concern that associations could be made through other means. For example, suppose a checkpoint was set up that could read a large cross-section of tags from RFID enabled credit cards, access cards, various tag types in UHF, high frequency (HF), and low frequency (LF) frequency ranges, etc. A properly read and decrypted RFID credit card will reveal the cardholder's name, and if other tag IDs always showed up in logs when “Dave's” unprotected RFID-enabled credit card did, then one could assume that all those RFID tags resided in Dave's wallet with his credit card. While this fact may be disconcerting, Dave can still take measures to protect himself, by choosing to shield his tags and cards [43], or even leave them at home. But what about implanted RFID tags? Leaving those at home is not possible and shielding them could be socially awkward (always explaining why you're wearing tin foil gloves), even though increasingly sentinel jackets are coming onto the market.

Implantable tags like VeriChip which are sold to the public for use within commercial systems do present different privacy challenges than the glass tags implanted by DIY taggers. A commercial system means uniformity when it comes to things like implant location, type of chip, data protocol, and frequency. Since the implant location is common to all users (e.g. in the case of the VeriChip it is the triceps muscle of the right arm), Graafstra believes that a simple reader can be set up at typical arm height in a doorway to casually capture tag IDs from passers-by. With enough people using a common system and enough readers placed in enough doorways, unique traffic profiles could be created for each tag ID much more easily.

Section 9. RFID Implantees and Society

9.1. PET and Animal Identification Systems

Whether people like to admit to it or not, society today is full of RFID tag and transponder technologies embedded in buildings, in vehicles, in packages, in clothing, in animals, and in people's wallets. This diffusion will continue to grow annually with predictions that 26.1 billion units will be sold in 2011 alone [44]. Passive RFID tags designed to be implanted into animals have been around since the early 1980s. After being widely tested by several companies in the early 1990s (such as Destron's LifeChip [45]), the number of pets with implanted RFID tags has skyrocketed as local councils and state governments move to make the chipping of domesticated animals compulsory [46]. To date this practice, above all else, has done more to raise public awareness of the positive applications of implantables than any other use of implantable RFID tags.

Today RFID tags, both passive and active, are used to keep tabs on everything from pets to livestock to wild animals on land, in the air, and in the sea. Graafstra notes, that the U.S. Fish and Wildlife Service uses “microchipping” in its research of wild bison, black-footed ferrets, grizzly bears, elk, white-tailed deer, giant land tortoises and armadillos. New developments in sensors, RF, and power harvesting technologies are also leading the way to “implantable” RF enabled sensors embedded into trees (e.g. orchards). These “tree tags” relay information about the health of the tree, the surrounding forest environment, and raise an alarm in the event of a forest fire [47].

9.2. Is it Hip to Get the Chip?

Since Michael and Michael began their research into non-medical ICT implantables in the mid-1990s, they were preoccupied by the question of diffusion, and predominantly the notion of who influenced whom within the context of an actor network. For example, who was the first DIY tagger implantee? What inspired them to get an implant? How did they come to know of other implantees? When Graafstra received his first implant, he knew he was not the first. Professor Kevin Warwick had long since completed his Cyborg 1.0 project, and VeriChip had received FDA approval and was already implanting customers. Graafstra believes what he embarked on in early 2005 created such a media interest because he got the implant on his own accord, and he self-reported it all using photographs and video via the web. He also was comprehensive in his documentation of what he planned to do with his implant, and quickly demonstrated its functionality. Finally, he also believes implanting a RFID device in the hand, and not in the upper arm, sparked more intrigue and inquiry.

Since that time Veri Chip (now PositivelD [48]) have been marketing their products, and to date allegedly have between 1000 and 2000 people registered in their medical implant database, although some estimates are much lower and some much higher. The size of the DIY community is, by its very nature, unknown. Yet shortly after news of Graafstra's implant became public, he was contacted by lots of members from the general community who wanted to know how to obtain an implant themselves. Graafstra is frank, when he states: “today, anyone can buy glass encased RFID tags and watch self-implantation procedures online, and then go to their local piercing shop to get it done”. One is left pondering, however, whether DIYers are engaged in the act of blueprint copying or idea diffusion, and the repercussions that this might have on how RFID implants are utilized in the future. Jared Diamond describes blueprint copying as the act of copying or modifying an available detailed blueprint. At the opposite end of the spectrum lies idea diffusion, which is when one receives little more than the basic idea and has to reinvent the fine details [49].

Graafstra estimates there could be roughly 200 or 300 DIY taggers around the world who have opted to get a non-commercial RFID implant. Graafstra is reflective, that while he does not know the exact number of DIYers, he does know (or at least understands) the inner motivations of some DIYers to get an implant is less than technical. He said:

“I've been contacted by 16 year old kids who have had to wait until they are 18 to get this done due to - what I think are - valid parental concerns. On my RFID forum, I have repeatedly suggested that it is not worth taking even a minor health risk to get this done if you do not really know why you want it and what your goals are once you have it. Even so, when I asked a couple of these kids why they wanted to get an implant and what they were going to do with it, in both cases their responses were something along the lines of “because it's cool” and “I'm not sure what I'm going to do with it”. I have also been contacted by body-madders who, after getting their fifteenth cosmetic subcutaneous silicone implant, wanted something different … something that was actually functional in some way, even if they did not have any plans to actually use it.”

However most DIY taggers tend to view their implant as a utilitarian tool to be used in daily life with projects they have built themselves. In this loose-knit community [50] of practical DIY taggers, one could argue it is actually “hip to get the chip,” even though the best place for it is unanimously the hand!

9.3. RFID Implants for Families: Peace of Mind?

When considering the applications that Applied Digital Solutions were marketing in 2003, and those that were subsequently marketed by the VeriChip Corporation, Graafstra circumspectly calls the “brochureware” confusing from a marketing perspective at least. For Graafstra, any sort of communication that misleads the public about pinpoint location positioning via the RFID chip is widely fantastical and utterly disappointing. He does not understand, how on the basis of a commercial vision, the Mexican Attorney General allowed himself and some of his staff to be Veri Chipped with an “anti-kidnapping chip”. Parents, like that of Jeffrey and Leslie Jacobs were also lead to believe, probably through mainstream public misconceptions about the function of RFID, that getting a Veri Chip implant would provide their whole family with security and “piece of mind” [51].

The fact is, no RFID implant can provide that kind of security and “traceability” that certain members of society are looking for or are afraid of. The best an RFID implant can do today, is identify the person sitting two inches away from the scanner. That may help identify a corpse, but it will not help find missing persons. This is not to say that in the not-to-distant future, technological convergence might enable very sophisticated applications to be built. The idea of implanting prisoners, persons on parole or persons on extended supervision orders (ESOs), or military service-people with digital implantable dog tags has been considered but has yet to take place. Again, Graafstra points to public polls where consumers believe that implanting prisoners or parolees would make society “safer” because it would make implantees easier to track down and keep in confined zones if required, but he is adamant that these kinds of solutions are not yet possible using implanted RFID tags. The permanency of FDA approved implantables is especially disconcerting as they possibly do not give one-time offenders, or once military service personnel, an opportunity to rehabilitate or move onto other professions [52]. For Graafstra this is a violation of service terms, since imposed subcutaneous FDA approved commercial implants are long lasting physical remnant of requirements that have long since expired, and no longer valid.

9.4. RFID Implants for Employees and the Law

To date, no employer has required an employee or potential employee to obtain an RFID implant in order to become or remain employed. Critics jumped on inaccurate media reports that, a now defunct municipal surveillance company, had required employees to get implants to access sensitive datacenters. The fact is three employees did receive VeriChip implants and the company paid for their procedures [53]. However, five employees opted to simply carry around an access card to access those same areas. Implantation was optional, not compulsory. There was a similar optional implantation of employees at the Baja Beach Club in Barcelona, Spain but this was not really publicized.

As a preemptive measure several states in the U.S.A passed laws that banned enforced implantation by employers [54]. For Graafstra the problem has more to do with laws and regulations which target a technology than the very ‘act’ of surveillance. Graafstra notes the law passed in California (Senate Bill 362) that banned employers from mandating that employees or potential employees must get an identifying implant in order to perform their work [55]. The law is written with a heavy slant toward a “radio frequency device”, but an argument could be made that this law also covers biometric technologies and other location based mobile technologies. Intentional or not, the definitions section states;

“Identification device” means any item, application, or product that is passively or actively capable of transmitting personal information, including, but not limited to, devices using radio frequency technology.

“Subcutaneous” means existing, performed, or introduced under or on the skin.

For Graafstra such laws do not do anything for employee workplace rights as a plethora of other technologies exist to determine the whereabouts of workers within campus-based facilities like manufacturing plants. For Graafstra, it has less to do with implantables, and more to do with employee privacy.

9.5. Is Getting an RFID Implant Evil?

Many people believe that RFID implants will harm society and/or humanity in some way. The two most vocal groups are people expressing their religious views, and people expressing their socio-political fears [56]‥

9.5.1. Religious Concerns-“Mark of the Beast”

The interpretation of the Book of Revelation, the last book of the New Testament, by some Christians has caused Graafstra to be the target of backlash by some members of the believing community. Graafstra points to the following verses that RFID critics with a religious orientation invariably point to (Revelation 13: 16–18):

Also it causes all, both small and great, both rich and poor, both free and slave, to be marked on the right hand or the forehead, so that no one can buy or sell unless he has the mark, that is, the name of the beast or the number of its name. This calls for wisdom: let him who has understanding reckon the number of the beast, for it is a human number, its number is six hundred and sixty-six.

From the correspondence that Graafstra has received, he has deduced that some Christians believe that “the devil” will require all of humanity to receive a mark of some kind in order to be able to participate in day-to-day societal transactions. And that furthermore, wise people will recognize that mark and attempt to refuse it. Those who are most vocal about such beliefs have gone so far as to insult and threaten Graafstra, and other DIY taggers about their involvement in ICT implants. Graafstra has spent some time reviewing the passages himself countering:

“[s]ince so many people seem to take the Bible so very literally, in my opinion there are a few things they are either ignoring or do not realize. In verse 16, it says “he causeth all” which means everyone will receive “the mark” regardless of whether they want it or not. In verse 17 it says “no man might buy or sell [without the mark]”, meaning absolutely nobody will be able to do this, even if you are living in an igloo on the North Pole trying to do it illegally. In verse 18 it says nothing about wise people refusing the mark or even being able to, it only discusses how to recognize it.”

There are, however, a number of places in Revelation (16:2, 19:20, 20:10) where it seems evident enough that people will indeed have to make a choice, viz., “the mark”. This was certainly the interpretation of all the early church exegetes who dealt with the prophecy [57]. For Graafstra, however, the mark and the beast are potent warnings about willing subscription to oppressive systems, and how using the tools of those systems will only strengthen such systems. It is very important to distinguish between oppressive systems that use technologies to subjugate a people, and technologies that liberate them, or those being used in a private, personal context.

9.5.2. Socio-Political Fears

Some people believe that RFID implants may one day be mandated on the general populace, instituted by totalitarian governments and other authoritarian regimes [58]. Such persons, firmly believe that RFID technology, particularly implant technology, will in some way enslave humanity and cause a major digital divide. These groups generally point to the involvement of large-scale corporations in the conception, development and implementation of RFID implant technology, and to some extent generate conspiracy theory-like scenarios about the future.

Graafstra also notes that he has been threatened both directly and indirectly by some people harboring sociopolitical fears. He elaborates:

“I have been accused of aiding the government and private corporations in their efforts to deploy RFID implants on a wide scale. I very strongly feel it is a priority to attempt to engage these accusers in civil discussion and attempt, however futile, to impart a bit of knowledge so they might understand how these implants function and ultimately the difference between and separation of DIY taggers from commercial solutions by corporations like VeriChip.”

Simply put, some advocacy groups are not helping the debate and whatever valuable insights they might have is lost in a host of “background noise”. The practice of

‘attracting’ hate mail is common among implantees (both in academia and DIYers), and as Graafstra emphasizes, it often does not encourage a healthy exchange of ideas, although it does alert developers to the social realities that may be stifling adoption and potential ethical liabilities development make need to address.

Section 10. RFID Versus Other Technologies

In Graafstra's opinion it is not so much that consumers should be wary of what RFID can do, but of the widespread diffusion of powerful biometrics and pinpoint positioning technologies. Despite that biometric identification is used extensively all over the world to identify and log all kinds of things, Graafstra notes that it does not receive the same amount of attention that RFID does from advocacy groups. Graafstra sums it up very well when he reflects:

“I think the reason for this is that RFID requires a tangible object carried by or implanted in the object to be identified. Biometric identification does not require this because the identifier is your own body. As biometric monitoring devices get more and more unobtrusive and fade further into the urban landscape, I fear lack of motivation will continue to get worse until a series of very serious civil rights violations occur, but by then we might have a social environment so riddled with circumstances where privacy and basic rights have been traded away for the illusion of security that the general public may actually be afraid to turn off and live without these systems.”

Today's biometric technology can identify you by your full body [59], face, voice, fingerprints, chemical scent, gait mechanics, emotional expressions, your DNA, and even your own shadow [60]. Video cameras are very cheap and easy to deploy, and developments in video processing enable face recognition systems to accurately identify entire crowds of people much faster and more accurately than ever before. If your face is not visible, gait analysis systems can still tell it is “you”, based on the way you walk or your body language. The U.S. military, among others, have been working with satellite imaging to successfully identify key targets based on the shadow they cast on the ground [61].

But beyond biometrics, there is now a plethora of positioning technologies entering the market at different levels of precision [62], [63]. Even the mobile phone (whether 3G-enabled or not) has become a potential privacy-invasive tool. In the U.S., President Barrack Obama recently suggested that U.S. citizens have “no expectation of privacy” with respect to their mobile phones, even when not making a call [64]. Graafstra is not alone in his belief that the idea that anyone from local police to government agencies should be allowed to request-without a warrant-your phone's location at any time (even if it is sitting idle in your home) “is a very scary step that moves the U.S. further toward a surveillance state”. The question as Graafstra has rightly put it is why are these issues not receiving the same attention as RFID tags and implantables? There is an obvious mismatch between perceived encroachments in privacy and actual encroachments in privacy. Advocacy groups might be lobbying for “no RFID implants” but what is here “now” is far worse.

10.1. Opting Out of Commercial ID Systems

If one wishes to opt out of an RFID-based system, users can issue requests to any third parties they enrolled with to have their account information destroyed. While this process and its full compliance is entirely in the hands of those third parties, destruction of the RFID tag is within the control of the users themselves. Tags can be returned to vendors, left at home, thrown out, physically destroyed, or in the case of implants physically removed from the body. However, removal of some RFID implants is more difficult than others. According to the company's product documentation, the FDA approved VeriChip is designed for permanent human implantation. Its Bio-Bond® anti-migration coating and the implantation procedure which seats the tag very deep into muscle tissue create a painful and expensive removal experience. The lack of anti-migration coating on the glass tags used by DIY taggers and their typically shallow implant locations allow easy removal that, in an emergency, could even be done with a sharp knife by the taggers themselves. With biometric systems however, the process of opting out is entirely handled by the third parties whose systems you have been enrolled in. Identifying all of these parties can be impossible if you have passively been enrolled in one or more systems without your knowledge. Furthermore, changing or destroying your biological identifiers can be extremely difficult, expensive, painful, or just plain impossible with today's technology.

Section 11. Conclusion

There is some truth in the belief that technology can be used for well intentioned purposes and not-so-well intentioned purposes alike; see for example the differences between two opposing schools of thought-technological determinism and the social shaping of technology. Graafstra believes that most, if not all technologies are neutral: “[i]t is the people who implement and use a particular technology that determine its effect on humanity.” In that regard, Graafstra is one of the first to acknowledge why some people might have a fear of the potential for wide-scale use of RFID implants, especially when claims are made by persons with limited knowledge of what the technology is capable of, or in other circumstances persons who are completely ignorant of technological capabilities.

In reality, people who rise up so fervently to speak out against RFID do provide valuable feedback to the social innovation process. Graafstra knows too well that there will always be people who can and will build and/or use technology in a way that may be or become oppressive to end-users. The role of the critic is to help in the provision of a balanced view and to ask the very questions that may have been ignored during the development process. Perhaps, in the end, it is even quite irrelevant that some of these opponents understand the technology's true capabilities or limitations. The challenge rather to technologists is to usefully harness the criticism, the feedback, in order to build into their products and solutions design safeguards that mean that identified “potential” threats or harms are minimized or eradicated. Religious advocates against RFID, or those that have socio-political fears about the potential uses of RFID, should attempt to enter into intelligent dialogue rather than burn energy in campaigning against global computer giants or writing disrespectful messages to individual persons who are said to be aiding in the fulfillment of prophecy. The same can be said for law and policymakers, who must be open to discussion and who must arrive at intelligent legislation and industry regulation that targets behavior and the misconduct a technology might enable, not the technology itself. For example, some anti-chipping laws in the U.S. only refer to “injectable” RFID implants but we already have swallowable sensor technologies being patented, and what of the future of nanotechnology for healthcare? Policy that singles out technology as the problem, only limits the scope and effectiveness of the policy per se, while not addressing the real issues lurking beneath the surface.


1. C. Grognard, The Tattoo: graffiti for the soul, Spain:The Promotional Reprint Company, 1994.

2. K. MacKendrick, "Technoflesh or “Didn't That Hurt?”", Fashion Theory: The Journal of Dress Body & Culture, vol. 2, pp. 3-24, 1998.

3. C. R. Sanders, Customising the Body: the art and culture of tattooing, Philadelphia:Temple University Press, 1989.

4. A. Graafstra, "One small step for hand: My first RFID implant", Blog, March 2005, [online] Available:

5. A. Graafstra, RFID Toys: 11 Cool Projects for Home Office and Entertainment (Extreme'Tech], New York:John Wiley and Sons, 2006.

6. "10 People or Groups Who Have Been Microchipped", RFID Gazette, September 2006, [online] Available:

7. K. Warwick, Professor Kevin Warwick, University of Reading, 2010.

8. J. C. Havens, "Hear and Know” –– Scott Silverman and VeriChip –– (RFID) Security Under The Skin", Association for Automatic Identification and Mobility, June 2006, [online] Available:

9. W. D. Gardner, RFID Chips Implanted In Mexican Law-Enforcement Workers, July 2004, [online] Available:

10. J. Halarnka, A. Juels, A. Stubblefield, J. Westhues, "The Security Implications of VeriChip Cloning", The Journal of the American Medical Informatics Association, vol. 13, pp. 601-607, 2006.

11. T. Lewan, Chips: High tech aids or tracking tools?, July 2007, [online] Available: http://www.usatoday.comltech/products/2007-07-21-928096800_x.htm.

12. A. Leo, "RFID Tags: Convenient Technology or Path to Government Monitoring?", Users of RFID Technology Grapple With Concerns, May 2006, [online] Available:

13. J. Oxer, Blog, 2010, [online] Available:

14. M. Trainor, RFID Art, 2010, [online] Available:

15. E. Kac, Time Capsule, November 1997, [online] Available:

16. A. Graafstra, "Hands On: How radio-frequency identification and I got personal", IEEE Spectrum, March 2007, [online] Available:

17. R. Ip, K. Michael, M. G. Michael, "Amal Graafstra The Do-It-Yourselfer RFID Implantee: The culture values and ethics of hobbyist implantees", Cultural Attitudes Towards Technology and Communication (CATAC08), 2008.

18. K. Michael, M. G. Michael, Innovative Automatic Identification and Location Based Services: From Bar Codes to Chip Implants, Hershey, PA:IGI Global, 2009.

19. K. Heim, "Man grips future with microchip implants in hands", Seattle Times, March 2006, [online] Available:

20. Staff Sun, "Implants turn humans into cyborgs", Vancouver Sun, January 2006, [online] Available:

21. Reuters Staff, "Computer chips get under skin of US enthusiasts", ABC News Online, January 2006, [online] Available:

22. A. Bahney, "High Tech Under the Skin", New York Times, February 2006, [online] Available:

23. G. J. Koprowski, "Where's Jimmy? Just Google His Bar Code",, May 2010, [online] Available:

24. A. Graafstra, "Interview with Katina Michael…", Blog, May 2007, [online] Available:

25. K. Michael, A. Graafstra, K. Michael, M. G. Michael, "Interview 14.2: The Do-It-Yourselfer RFID Implantee" in Innovative Automatic Identification and Location Based Services: from Bar Codes to Chip Implants, Hershey, PA:Information Science Reference, pp. 427-449, 2009.

26. C. D. Martin, "The myth of the awesome thinking machine", Communications of the ACM, vol. 36, pp. 120-133, 1993.

27. P. Atkinson, M. Hammersley, Ethnography: principles in practice, Abingdon, Oxon: Routledge, 1995.

28. K. Michael, M. G. Michael, M. Quigley, "Homo Electricus and the Continued Speciation of Humans" in The Encyclopedia of Information Ethics and Security, IGI Global, pp. 312-318, 2007.

29. A. Graafstra, "I take credit for that one …", Blog, March 2009, [online] Available:

30. M. Vascellari, E. Melchiotti, F. Mutinelli, "Fibrosarcoma with Typical Features of Postinjection Sarcoma at Site of Microchip Implant in a Dog: Histologic and Immunohistochemical Study", Veterinary Pathology, vol. 43, pp. 545-548, 2006.

31Cyborg 1.0 Wired, no. 8.02, 2000.

32. "Guidance for Industry and FDA Staff (Class II Special Controls Guidance Document: Implantable Radiofrequency Transponder System for Patient Identification and Health Information)", U.S. Department of Health and Human Services Food and Drug Administration Center for Devices and Radiological Health General Hospital Devices Branch Division of Anesthesiology General Hospital Infection Control and Dental Devices Office of Device Evaluation, December 2004, [online] Available:

33US Department of Health and Human Services, vol. K033440, October 2004.

34Google Search “K033440”, 2010, [online] Available:

35. K. Albrecht,, November 2007, [online] Available:

36. A. Graafstra, "Release form for RFID implantation", Blog, December 2009, [online] Available:

37The Use of RFID for Human Identity Verification, December 2006, [online] Available:

38The use of RFID for Human Identification. A draft report from DHS Emerging Applications and Technology subcommittee to the Full Data Privacy and Integrity Advisory Committee Version 1.0 Department of Homeland Security, 2006.

39. G. M. Koien, "RFID and Privacy", Telenor R&I (Network Technologies Group), February 2007, [online] Available: http://www.telenor.comlen/resources/images/077-083_RFID-Privacy_tcm28-36799.pdf.

40. "Trusted Traveler Programs", US Department of Homeland Security: U.S. Customs and Border Protection, December 2009, [online] Available:

41. S. Bono, M. Green, A. Stubblefield, A. Rubin, A. Juels, M. Szydlo, Analysis of the Texas Instruments DST RFID, May 2007, [online] Available:

42. "Benetton to Tag 15 Million Items", RFID Journal, March 2003, [online] Available: http://www.rfidjournal.comlarticle/view/344/1/1.

43. "RFID blocking sleeves and holders", Smart Card Focus, 2010, [online] Available: http://www.smartcardfocus.comlshop/ilp/se~102/p/index.shtml?gclid=CLWixrPx36ECFQcupAodL1BuKA.

44. "RFID Chip Market to Grow 63% Annually Through 2011", RFID Update, February 2008, [online] Available: http://www.rfidupdate.comlarticles/index.php?id=1538.

45. "Welcome to LifeChip", Destron LifeChip, 2010, [online] Available:

46. "Companion Animals Act 1998", Compulsory microchipping in NSW, 1998, [online] Available:

47. J. Siden, A. Koptyug, M. Gulliksson, H.-E. Nilsson, "An Action Activated and Self Powered Wireless Forest Fire Detector" in Wireless Sensor and Actor Networks, Boston: Springer, pp. 1571-5736, December 2007.

48Positive ID, 2010, [online] Available: http://positiveidcorp.comlabout-us.html.

49. J. Diamond, Guns Germs and Steel: A Short History of Everybody for the Last 13000 Years, London: Vintage, 1997.

50. "Social Consequences and Effects of RFID Implants?", SlashDot, May 2006, [online] Available:

51. J. Scheeres, "They Want Their ID Chips Now", Wired, June 2002, [online] Available: http://www.wired.comlpolitics/security/news/2002/02/50187.

52. K. Michael, M. G. Michael, R. Abbas, "The Dilemmas of Using Wearable Computing to Monitor People: An Extended Metaphor on the Tracking of Prison Inmates and Parolees", Australia and New Zealand Society of Criminology Conference: Crime and Justice Challenges in the 21 st Century, 2009.

53. M. C. O'Connor, "Tag Implants May Be Dangerous for Security Apps Says Group", RFID Journal, August 2006, [online] Available: http://www.rfidjournal.comlarticle/articleview/2607/2/1/.

54. A. Friggieri, K. Michael, M. G. Michael, "The Legal Ramifications of Microchipping People in the United States of America-a State Legislative Comparison", International Symposium on Technology and Society, 2009.

55. Simitian. Identification devices: subcutaneous implanting", Filed with Secretary of State, vol. SB 362, October 2007.

56. K. Michael, M. G. Michael, "The social cultural religious and ethical implications of automatic identification", Proceedings of the Seventh International Conference in Electronic Commerce Research, 2004.

57. M. G. Michael, "The Canonical Adventure of the Apocalypse of John: An Eastern Orthodox Perspective" in Faculty of Theology and Philosophy vol. Doctor of Philosophy, Brisbane, Queensland:, 2002.

58. G. Nikolettos, We the People Will Not Be Chipped, 2010, [online] Available: http://www.wethepeoplewillnotbechipped.comlmain/news.php.

59. D. Welch, "US raises full body scanners in fly-by visit over terrorism", Sydney Morning Herald, January 2010, [online] Available:

60. A. Graafstra, "I'm in “Tagged” a New Canadian Documentary", Blog, September 2009, [online] Available:

61. A. Stoica, "Towards Recognition of Humans and their Behaviors from Space and Airborne Platforms: Extracting the Information in the Dynamics of Human Shadows", ECSIS Symposium on Bioinspired Learning and Intelligent Systems for Security, 2008.

62. K. Michael, A. Masters, "Realised Applications of Positioning Technologies in Defense Intelligence" in H. Abbass, D. Essam, Applications of Information Systems to Homeland Security and Defense, Hershey, USA:Idea Group Publishing Press, pp. 167-195, 2006.

63. K. Michael, A. Masters, "The Advancement of Positioning Technologies in Defense Intelligence" in H. Abbass, D. Essam Applications of Information Systems to Homeland Security and Defense, Hershey, USA:Idea Group Publishing, pp. 196-220, 2006.

64. D. McCullagh, "Feds push for tracking cell phones", cnet news, February 2010, [online] Available:


Radiofrequency identification, Eyes, RFID tags, Transponders, Implants, Radio frequency, Animals,Supply chains, Mobile handsets, Health and safety, social sciences, radiofrequency identification, chip implant, sociotechnical issues, humancentric RFID implantee subculture, Amal Graafstra,radiofrequency identification tags

Citation: Amal Graafstra, Katina Michael, M.G. Michael, 2010, "Social-technical issues facing the humancentric RFID implantee sub-culture through the eyes of Amal Graafstra", International Symposium on Technology and Society, 7-10 June, 2010, pp. 498 - 516 , Wollongong, Australia.

Using social informatics to study effects of location-based social networking

Using a social informatics framework to study the effects of location-based social networking on relationships between people: A review of literature



This paper is predominantly a review of literature on the emerging mobile application area known as location-based social networking. The study applies the social informatics framework to the exploratory question of what effect location based social networking may have on relationships between people. The classification model used in the paper relates previous research on location based services and online social networking together. Specifically the wider study is concerned with literature which identifies the impact of technology on trust with respect to friendship. This paper attempts to draw out the motivations behind using location based social networking applications and the implications this may have on individual privacy and more broadly one's social life. It relies heavily on the domain of social informatics with a view to setting a theoretical underpinning to the shaping between context and information and communication technology design.

Section 1. Introduction

The purpose of this paper is to provide a review of the relevant literature of the effects of location-based social networking (LBSN) on relationships between people. There are three main areas of literature reviewed. The first area is literature related to the domain of social informatics. The purpose of reviewing this literature is to guide the conduct of the wider research study. The second area of literature reviewed is the social informatics based studies on online social networking (OSN), location based services (LBS), and location based social networking (LBSN). The purpose of reviewing the literature on online social networking and location based services is because these technologies precede location based social networking. LBSN is the composite of LBS and OSN and therefore the literature on each of these technologies provides insight into core concepts related to location based social networking. The intersection between LBS, ONS and LBSN also uncovers an area which has been under researched predominantly due to its newness in the field of information and communication technology (ICT). The third area of literature reviewed by this research is the literature on trust and friendship. The purpose of briefly reviewing this literature is to provide an outline of the social theory that forms the background of the wider study. Prior to reviewing the literature a classification model is presented which summarizes the literature in the domain, in addition to providing a roadmap for this paper.

Section 2. Background

Location Based Social Networking (LBSN) applications such as Google Latitude, Loopt and BrightKite enhance our ability to perform social surveillance. These applications enable users to view and share real time location information with their “friends”. LBSN applications offer users the ability to look up the location of another “friend” remotely using a smart phone, desktop or other device, anytime and anywhere. Users invite their friends to participate in LBSN and there is a process of consent that follows. Friends have the ability to alter their privacy settings to allow their location to be monitored by another at differing levels of accuracy (e.g. suburb, pinpoint at the street address level, or manual location entry). Individuals can invite friends they have met in the physical space, friends they have met virtually in an online social network, their parents, their siblings, their extended family, partners, even strangers to join them in an LBSN setting.

With the emergence of this technology it is crucial to consider that “technology alone, even good technology alone is not sufficient to create social or economic value” [1]. Further to not contributing “sufficient” economic or social value, Kling and other scholars have identified that technologies can have negative impacts on society [2]. Consider the case of persons who have befriended each other in the virtual space, only to meet in the physical space and to encounter unforeseen consequences by doing so [3]. As location based social networking technologies are used between what is loosely termed “friends,” they have the potential to impact friendships, which are integral not only to the operation of society but also to the individual's well being [4].

Section 3. Classification Model

The classification model of the literature review expressed in Figure 1 summarizes the current social informatics based scholarship on location based services, online social networking and location based social networking applications. The arrows indicate the researchers view that location based social networking applications are novel in that they have been designed to provide additional functionality for social networking. The classification model also summarizes the scholarship on trust and technology and introduces the social theory of trust and friendship. The purpose of reviewing this literature is first to identify studies relating trust to LBS and OSN, and then to understand how technology has the potential to impact upon human trust. Although it must be stated upfront that the number of studies relating to this particular research question are scarce, given that the first popular LBSN application was launched in the beginning of 2009 [5], with only beta applications existing in August of 2008. Secondly, the purpose of reviewing the literature on trust and friendship is to develop a social theory to inform the research.

Figure 1. Classification Model

In order to logically understand the literature it is organized in a top-down approach. First the paper addresses enquiries in the domain of social informatics. Second the literature on online social networking and location based services is reviewed, providing a background to the types of issues pertinent to location based social networking. The review of the literature specifically on LBSN then follows. Once the gap in current research is presented, previous works on ‘trust and technology’, and ‘trust and friendship’ are presented.

Section 4. Socio-Technical Network Influences

The social implications of technologies have been explored under several different theoretical frameworks, including technological determinism, social shaping of technology, critical information theory and social informatics. This research adopts the approach of social informatics. Thus the overall aim of the research is to engage in a holistic and empirical study of the ‘consequences’ of location based social networking applications. This section provides a definition and outline of social informatics, how and why it has developed and how it can be used as a framework for further research. This section concludes with a justification for the adoption of this particular approach against a backdrop of other possible theories.

4.1. Definition of Social Informatics

Social informatics research focuses upon the relationships between information and communication technologies (ICTs) and the larger social context they exist within [6]. The definition of social informatics provided by the Encyclopedia of Library and Information Sciencedefines Social Informatics as [7]:

“the systematic, interdisciplinary study of the design, uses and consequences of information technologies that takes into account their interaction with institutional and cultural contexts. Thus, it is the study of the social aspects of computers, telecommunications, and related technologies, and examines issues such as the ways that IT shape organizational and social relations, or the ways in which social forces influence the use and design of IT… Social Informatics research strategies are usually based on empirical data… [and] use data to analyze the present and recent past to better understand which social changes are possible, which are plausible and which are most likely in the future.”

One of the key concepts underlying the approach of social informatics is that information and communication technology are not designed in social isolation, that a social context does exist, and it does influence the manner in which ICT is developed, used and ultimately has a social impact [7].

4.2. The Development of Social Informatics

Social informatics research was born from the dissatisfaction with previous information systems research methods that were focused on either exploring the deterministic effects of technology upon society, or society upon technology. These theories are respectively referred to as technological determinism and social shaping of technology.

Technological deterministic research studies focus on the impact of technology upon society. The research approach aims to answer questions such as:

“What would be the impact of computers on organizational behavior if we did X? What would be the changes in social life if we did X? Will computer systems improve or degrade the quality of work?… ‘What will happen, X or Y?’ The answer was, sometimes X, and sometimes Y. There was no simple, direct effect” [8].

Technological determinism has failed to produce satisfactory prediction and this has lead to the formation of social informatics research [9]. Technological determinism was also seen by the proponents of the social shaping of technology, as being only a partial truth, and “oversimplistic” [10].

The social shaping of technology approach proposes that technology is not an autonomous entity as it is shaped by social forces. This is in direct opposition to technological determinism which depicts technology as an “autonomous entity, which develops according to an internal logic and in a direction of its own, and then has determinate impacts on society” [11]. Social shaping of technology studies aim to show that technology is in fact a social product, it does not mold society, but rather society molds it, and this can be seen by investigating the social forces at play in the creation and use of technology [12]. Examples of approaches in the social shaping of technology include the social construction of technology and the actor network theory. These theories focused on the role of either knowledge or actors upon the development of technology. Technological determinism focuses on the impacts of technology, while the social shaping of technology focuses on the context. Social informatics on the other hand “investigates how the influences and nodes in a sociotechnical network shape each other” [13].

Social informatics does not ask deterministic questions ‘What will happen X or Y?’, instead social informatics researchers asks the question 'When will X happen? And Under what Conditions?’ providing a nuanced conceptual understanding of the operation of technology in social life [9]. In contrast to technologic determinism and social shaping of technology theories, the social informatics framework highlights the mutual shaping of technology and society, both molding each other at the same time.

4.3. Examples of Social Informatics Research

Figure 2. Bidirectional Shaping between Context and ICT Design

Social informatics takes a nuanced approach to investigating technologies and explores the bidirectional shaping between context and ICT design, implementation and use [13] (figure 2). This approach, which combines the social aspects and the technical aspects of technology, has been found to be useful for understanding the social shaping and ‘consequences’ of information communication technologies [9]. Examples of social informatics research include the vitality of electronic journals [14], the adoption and use of Lotus Notes within organizations [15], public access to information via the internet [16], and many other studies. Social informatics research also investigates new social phenomenon that materialize when people use technology, for example, the unintended effects of behavioral control in virtual teams [17]. Research falling in this area is perceived as the future direction for social informatics research [9].

4.4. Social Informatics as a Framework

Social informatics is not described as a theory, but as a “large and growing federation of scholars focused on common problems”, with no single theory or theoretical notion being pursued [13]. What social informatics does provide is a framework for conducting research. What follows is a description of the framework, its key elements and distinguishing features.

4.4.1. Key Features of Social Informatics Research

Social informatics research is problem orientated, empirical, theory based and interdisciplinary with a focus on informatics (table 1). In addition there are several key distinguishing features of the framework. First, social informatics does not prescribe a specific methodology although the majority of methods employed by researchers in this field are qualitative methods. Second, social informatics is inclusive of normative, analytical or critical approaches to research. Third, this type of research “investigate[s] how influences and nodes at different levels in the network shape each other” [13], engaging in analysis of the interconnected levels of the social context. Fourth, research in this field can be seen to fall within three broad themes:

  1. ICT uses lead to multiple and sometimes paradoxical effects,

  2. ICT uses shape thought and action in ways that benefit some groups more than others and these differential effects often have moral and ethical consequences and;

  3. a reciprocal relationship exists between ICT design, implementation, use and the context in which these occur [13].

When adopting the framework of social informatics, the main focus of social informatics should not be overshadowed. The research should be focused upon the idea that “ICT are inherently socio-technical, situated and social shaped” [18] and that in order to understand their impacts we need to explore, explain and theorize about their socio-technical contexts [13].

Table 1. Key Features of Social Informatics Research (adapted from [13])

4.5. Justification for Using the Social Informatics Framework

There are two primary justifications for adopting a social informatics approach. First, the goals and achievements of social informatics accords to the researchers' goal and motivation. Second, the holistic method of enquiry adopted by social informatics research provides meaningful data. Social Informatics researchers aim to develop: “reliable knowledge about information technology and social change based on systematic empirical research, in order to inform both public policy issues and professional practice” [8]. This is in accordance with the researchers' goal to identify the credible threats that LBSN pose to friends and society with a view to preventing or minimizing their effect. Social informatics research has also developed an “increased understanding of the design, use, configuration and/or consequences of ICTs so that they are actually workable for people and can fulfill their intended functions” [9]. In essence, this is the primary motivation behind this study: to increase our understanding of location based social networking so that it can be workable and fulfill its intended function in society without causing individuals harm.

The method of enquiry adopted by social informatics researchers is usually based on conducting a holistic and interdisciplinary investigation into the bidirectional relationship between context and ICT design, use and implementation. This study takes into account the social theory surrounding trust and relationships; thus providing meaningful data on the implications of location based social networking upon trust. For Kling, it was the fact that information and communication technologies were increasingly becoming enmeshed in the lives of more and more people, that there was a pressing need to explore the ultimate social consequences of the ensuing changes [8]. Kling considered that studying new and emerging applications early in the process of diffusion granted significant opportunities to shape the forms and uses of new technologies.

4.6. Alternative Theories and Approaches to the Study of the Social Implications of Technology

Two alternative approaches to social informatics were discussed in section 4.2, i.e., technological determinism and the social shaping of technology. A third possible theory that was considered was critical social theory (founded by Jürgen Habermas). Critical social theory has four distinct attributes: (1) it is sensitive to lifeworlds of the organizational actors and is oriented to interpreting and mapping the meanings of their actions from their perspectives, (2) adopts pluralistic methods, (3) does not separate the subjects of inquiry from their context and (4) recognizes that the context is not only important to meaning construction, but to social activity as well [19]. Thus, we can say, that critical social theory is similar to social informatics in three main ways: (1) both approaches are sensitive to the context surrounding the subject of enquiry, (2) both focus on the inter-relationship between context and subject, and (3) both approaches employ pluralistic methods. However, the main focus of the two approaches is markedly different.

Critical information theory focuses on “questioning the conventional wisdom of prevailing schools of thought and institutional practices with a primary focus on issues related to justice and power” [20]. In applying this kind of approach to ICT we would be aiming to “discover and expose attempts to design and (mis)use IS to deceive, manipulate, exploit, dominate and disempower people” [21]. This is not the aim of the research problem presented here- while admittedly location based social networking can cause harm if misused (e.g. stalking by x-partners), it can also act to be incredibly beneficial (e.g. in a family travel holiday in a foreign country). Thus, the aim of the research is to understand the positive and negative implications of the use of location based social networking in society, not just to look at issues of justice and power.

The following section provides an overview of the key literature on the use, design, implementation, context and implications of online social networking, location based services, and location based social networking.

Section 5. Online Social Networking Sites

Current studies on online social networking sites use varied methods involving case studies, surveys, interviews and observations to investigate the use, implications, design and context of the emerging application. The literature on OSN falls into three broad areas of study: (1) purpose, motivation and patterns of use, (2) effect on interpersonal relationships, and (3) threats to privacy, trust and security.

5.1. Purpose, Motivation and Patterns of Use

These studies on online social networking outline the purpose for which OSN is used, the motivation behind an individual's use of OSN, and how users go about the adoption of OSN applications.

5.1.1. Purpose of Online Social Networking

The purpose of OSN has been identified as the public articulation of individual social connections [22], the creation of an information ground [23] or a means of satisfying “our human tendencies towards togetherness” [24]. Boyd's study on Friendster users, revealed that OSN “reshaped how groups of people verbally identify relationships and solidified the importance of creative play in social interactions” [22]. Boyd identified the value of networks, how users presented themselves on Friendster, who users connected with from exiting friends to “hook-ups” to “familiar strangers,” and it highlighted the dilemma caused by fakesters in the network.

Counts and Fisher's study explored OSN exposing the “types and usefulness of information shared in everyday life, the way the system fits into participants communication and social “ecosystem” and the ways in which the system functions as an information ground” [23]. Other than just a source of information, OSN also functions to provide “a logical extension of our human tendencies towards togetherness” [24]. Weaver and Morrison perform case studies on four social networking sites (mySpace, Facebook, Wikipedia and YouTube) to explore the range of socialization that can occur revealing the core purpose of connecting to people.

5.1.2. Motivation Behind the Use of Online Social Networking

Lampe, Ellison and Steinfield have conducted two major survey studies on the use of OSN. The first study was in 2006, and the second was in 2008. The purpose of the first study was to answer the question - “Are Facebook members using the site to make new online connections, or to support already existing offline connections?” The results revealed that Facebook users are primarily interested in increasing “their awareness of those in their offline community” [25]. The second study incorporated three surveys and interviews in order to explore whether the use, perception of audience and attitudes of users of Facebook changed over time with the introduction of new features to Facebook. The results again revealed that the primary use of Facebook was to maintain existing offline connections, in order to: keep in touch with friends, learn more about existing classmates and people that users have met socially offline [26]. Both studies were conducted upon undergraduate university populations.

Joinson [27] performed a use and motivation study on a random sample of Facebook users, not limited to campus-based populations, which supported the conclusions of both Lampe, Ellison and Steinfield studies. Furthermore the study by Joinson probed further identifying seven unique uses and gratifications of online social networks, including social connection, shared identities, content, social investigation, social network surfing and status updating, and identifying that different uses and gratifications relate differentially to patterns of usage [27].

5.1.3. Patterns of Use of Online Social Networking

Other studies of use of online social networking have looked at how the information provided by social networking sites can be used to understand patterns of use. Hancock, Toma and Fenner [28]explore how people use information available on social networking sites to initiate relationships. They asked participants to befriend partners via an instant messaging conversation by using profile information readily available on Facebook. This use of asymmetric information revealed that the information helped in linking persons together, but only in 2 out of 133 scenarios did the users realize that information had been gained from their Facebook profile, instead of the real-time instant messaging conversation(s) they had had with the friend. This study highlighted the rich source of information about the self which is available online, as well as the unintended consequences of others strategically plotting to use that information for their own relational goals.

Online social networking researchers have also explored patterns of use among different groups of people and communities. Ahn and Han [29] investigated the typological characteristics of online networking services. Chapman and Lahav [30] conducted an ethnographic interview studying the cross-cultural differences in usage patterns of OSN in multiple cultures. Results from the interviews identified three dimensions of cultural difference for typical social networking behaviors: users' goals, typical pattern of self expression and common interaction behaviors. The study was limited to the interviews with participants from the United States, France, China and South Korea, and therefore requires future work to evaluate the presented results.

Other studies have explored the usage among different age groups. Arjan, Pfeil and Zaphiris [31]explored users MySpace friend networks with webcrawlers to compare teenage (13–19) networks with those of older people (60+). The findings of the study showed that teenage users had larger networks with more users of the same age than older users. Furthermore when representing themselves online teenagers use more self referencing, negative emotions and cognitive works than older people. The limitation of this study is the small sample size and limited frame of reference – that is the differences between teenagers and older people without reference to other intermediate age groups. A third study by Schrammel, Köffel and Tscheligi [32] surveyed users of various online communities to explore the different information disclosure behavior in the different types of online communities. They identified that users disclose more information in business and social contexts, with students being more freehanded with information than employed people, and females being more cautious than males. Studies relating to the use of OSN have also explored its potential application to other contexts including the workplace [33][34]; student learning [35], citizen involvement [36] and connecting women in information technology [37].

5.2. The Effect of Online Social Networking on Interpersonal Relationships

Online social networking is used in the context of being social, creating connections with users and expanding networks [38]. The implication of using OSN to create or maintain relationships has been explored by several researchers highlighting the nature of intimate online relationships and social interactions as well as the benefits and detriments of the use of OSN upon relationships. Boyd's study concentrated on intimacy and trust within the OSN site Friendster. He highlighted that intimate computing hinges upon issues surrounding trust, trust in the technology, and ultimately trust in the other users to operate by the same set or rules [39]. Dwyer [40] has presented a preliminary framework modeling how attitudes towards privacy and impression management translate into social interactions within MySpace. Other issues that have been explored in the literature include whether interaction between users, flow from the declaration of friends and whether users interact evenly or lopsidedly with friends. These questions were explored by Chun et al, in a quantitative case study of the OSN site Cyworld, reporting that there was a high degree of reciprocity among users [41].

The benefits and detriments of OSN upon interpersonal relationships have not been extensively explored. A survey of undergraduate university students conducted by Ellison, Steinfield and Lampe [42] identified that using Facebook benefits the maintenance and growth of social capital among “friends” and also improves psychological well being. However, although OSN sites reinforce peer communication, Subrahmanyam and Greenfield [43] point out that this may be at the expense of communication within the family, expressing the need for further research into the affects of OSN upon real world communications and relationships.

5.3. Implications of Use- Privacy, Trust and Security

5.3.1. Privacy

Privacy in online social networking sites has received significant attention, with researchers exploring patterns of information revelation and implications upon privacy [44], the use of OSN policies to ensure privacy [45], differences in perceptions of privacy across different OSN [46], the privacy risks presented by OSN [47], mechanisms to enhance privacy on OSN [48], user strategies to manage privacy [49], and the notion of privacy and privacy risk in OSN [50].

The work of Levin and others at Ryerson University (the Ryerson Study) provides the largest survey on usage, attitudes and perceptions of risk of online social networking sites [50]. The design of the survey incorporated quantitative questions, scenarios and short answer questions to understand the level of risk and responsibility one feels when revealing information online. This study identified that young Canadians have a unique perception of network privacy “according to which personal information is considered private as long as it is limited to their social network” [50]. A further contribution of this study, along with other privacy studies [44][46] is the implication of the use of online social networking sites upon trust.

5.3.2. Trust

There are very few studies that explore the concept of trust in online social networking. The majority of studies which do look at trust are focused upon algorithms [51] or frameworks [52] that provide users of OSN with trust ratings. Other scant studies have mentioned or examined online social networking sites in terms of their impact upon trust in relationships. Gross and Acquisti [44]have mentioned that: “trust in and within online social networks may be assigned differently and have a different meaning than in their offline counterparts…[and that] trust may decrease within an online social network”. However they did not investigate this aspect of OSN further. There are three studies which have investigated the impact of OSN upon trust. The first by Dwyer, Hiltz and Passerini [46], compares perceptions of trust and privacy between different OSN applications. The second study, conducted by Ryerson University, identifies the potential for OSN to impact upon trust, and the third study, by Gambi and Reader, is currently ongoing and aims to determine whether trust is important in online friendships and how it is developed.

Dwyer, Hiltz and Passerini [46] compared perceptions of trust and privacy concern between MySpace and Facebook. Trust was measured with the following two quantitative questions; “I feel that my personal information is protected by [social networking sites]” and “I believe most of the profiles I view on [social networking sites] are exaggerated to make the person look more appealing”. The outcome of the study was focused upon trust in the users and online social network itself, but it did not shed light upon the effect of OSN upon trust in relationships.

The Ryerson study provides some exploration into the impact of online social networking sites upon trust in relationships, by presenting scenarios where users had experienced a loss of trust with other members of the site. The participants were then asked whether they had experienced or know of someone who had experienced such a scenario. The first scenario presented a user who went out partying and photographs were taken of the occasion and displayed on Facebook, resulting in the loss of trust by the family. Sixty-four percent of respondents either experienced this scenario directly or indirectly or heard of it happening to someone else. The second scenario that focused on trust involved a comment being posted upon a user's wall, indicating that that individual had been involved in shoplifting, and that no matter what the user claimed everyone still believed that he/she was a shoplifter. In this scenario, seventy-six percent of respondents reported that they had not heard of this occurring. The Ryerson study therefore presented a glimpse into the potential effect of use of online social networking sites upon trust. Another snapshot is provided by Gambi and Reader [53] who performed an online questionnaire with online social networking users to determine whether trust was important in online friendships, and how trust is developed online. Despite the low number of studies in the area of trust and OSN, it is clear from the currency of the three studies that this is an emerging area of research.

5.3.3. Security

Studies in online social networking have explored the impact of OSN on the security of user information and identity. A recent study by Bilge, Strufe, Balzarotti and Kirda [54] identifies the ease with which a potential attacker could perform identity theft attacks upon OSN and suggests improvements in OSN security.

Section 6. Location Based Services

The focus of the literature on location based services, as with social networking, does not surround the technological aspects of design but the use and implications from a social informatics perspective. In this vein the literature reviewed identified the different contexts of use of LBS, the implications of use including trust, control, privacy and security.

6.1. Context of Use of Location Based Services

The literature identifies both current and future applications of LBS to track and monitor human subjects. These applications include employee monitoring [55], government surveillance [56], law enforcement [57], source of evidence [58], patient monitoring [59], locating family members for safety [60][61][62], locating students at school [63], identifying kidnapped victims [60], and socializing with friends [64][65]. The following section details the literature conducted on humancentric LBS in terms of their social implications.

6.2. Implications of Using Location Based Services

Michael, Fusco and Michael's research note on the ethics of LBS provides a concise summary of the literature on the socio-ethical implications of LBS available prior to 2008. The research note identifies trust, control, security and privacy [66] as the four implications of LBS. The literature pertaining to each of these implications will now be described.

6.2.1. Trust

The literature on trust and location based services has predominantly used scenarios [67], theory based discussion of workplace practices [68], and addressed consumer trust with respect to LBS [69]. To the researcher's knowledge, the investigation of trust and LBS is limited to these works.

6.2.2. Control

Dobson and Fisher provide an account of the concept of “geoslavery”, which is defined as “the practice in which one entity, the master, coercively or surreptitiously monitors and exerts control over the physical location of another individual, the slave” [70]. While Dobson and Fisher provide a theoretical account of the potential for “geoslavery” and the human rights issues which accompany it, Troshynski, Lee and Dourish examine the application of “geoslavery” upon paroled sex offenders who have been tracked using a LBS device [57].

Troshynski, Lee and Dourish's work draws upon two focus groups of parole sex offenders to explore the ways that LBS frame people's everyday experience of space. The findings from the focus groups draw out the notion of accountabilities of presence. Troshynski et al define accountabilities of presence as the notion that “[l]ocations are not merely disclosed, rather users are held accountable for their presence and absence at certain time and places” [57]. This presence need not be their actual physical location but the location that is disclosed to the observer. For instance, the parole sex offenders were “primarily concerned with understanding how their movement appear to their parole officers” [57]. This concept of being held to account is a mechanism of enforcing control.

A handful of studies have made mention of the parallel between LBS and Michel Foucault's Panopticon design for prisons [71][57][72]. The Panopticon prison was designed to be round so that the guards could observe the prisoners from the centre without the prisoners knowing whether they were being observed or not. Foucault argued “that the omni-present threat of surveillance renders the actual exercise of power (or violence) unnecessary; the mechanisms of pervasive surveillance induce discipline and docility in those who are surveilled” [57]. LBS represent a modern form of the Panopticon prison, exerting implicit control through the ability to observe.

6.2.3. Security

LBS can be used to provide security, such as law enforcement in order to make “police more efficient in the war against crime” [73] and also for border security [63]. However they can also present a threat to security [74].

6.2.4. Privacy

LBS pose a threat to privacy in the way that information is collected, stored, used and disclosed [75][74][76]. The threat to privacy is further exacerbated by the aggregation and centralization of personal information enabling location information to be combined with other personal information [77]. However while privacy is important, a hypothetical study requiring users to “imagine” the existence of a LBS, provided evidence to show that users were “not overly concerned about their privacy” [78]. Two other studies showed that in situations of emergency, individuals are more willing to forgo some of their privacy [60][79].

Section 7. Location Based Social Networking

The current literature on location based social networking explores users' willingness and motivations for disclosing location information and presents several user studies, which draw out different findings on the implications of using LBSN.

7.1. Disclosure of Location Information

Grandhi, Jones and Karam [80] conducted a survey to gauge attitudes towards disclosure of location information, and use of LBSN applications. The findings from the short survey indicated that there was a general interest in LBSN services. The majority of respondents stated that they would disclose their personal location data, that demographics and geotemporal routines did matter, and finally that social relationships are important in predicting when or with whom individuals want to share personal location data.

7.2. LBSN User Studies

7.2.1. LBSN Studies Based on Perceptions and Closed Environments

Several user studies have been conducted on location based social networking [81]. One of the earliest studies to be conducted involved a two phased study comparing perceived privacy concerns with actual privacy concerns within a closed LBS environment [82]. Barkhuus found that although users were concerned about their location privacy in general, when confronted with a closed environment the concern diminished. Another user study observed the configuration of privacy settings on a work-related location based service [83]. The study found that grouping permissions provided a convenient balance between privacy and control. Moving away solely from the concept of privacy, Consolvo and Smith [84] conducted a three phased study. First they explored whether social networking users would use location-enhanced computing, second they recorded the response of users to in-situ hypothetical requests for information, and thirdly requested participants to reflect upon phase one and two. Some of the captured results included: what participants were willing to disclose, the relationship between participant and requestor, the effect of where participants were located, the activity or mode, privacy classifications, what people want to know about another's location, and privacy and security concerns. The limitation of the research, and prior research on LBSN technologies was the hypothetical nature of the research, or that the research took place within a controlled environment. The following studies employed the use of actual or tailored LBSN.

7.2.2. Semi-Automated and Customizable LBSN Studies

Brown and Taylor [61] implemented the Whereabouts Clock, a location based service which displayed the location of family members on a clock face with four values. At any given point of time, an individual had the status of being at home, at work, at school, or elsewhere. This study revealed that LBSN within the family context could help co-ordination and communication and provide reassurance and connectedness, although it also caused some unnecessary anxiety. Privacy was found not to be an issue among family members using the Whereabouts Clock. The LBSN technology used in this study was more sophisticated than prior studies but it was rather limited in geographic granularity.

Humphreys performed a year long qualitative field study on the mobile social network known as Dodgeball which allowed users to ‘check in’ at a location and then that location was broadcasted to people on their given network. The outcomes of this study revealed patterns of use of LBSN, the creation of a “third space” by LBSN, and the resultant social molecularization caused by Dodgeball use [85]. The limitation of this study is again in the technology employed, the location information was not automated or real-time as Dodgeball required the user to consciously provide manual location updates.

Barkhuus and Brown [86] conducted a trial using Connecto, in order to investigate the emergent practices around LBSN. Connecto allowed users to tag physical locations and then the phone would automatically change the users displayed location to represent the tagged location. This provided a closer simulation of real-time automated LBSN. The outcomes of this study demonstrated that users could use Connecto to establish a repartee and were self-conscious about the location they disclosed. By publishing their location, the users were found to engage in ongoing story-telling with their friends, via a process of mutual monitoring. This act was seen as a “part of friendship relations” and added to an “ongoing relationship state.” There was also the additional expectation that users had to “have seen each others' location or else risk falling ‘out of touch’ with the group” [86].

7.2.3. Real-time LBSN Studies

Brown LBSN studies published after the 2008 calendar year use methods that take advantage of sophisticated real-time automated LBSN applications. Tsai and Kelley [87] developed the Locyoution Facebook application which was used to automatically locate user laptops using wireless fidelity (Wi-Fi) access points leveraging the SkyHook technology. The aim of the study was to investigate how important feedback is for managing personal privacy in ubiquitous systems. Participants were divided into two groups; one group received no information about who had requested their location while the other group was able to view their location disclosure history. The four major findings of the study were that (1) providing feedback to users makes them more comfortable about sharing location (2) feedback is a desired feature and makes users more willing to share location information, (3) time and group based rules are effective for managing privacy, and (4) peers and technical savviness have a significant impact upon use.

Vihavaninen and Oulasvirta [88] performed three field trials of Jaiku, a mobile microblogging service that automates disclosure and diffusion of location information. The focus of the field trials was on investigating the use, user response and user understanding of automation. The results of this study revealed that automation caused issues related to control, understanding, emergent practices and privacy. This study is significant as it is one of the first studies to investigate the implication of automated location disclosure upon user perceptions. The study however does not investigate the implications of the use of automated LBSN upon social relationships.

An ethnographic study by Page and Kobsa explored people's attitudes towards and adoption of Google Latitude, a real-time and automated LBSN. The focus of this study was upon “how participants perceive[d] Latitude to be conceptually situated within the ecology of social networking and communication technologies” [65], based upon technology adoption, social norms, audience management, information filtering and benefits. This study while innovative, presented preliminary results based upon 12 interviews of users and non-users of Latitude.

The user studies conducted upon LBSN have matured over time, with more recent studies employing sophisticated LBSN which provide automated real-time location disclosure. These studies provide insight into user perceptions and use of LBSN however issues of control, security or trust have been neglected, although they are becoming increasingly pertinent to both location based services and online social networking technologies. Furthermore there has been no more than a cursory investigation into the implications of using LBSN upon social relationships.

Section 8. Towards a Study Investigating the Social Implications of LBSN on Relationships

Location based social networking is an emerging and evolving technology with current applications still very much in their infancy. Previous works reflect the state of the technology in late 2008, utilizing hypothetical scenario methods or unsophisticated non-real time incarnations of LSBN. While new research has begun to utilize more sophisticated mobile software applications such as Google Latitude, a sober full-length study is absent from the literature. The need for such a study however is escalating as more and more LBSN applications proliferate, with more and more mobile Internet users being aware of the existence of LBSN and/or adopting the technology. What remains to be explored in the area of LBSN are the concepts of control, security and trust, and the effect of these emerging technologies upon social relationships.

In the months between February and May 2010, the number of fully-fledged LBSN applications more than doubled from fifty to over one hundred [89]. This is a substantial increase when one considers that in late 2009 there were about 30 functional LBSN applications, but only about 8 that people would generally say were usable, reliable, or worth using. Today, innovative developers are simply piggybacking on top of the Google platform and offering niche LBSN applications targeted at dating services, adventure sports, hobbyists, expertise and qualifications, and other demographic profiling categories. Table 2 shows a list of over 100 LBSN applications. Although this is not an exhaustive list, one can only imagine the potential for such services, and the unforeseen consequences (positive and negative) that may ensue from their widespread adoption.

TABLE 2. A List of LBSN Applications [89]

8.1. Trust and Technology

Many studies concerning trust and technology focus upon trust in technology. Trust is an important aspect of human interaction, including human interaction with technology, however that interaction is a two way event, and only minimal research has been undertaken to observe the impact of technology upon trust. Two studies have been found which focus upon the effect of technology upon trust.

Vasalou, Hopfensiz and Pitt [90] examined how trust can break down in online interactions. The ways trust can break down can occur from intentional acts but also from unintentional acts or exceptional acts. The paper titled: “In praise of forgiveness: ways for repairing trust breakdowns in one-off online interactions” also proposes methods for fairly assessing the kind of offender to determine whether the offender committed an intentional act that resulted in the trust breakdown or whether the act was unintentional or exceptional.

The second study that looked at the effect of technology on trust was conducted by Piccoli and Ives [17], and explored trust and the unintended effects of behavior control in virtual teams. This study was based upon observations of the conduct of virtual teams. The findings showed that behavior control mechanisms increase vigilance and make instances when individuals perceive team members to have failed to uphold their obligations salient [17].

8.2. Social Theory

Social informatics studies incorporate a social theory into the study of the technology. This research will incorporate the theory of trust and its importance within friendships.

8.2.1. Trust

Trust is defined as the willingness for an individual to be vulnerable where there is the presence of risk and dependence or reliance between the parities [91]. There are two important things to note about this definition of trust. First that trust is not a behavior or choice but a state of mind where the individual is willing to make themselves vulnerable. Second, that trust is not a control mechanism but a substitute for control [92], although the relationship between trust and control is more complex than this [93]. In order to understand trust more fully it is important to understand the bases upon which trust is formed and the dynamic nature of trust.

Trust is formed upon three bases (1) cognitive, (2) emotional or relational and (3) behavioral [94]. The cognitive basis of trust refers to the “evidence of trustworthiness” or “good reason” to trust. It is not that evidence or knowledge amounts to trust but that “when social actors no longer need or want any further evidence or rational reasons for their confidence in the objects' of trust” and are then able to make the cognitive “leap” into trust [94]. The emotional basis of trust refers to the emotional bond between parties which provides the interpersonal platform for trust. Finally, behavioral trust is the behavioral enactment of trust. To illustrate behavioral trust consider two individuals A and B and A trusts B with task X. If B performs task X then the trust that A has in B will be confirmed, therefore there is the behavioral enactment of trust. In the same way acting incongruently can reduce the trust. The behavioral basis of trust feeds also into the fact that trust is a dynamic concept: “ a trustor takes a risk in a trustee that leads to a positive outcome, the trustor's perceptions of the trustee are enhanced. Likewise, perceptions of the trustee will decline when trust leads to unfavorable conclusions” [92].

8.2.2. Trust and Friendship

Trust is a vitally important element of friendship. Trust secures the “stability of social relationships” [4]. Friendships are described as being “based on trust, reciprocity and equality… which is an important source of solidarity and self-esteem” [4]. And trust is described as a timelessly essential factor of friendships: “the importance of mutual commitment, loyalty and trust between friends will increase and may become an essential element of modern friendship regardless of other changes, which may be expected as the nature of social communication and contracts is transformed” [4].

Section 9. Conclusion

Online social networking technologies have already transformed the way in which people interact in the virtual space. Generally, younger people are more inclined to interact via features on online social networks than with traditional forms of online communications such as electronic mail. The ability to look up a “friends” location using a location based social network, now grants individuals even greater freedom to interact with one another in an almost omniscient manner. Not only do we now know the ‘who’ (identity) of a person, but we also know the ‘whereabouts’ (location) of a person, and from the profile data available on the online social network we also know something more about one's ‘context.’ If used appropriately these new applications have the potential to strengthen individual relationships and provide an unforeseen level of convenience between “friends”, including partners, siblings, parent-child, employer-employee relationships. However, there is also the danger that these technologies can be misused and threaten fundamental threads that society is built upon, such as trust. This literature review has attempted to establish what previous research has already been conducted in the area of LBSN, and what has yet to be done. Our future work will focus on participant realtime automated LBSN fieldwork, with a view to understanding the impact of LBSN on trust between people, and the broader social implications of this emerging technology upon society.


1. R. Kling, "What is social informatics and why does it matter?", The Information Society, vol. 23, pp. 205-220, 2007.

2. K. Robert, K. Sara, "Internet paradox revisited", Journal of Social Issues, vol. 58, pp. 49-74, 2002.

3. A. Drummond, Teenager missing after Facebook meeting, 14 May 2010.

4. B. Misztal, Trust in Modern Societies - The Serach for the bases of Social Order, Cambridge:Blackwell Publishers, 1998.

5See where your friends are with Google Latitude, February 2009.

6. R. Kling, H. Rosenbaum, "Social informatics in information science: An introduction", Journal of the American Society for Information Science, vol. 49, pp. 1047-1052, 1998.

7. R. Kling, "Social Informatics", Encyclopedia of Library and Information Science, pp. 2656-2661, 2003.

8. R. Kling, "Learning About Information Technologies and Social Change: The Contribution of Social Informatics", The Information Society, vol. 16, pp. 217-232, 2000.

9. R. Kling, "Social Informatics: A New Perspective on Social Research about Information and Communication Technologies", Prometheus, vol. 18, pp. 245-264, 2000.

10. D. Mackenzie, D. Mackenzie, "Introductory Essay: The Social Shaping of Technology" in The Social Shaping of Technology, Philadelphia:Open University Press, pp. 2-27, 1999.

11. S. Russell, R. Williams, K. Sorensen, R. Williams, "Social Shaping of Technology: Frameworks Findings and Implications for Policy With Glossary of Social Shaping Concepts" in Shaping Technology Guiding Policy: Concepts Spaces and Tools, Chetenham:Elgar, pp. 37-131, 2002.

12. R. Williams, D. Edge, "The Social Shaping of Technology", Research Policy, vol. 25, pp. 856-899, 1996.

13. S. Sawyer, K. Eschenfelder, "Social informatics: Perspectives examples and trends", Annual Review of Information Science and Technology, vol. 36, pp. 427-465, 2002.

14. R. Kling, L. Covi, "Electronic journals and legitimate media in the systems of scholarly communication", The Information Society, vol. 11, pp. 261-271, 1995. 

15. W. Orlikowski, "Learning from notes: Organizational issues in GroupWare implementation", The Information Society, vol. 9, pp. 237-250, 1993.

16. B. Kahin, J. Keller, Public Access to the Internet, Cambridge: MIT Press, 1995.

17. G. Piccoli, B. Ives, "Trust and the Unintended Effects of Behavior Control in Virtual Teams", MIS Quarterly, vol. 27, pp. 365-395, 2003.

18. S. Sawyer, A. Tapia, "From Findings to Theories: Institutionalizing Social Informatics", The Information Society, vol. 23, pp. 263-275, 2007.

19. O. K. Ngwenyama, A. S. Lee, "Communication Richness in Electronic Mail: Critical Social Theory and the Contextuality of Meaning", MIS Quarterly, vol. 21, pp. 145-167, 1997.

20. S. Hansen, N. Berente, "Wikipedia Critical Social Theory and the Possibility of Rational Discourse", The Information Society, vol. 25, pp. 38-59, 2009.

21. D. Cecez-Kecmanovic, "Doing critical IS research: the question of methodology" in Qualitative Research in Information Systems: Issues and Trends, Hershey:Idea Group Publishing, pp. 141-163, 2001.

22. D. M. Boyd, "Friendster and publicly articulated social networking" in CHI '04 on Human Factors in Computing Systems, Vienna, Australia:, 2004.

23. S. Counts, K. E. Fisher, "Mobile Social Networking: An Information Grounds Perspective", Proceedings of the 41st Annual Hawaii International Conference on System Sciences, 2008.

24. A. C. Weaver, B. B. Morrison, "Social Networking", Computer, vol. 41, pp. 97-100, 2008.

25. C. Lampe, N. Ellison, C. Steinfield, "A face(book) in the crowd: social Searching vs. social browsing", Proceedings of the 2006 20th Anniversary Conference on Computer Supported Cooperative Work, 2006.

26. C. Lampe, N. B. Ellison, C. Steinfield, "Changes in use and perception of facebook", Proceedings of the ACM 2008 conference on Computer supported cooperative work, 2008.

27. A. N. Joinson, Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems, 2008.

28. J. T. Hancock, C. L. Toma, "I know something you don't: the use of asymmetric personal information for interpersonal advantage", Proceedings of the ACM 2008 conference on Computer supported cooperative work, 2008.

29. Y.-Y. Ahn, S. Han, Proceedings of the 16th international conference on World Wide Web, 2007.

30. C. N. Chapman, M. Lahav, "International ethnographic observation of social networking sites" in CHI '08 extended abstracts on Human factors in computing systems, Florence, Italy:, 2008.

31. R. Arjan, U. Pfeil, P. Zaphiris, "Age differences in online social networking", Conference on Human Factors in Computing Systems, 2008.

32. J. Schrammel, C. Kaffel, Tscheligi, "How much do you tell?: information disclosure behavior indifferent types of online communities", Proceedings of the fourth international conference on Communities and technologies, 2009.

33. J. DiMicco, D. R. Millen, "Motivations for social networking at work", Proceedings of the ACM 2008 conference on Computer supported cooperative work, 2008.

34. M. M. Skeels, J. Grudin, "When social networks cross boundaries: a case study of workplace use of facebook and linkedin", Proceedings of the ACM 2009 international conference on Supporting group work, 2009.

35. I. Liccardi, A. Ounnas, "The role of social networks in students' learning experiences" in Working group reports on ITiCSE on Innovation and technology in computer science education, Dundee, Scotland:, 2007.

36. S. Bystein, J. Rose, "The Role of Social Networking Services in eParticipation", Proceedings of the 1st International Conference on Electronic Participation, 2009.

37. R. M. Beth, M. C. John, "wConnect: a facebook-based developmental learning community to support women in information technology", Proceedings of the fourth international conference on Communities and technologies, 2009.

38. J. Donath, D. Boyd, "Public displays of connection", BT Technology Journal, vol. 22, pp. 71-82, 2004.

39. D. Boyd, "Reflections on Friendster Trust and Intimacy", Ubiquitous Computing Workshop application for the Intimate Ubiquitous Computing Workshop, 2003.

40. C. Dwyer, "Digital Relationships in the “MySpace” Generation: Results From a Qualitative Study", Proceedings of the 40th Annual Hawaii International Conference on System Sciences, 2007.

41. H. Chun, H. Kwak, "Comparison of online social relations in volume vs interaction: a case study of cyworld", Proceedings of the 8th ACM SIGCOMM conference on Internet measurement, 2008.

42. N. Ellison, C. Steinfield, C. Lampe, "The Benefits of Facebook “Friends:” Social Capital and College Students Use of Online Social Network Sites", Journal of Computer-Mediated Communication, vol. 12, pp. 1143-1168, 2007.

43. K. Subrahmanyam, P. Greenfield, "Online communication and adolescent relationships", The Future of Children, vol. 18, pp. 119-128, 2008.

44. R. Gross, A. Acquisti, "Information Revelation and Privacy in Online Social Networks", Workshop on Privacy in Electronic Society, 2005.

45. J. Snyder, D. Carpenter, " - A Social Networking Site and Social Contract Theory ", Information Systems Education Journal, vol. 5, pp. 3-11, 2007.

46. C. Dwyer, S. Hiltz, Passerini, "Trust and privacy concern within social networking sites: A comparison of Facebook and MySpace", Proceedings of the Thirteenth Americas Conference on Information Systems (AMCIS), 2007.

47. D. Rosenblum, "What Anyone Can Know: The Privacy Risks of Social Networking Sites", IEEE Security & Privacy, vol. 5, pp. 40-49, 2007.

48. M. Mohammad, C. O. Paul, "Privacy-enhanced sharing of personal content on the web", Proceeding of the 17th international conference on World Wide Web, 2008.

49. S. Katherine, L. H. Richter, "Strategies and struggles with privacy in an online social networking community", Proceedings of the 22nd British HCI Group Annual Conference on HCI 2008: People and Computers XXII: Culture Creativity Interaction, vol. 1, 2008.

50. A. Levin, M. Foster, The Next Digital Divide: Online Social Network Privacy, 2008.

51. J. Golbeck, U. Kuter, "The Ripple Effect: Change in Trust and Its Impact Over a Social Network", Computing with Social Trust, pp. 169-181, 2009.

52. C. James, L. Ling, "Socialtrust: tamper-resilient trust establishment in online communities", Proceedings of the 8th ACM/IEEE-CS joint conference on Digital libraries, 2008.

53. S. Gambi, W. Reader, "The Development of Trust in Close Friendships Formed within Social Network Sites", Proceedings of the WebSci'09: Society On-Line, 2009.

54. L. Bilge, T. Strufe, Balzarotti, Kirda, "All your contacts are belong to us: automated identity theft attacks on social networks", Proceedings of the 18th international conference on World wide web, 2009.

 55. G. Kaupins, R. Minch, "Legal and ethical implications of employee location monitoring", International Journal of Technology and Human Interaction, vol. 2, pp. 16-20, 2006.

56. G. D. Smith, "Private eyes are watching you: with the implementation of the E-911 mandate who will watch every move you make? (Telecommunications Act of 1996: Ten Years Later Symposium)", Federal Communications Law Journal, vol. 58, pp. 705-721, 2006.

57. E. Troshynski, C. Lee, Dourish, "Accountabilities of presence: reframing location-based systems", Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems, 2008.

58. C. Strawn, "Expanding The Potential for GPS Evidence Acquisition", Small Scale Digital Device Forensics Journal, vol. 3, pp. 1-12, 2009.

59. Y. Xiao, B. Shen, "Security and Privacy in RFID and application in telemedicine", IEEE Communications Magazine, vol. 44, pp. 64-72, 2006.

60. A. Masters, K. Michael, "Lend me your arms: The use and implications of humancentric RFID", Electronic Commerce Research Applications, vol. 6, pp. 29-39, 2007.

61. B. Brown, A. Taylor, "Locating Family Values: A Field Trial of the {Whereabouts} Clock", UbiComp 2007, 2007.

62. L.-D. Chou, N.-H. Lai, Y.-W. Chen, Y.-J. Chang, L.-F. Huang, W.-L. Chiang, H.-Y. Chiu, J.-Y. Yang, "Management of mobile social network services for families with Developmental Delay Children", 10th International Conference on e-health Networking Applications and Services: HealthCom 2008, 2008.

63. D. J. Glasser, K. W. Goodman, "Chips tags and scanners: Ethical challenges for radio frequency identification", Ethics and Information Technology, vol. 9, pp. 101-109, 2007.

64. L. Nan, C. Guanling, "Analysis of a Location-Based Social Network", International Conference on Computational Science and Engineering, 2009.

65. X. Page, A. Kobsa, "The Circles of Latitude: Adoption and Usage of Location Tracking in Online Social Networking", International Conference on Computational Science and Engineering, 2009.

66. M. G. Michael, S. J. Fusco, K. Michael, "A Research Note on Ethics in the Emerging Age of überveillance", Computer Communications, vol. 31, pp. 1192-1199, 2008.

67. L. Perusco, K. Michael, "Humancentric applications of precise location based services", International Conference on eBusiness Engineering, 2005.

68. J. Weckert, "Trust and monitoring in the workplace", IEEE Symposium on Technology and Society, 2000.

69. G. Borriello, "RFID: tagging the world", Communications of the ACM, vol. 48, pp. 34-37, 2005.

70. J. E. Dobson, P. F. Fisher, "Geoslavery", IEEE Technology and Society Magazine, vol. 22, pp. 47-52, 2003.

71. P. Joore, "Social aspects of location-monitoring systems: the case of Guide Me and of My-SOS", Social Science Information, vol. 47, pp. 253-274, 2008.

72. J. E. Dobson, P. F. Fisher, "The Panopticon's Changing Geography", The Geographical Review, vol. 97, pp. 307-323, 2007.

73. E. M. Dowdell, "You are here! Mapping the boundaries of the Fourth Amendment with GPS technology", Rutgers Computer and Technology Law Journal, vol. 32, pp. 109-131, 2005.

74. V. Lockton, R. Rosenberg, "RFID: The Next Serious Threat to Privacy", Ethics and Information Technology, vol. 7, pp. 221-231, 2005.

75. S. L. Garfinkel, A. Juels, "RFID Privacy: An Overview of Problems and Proposed Solutions", IEEE Security and Privacy, pp. 34-43, 2005.

76. M. Gadzheva, "Privacy concerns pertaining to location-based services", International Journal of Intercultural Information Management, vol. 1, pp. 49, 2007.

77. J. L. Wang, M. Loui, "Privacy and ethical issues in location-based tracking systems", Proceedings of the IEEE Symposium on Technology and Society, 2009.

78. L. Barkhuus, A. Dey, "Location-Based Services for Mobile Telephony: a study of user's privacy concerns", Proceedings of the INTERACT 9th IFIP TC13 International Conference on Human-Computer Interaction, 2003.

79. A. Aloudat, K. Michael, R. Abbas, "Location-Based Services for Emergency Management: A Multi-Stakeholder Perspective", Eighth International Conference on Mobile Business (ICMB 2009), 2009.

80. S. A. Grandhi, Q. Jones, Karam, "Sharing the big apple: a survey study of people place and locatability" in presented at CHI '05 extended abstracts on Human factors in computing systems, Portland, OR:, 2005.

81. S. J. Fusco, K. Michael, M. G. Michael, R. Abbas, "Exploring the Social Implications of Location Based Social Networking: An inquiry into the perceived positive and negative impacts of using LBSN between friends", International Conference on Mobile Business, 2010.

82. L. Barkhuus, "Privacy in Location-Based Services Concern vs. Coolness", HCI 2004 workshop: Location System Privacy and Control, 2004.

83. S. Patil, J. Lai, "Who gets to know what when: configuring privacy permissions in an awareness application", Proceedings of the SIGCHI conference on Human factors in computing systems, 2005.

84. S. Consolvo, I. E. Smith, "Location disclosure to social relations: why when & what people want to share", Proceedings of the SIGCHI conference on Human factors in computing systems, 2005.

85. L. Humphreys, "Mobile Social Networks and Social Practice: A Case Study of Dodgeball", Journal of Computer-Mediated Communication, vol. 13, pp. 341-360, 2008.

86. L. Barkhuus, B. Brown, "From awareness to repartee: sharing location within social groups", Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems, 2008.

87. J. Y. Tsai, P. Kelley, "Who's viewed you?: the impact of feedback in a mobile location-sharing application", Proceedings of the 27th international conference on Human factors in computing systems, 2009.

88. S. Vihavainen, A. Oulasvirta, "I can't lie anymore!”: The implications of location automation for mobile social applications", 6th Annual International Mobile and Ubiquitous Systems: Networking & Services, 2009.

89. C. Schapsis, Location Based Social Networks Links: A list of Location Based Social Networks, 2010.

90. A. Vasalou, A. Hopfensitz, J. Pitt, "In praise of forgiveness: Ways for repairing trust breakdowns in one-off online interactions", International Journal of Human-Computer Studies, vol. 66, pp. 466-480, 2008.

91. D. Rousseau, S. Sitkin, "Not So Different After All: A Cross-Discipline View of Trust", Academy of Management Review, vol. 22, pp. 393-404, 1998.

92. R. C. Mayer, J. H. Davis, "An Integrative Model of Organizational Trust", Academy of Management Review, vol. 20, pp. 709-734, 1995.

93. K. Bijlsma-Frankema, A. C. Costa, "Understanding the Trust-Control Nexus", International Sociology, vol. 20, pp. 259-282, 2005.

94. J. D. Lewis, A. Weigert, "Trust as a Social Reality", Social Forces, vol. 63, pp. 967-985, 1985.


The authors would like to acknowledge the funding support of the Australian Research Council (Discovery grant DP0881191): “Toward the Regulation of the Location-Based Services Industry: Influencing Australian Government Telecommunications Policy”.


Informatics, Social network services, Space technology, Privacy, Communications technology, Information systems, Social implications of technology, Context, Surveillance, Smart phones, social networking (online), data privacy, mobile computing, social aspects of automation, information and communication technology design, social informatics, location-based social networking, mobile application, classification model, location based service, online social networking, trust, friendship, privacy, social life

Citation:  Sarah Jean Fusco, Katina Michael and M. G. Michael, "Using a social informatics framework to study the effects of location-based social networking on relationships between people: A review of literature",  2010 IEEE International Symposium on Technology and Society (ISTAS), 7-9 June 2010, Wollongong, Australia, DOI: 10.1109/ISTAS.2010.5514641



The legal, social and ethical controversy of DNA samples in forensic science

The legal, social and ethical controversy of the collection and storage of fingerprint profiles and DNA samples in forensic science


The collection and storage of fingerprint profiles and DNA samples in the field of forensic science for nonviolent crimes is highly controversial. While biometric techniques such as fingerprinting have been used in law enforcement since the early 1900s, DNA presents a more invasive and contentious technique as most sampling is of an intimate nature (e.g. buccal swab). A fingerprint is a pattern residing on the surface of the skin while a DNA sample needs to be extracted in the vast majority of cases (e.g. at times extraction even implying the breaking of the skin). This paper aims to balance the need to collect DNA samples where direct evidence is lacking in violent crimes, versus the systematic collection of DNA from citizens who have committed acts such as petty crimes. The legal, ethical and social issues surrounding the proliferation of DNA collection and storage are explored, with a view to outlining the threats that such a regime may pose to citizens in the not-to-distant future, especially persons belonging to ethnic minority groups.

SECTION 1. Introduction

The aim of this paper is to apply the science, technology and society (STS) studies approach which combines history, social study and philosophy of science to the legal history of DNA sampling and profiling in the United Kingdom since the first forensic use of DNA in a criminal court case in 1988. The paper begins by defining the application of biometrics to the field of criminal law, in particular the use of fingerprint and DNA identification techniques. It then presents the differences between fingerprints and DNA evidence and focuses on distinguishing between DNA profiles and samples, and DNA databanks and databases. Finally the paper presents the legal, ethical and social concerns of the proliferation of DNA collection and storage in particular jurisdictions prior to 2010 (e.g. United Kingdom). The paper points to the pressing need for the review of the Police and Criminal Evidence Act 1984, and to the procedures for DNA collection and storage in the U.K.'s National DNA Database (NDNAD) which was established in 1995. Some examples are provided of the state of play in the United States as well.

SECTION 2. Conceptual Framework

It is of no surprise that in recent years there has been a convergence between science and technology studies (STS) and law and society (L&S) studies. Some commentators, like this author believe that there is a need to define a new theoretical framework that amalgamates these increasingly converging areas. Lynch et al. [6], [p.14] write: “[w]hen law turns to science or science turns to law, we have the opportunity to examine how these two powerful systems work out their differences.” This convergence has its roots planted in legal disputes in the fields of health, safety and environmental regulation. For instance, advances in technology have challenged ones right to live or die. New innovations have the capacity to draw out traditional distinctions of regulations or they can challenge and even evade them.

In this paper we study the “DNA controversy” using the conceptual framework that can be found in Figure 1 which depicts the role of major stakeholders in the debate. In the early 1990s the “DNA Wars” [6] focused on two major problems with respect to the techno-legal accountability of DNA evidence in a court of law. The first had to do with the potential for error in the forensic laboratory, and the second had to do with the combination of genetic and statistical datasets. And it did not just have to do with legal and administrative matters, but issues that were both technical and scientific in nature. The key players included expert lawyers, scientists who actively participated in legal challenges and public policy debates, and the media who investigated and reported the controversy [6]. To put an end to the controversy would require the coming together of law, science and the public in a head-on confrontation. And that is indeed what occurred. By the late 1990s DNA had become an acceptable method of suspect identification and a great number of onlookers prematurely rushed to declare a closure to the controversy although as commentators have stated there was no moment of truth or definitive judgment that put an end to the controversy. What many did not recognize at the time however, is that the DNA controversy would return, in places like the United Kingdom, bigger and with more intensity than ever before.

Figure 1. The core set diagram: studying the DNA controversy

It is with great interest to read that closure in the DNA controversy was really visible when the NDNAD and some of the legislation and policy surrounding it facilitated talks between nations in Europe with respect to harmonization. According to Lynch et al. [6], [p.229]:

“[e]fforts were made to “harmonize” DNA profile and database standards in Europe, and other international efforts were made to coordinate forensic methods in order to track suspected “mobile” criminals and terrorists across national borders. These international efforts to implement and standardize DNA profiling contributed to closure in particular localities by demonstrating that the technique was widely used and had become a fixture of many criminal justice systems.”

While closure it may have signified to those working within an STS and L&S approach, harmonization was certainly not reached. Far from it, the U.K. who had been responsible for initial harmonization efforts, later, lost its way. What made onlookers believe that closure had fully occurred were the technical, legal and administrative fixes that had taken place. But closure in this instance did not mean the complete end to the controversy-no-what was coming was much greater disquiet in the U. K, and this period was named ‘post-closure’ by the STS and L&S commentators. Postclosure signals a period of time after closure is established, when the possibilities for issues that were once closed are reopened. In the case of the NDNAD in the U.K. it was not old issues that were reopened during postclosure, but new issues that were introduced due to so-called legal fixes. These legal fixes had social implications, so it was not until the public and the media and non-government organizations alongside self-interest groups were satisfied that change would be imminent, that postclosure seemed a real possibility. The threat to the post-closure of the DNA controversy however, is the burgeoning demand for DNA samples in fields such as epidemiology research and the recent commercialization of DNA sample collection and storage for every day citizens (e.g. DNA home kits selling for less than $100US dollars). DNA is no longer seen as just useful for forensic science or health, and this is placing incredible pressure on the advanced identification technique which is increasingly becoming commoditized.

SECTION 3. Background: What is Biometrics?

As defined by the Association for Biometrics (AFB) a biometric is “ … a measurable, unique physical characteristic or personal trait to recognize the identity, or verify the claimed identity, of an enrollee.” The physical characteristics that can be used for identification include: facial features, full face and profile, fingerprints, palmprints, footprints, hand geometry, ear (pinna) shape, retinal blood vessels, striation of the iris, surface blood vessels (e.g., in the wrist), and electrocardiac waveforms [1]. Other examples of biometric types include DNA (deoxyribonucleic acid), odor, skin reflectance, thermogram, gait, keystroke, and lip motion. Biometrics have seven characteristics: they are universal in that every person should possess that given characteristic; they are unique in that no two persons should have the same pattern; they are permanent in that they do not change over time; they are collectable and quantifiable; there is performance in that the measure is accurate, it is acceptable to users; and circumventing, meaning that the system of identification theoretically cannot be duped [2]. The two most popular methods of identification today in criminal law, when direct evidence is lacking such as a first hand eyewitness account, are fingerprinting and DNA.

SECTION 4. What is Fingerprinting?

Fingerprints are classified upon a number of fingerprint characteristics or unique pattern types, which include arches, loops and whorls [3], [p.228]. If one inspects the epidermis layer of the fingertips closely, one can see that it is made up of ridge and valley structures forming a unique geometric pattern. The ridge endings are given a special name called minutiae. Identifying an individual using the relative position of minutiae and the number of ridges between minutiae is the traditional algorithm used to compare pattern matches. As fingerprints do not change from birth until death unless they are accidentally or deliberately deformed, it is argued that they can provide an absolute proof of identity. The science of fingerprint identification is called dactyloscopy [4], [p.4].

4.1. Fingerprinting as Applied to Criminal Law

Fingerprints left behind at the scene of a crime (SOC) can be used to collect physical evidence for the purposes of human identification. They have the capacity to link a person (e.g. a suspect) to a particular location at a given time. This can happen in one of two ways: (i) the suspect's fingerprints are taken and cross-matched with those fingerprints found at the scene of a crime; or (ii) a successful match is found using computer technology to compare the fingerprints found at the scene of a crime with a database of previous offenders. It should be noted that fingerprinting in criminal law is not new. Manual standards, for instance, existed since the 1920s when the Federal Bureau of Investigation (FBI) in the U.S. started processing fingerprint cards. These standards ensured completeness, quality and permanency.

By the early 1970s due to progress in computer processing power and storage, and the rise of new more sophisticated software applications, law enforcement began to use automatic machines to classify, store, and retrieve fingerprint data. The FBI led the way by introducing the Integrated Automated Fingerprint Identification Systems (IAFIS) that could scan a fingerprint image and convert the minutiae to digital information and compare it to thousands of other fingerprints [5], [p.4ll]. Today, very large computer databases containing millions of fingerprints of persons who have been arrested are used to make comparisons with prints obtained from new crime scenes. These comparisons can literally take seconds or minutes depending on the depth of the search required. Sometimes successful matches can be made, other times the fingerprints cannot be matched. When fingerprints cannot be matched it is inferred that a new offender has committed a crime. These ‘new’ prints are still stored on the database as a means to trace back crimes committed by a person committing a second offence and who is apprehended by direct evidence, thus creating a trail of criminal events linked back to the same individual with the potential to solve multiple crimes. Commonly a list of prints that come closest to matching that print found at the scene of a crime are returned for further examination by an expert who then deems which single print is the closest match. In recent years background checks are even conducted on individuals using fingerprints, as a means to gain employment such as in early childhood [4], [p.5], or during the process of adoption or other security clearance requirements.

SECTION 5. What is DNA?

DNA fingerprinting, DNA (geno)typing, DNA profiling, identity testing and identification analysis, all denote the ability to characterize one or more rare features of an individual's genome, that is, their hereditary makeup. DNA contains the blueprints that are responsible for our cells, tissues, organs, and body [4], [p.8]. In short it can be likened to “God's signature” [6], [p.259]. Every single human has a unique composition, save for identical twins who share the same genotype but have subtly different phenotypes. When DNA samples are taken from blood cells, saliva or hair bulb specimens of the same person, the structure of the DNA remains the same. Thus only one sample is required as the basis for DNA profiling, and it can come from any tissue of the body [7], [P.L]. DNA fingerprinting was discovered in 1985 by English geneticist Dr Alec Jeffreys. He found that certain regions of DNA contained sequences that repeated themselves over and over again, one after the other and that different individuals had a different number of repeated sections. He developed a technique to examine the length variation of these DNA repeat sequences, thus creating the ability to perform identification tests [8], pp.2FJ.

The smallest building block of DNA is known as the nucleotide. Each nucleotide contains a deoxyribose, a phosphate group and a base. When we are analyzing DNA structures it is the sequence of bases that is important for the purposes of identification [9], [p.ll]. There are four bases through which a genetic code is described. These are: Adenine (A), Thymine (T), Guanine (G) and Cytosine (C). When trying to understand DNA sequences as they might appear in written form, consider that ‘A’ only binds with ‘T’, and ‘G’ only binds with ‘C’ (see figure 2 comparing row one and two). These base pairs are repeated millions of times in every cell and it is their order of sequence that determines the characteristics of each person. It is repetitive DNA sequences that are utilized in DNA profiling [10], [p.2].

Figure 2.  A typical DNA sequence

Figure 2. A typical DNA sequence

For example, in Figure 2 the base sequences of the two strands, known as the double helix, is written for a fictitious DNA sample. While the labels “5” and “3” have been included for illustrative purposes a sequence is written plainly as CTTAGCCATAGCCTA. From this sequence we can deduce the second strand given the rules for binding described above. Furthermore, in specific applications of DNA testing various polymorphisms may be considered which denote the type of repeat for a given stretch of DNA. For instance the tetranucleotide repeat is merely a stretch of DNA where a specific four nucleotide motif is repeated [9], [P.L 0].

DNA profiling can be applied to a broad range of applications including diagnostic medicine, famil y relationship analysis (proof of paternity and inheritance cases), and animal and plant sciences [7], [p.31]. The most high profile use of DNA however is in the area of forensic science, popularized by modern day television series such as CSI Miami and Cold Case. Episodes from the series, such as “Death Pool” [11] and “Dead Air,” [12] allow members of the public to visualize how DNA might be used to gather evidence towards prosecution in a court of law. Although Hollywood is well known for its farcical and inaccurate representations, these episodes still do demonstrate the potential for DNA. DNA profiling illustrates the power to eliminate a suspect with a discrimination power so high that it can be considered a major identification mechanism [13], [P.L]. It is with no doubt that forensic DNA analysis has made a huge impact on criminal justice and the law since its inception in U.K. Courts with the 1988 investigation into the deaths of schoolgirls Lynda Mann in 1983 and Dawn Ashworth in 1986 [14]. Since that time, DNA has been used successfully in criminal law to help prove guilt or innocence [15], in family law to prove parentage, and in immigration law to prove blood relations for cases related to citizenship [4], [p.xiii].

5.1. DNA as Applied to Criminal Law

In forensic DNA analysis today, mitochondrial DNA is used for identification, as nuclear DNA does not possess the right properties toward individual identification [9], [p.5]. According to Koblinsky et al. it is the moderately repetitious DNA that is of interest to forensic analysts [4], [pp.17f]:

“It has been shown that 99.9% of human DNA is the same in every individual. In fact, every individual's DNA has a relatively small number of variations from others. It is that variation of 1 in every 1000 bases that allows us to distinguish one individual from another through forensic genetic testing.”

Similarly in the case of dactyloscopy, an individual's DNA can be left behind at a scene of a crime or on a victim. When natural fibers are transferred through human contact, for example, from a perpetrator to a victim, or natural fibers sometimes microscopic in nature are left behind at a scene of a crime, they can be used for evidentiary purposes. The DNA found in hair for example, can be compared to hair specimens taken from a crime suspect or the DNA profile stored in an existing DNA databank. Synthetic fibers not containing DNA, such as threads from a piece of clothing worn by a perpetrator, can also be used to link a suspect to a crime. When fibers are transferred from one person to another upon physical contact it is known as the Locard exchange principle [4], [p.3].

It is important to note that all physical evidence like DNA should only ever be considered circumstantial evidence. It is evidence that provides only a basis for inference about the claim being made, and can be used in logical reasoning to prove or disprove an assertion. In a criminal case, DNA alone cannot be used to prove someone's guilt or innocence. Rather DNA may be able to point investigators to ‘what happened’, ‘the order of events that took place’, ‘who was involved’, ‘where an event took place’ and ‘how it might have taken place,’ and in that manner the forensic scientist is conducting a reconstruction by means of association (table 1) [16], [P.L]. Thus the job of an investigator is to put all the pieces of the puzzle together and to gather as much information as possible and from as many available sources of evidence including eyewitness accounts, physical evidence and archival records [4], [P.L].

Table 1. A theoretical framework for the discipline of criminalistics [16], [p.2]

As more sophisticated techniques have emerged to analyze DNA samples taken at the scene of a crime, the lesser the mass of DNA that is needed for a correct reading. How much DNA do you need? Well, it all depends on the richness of the sample. For instance, a 2002 US State Police handbook noted that a clump of pulled hair contained enough material for successful RFLP (Restriction Fragment Length Polymorphism) typing. A single hair root provided enough nuclear DNA for PCR STR (polymerase chain reaction short tandem repeat) typing, but not enough for RFLP. And a hair shaft contained sufficient mitochondria for successful mtDNA (mitochondrial DNA) typing, but was inadequate for PCR STR or RFLP typing [16], [p.61]. A blood, saliva, urine, bone, teeth, skin or semen sample could be considered a richer sample than a hair root for extraction purposes, but DNA analysis is all very much dependent on the level of degradation the sample has been exposed to.

Environmental factors can be harmful to DNA that has been collected from a scene of a crime and can lead to issues relating to deterioration, destruction, or contamination of evidence which are all contestable issues a lawyer may have to deal with in a court of law [4], [p.xiii]. For instance, heat, moisture, bacteria, ultraviolet (UV) rays and common chemicals can contribute to the degradation process [9], [p.61]. When a sample undergoes some level of degradation, it is said to have had infringed upon the chain of custody. To get around such problems, experts have proposed bringing the laboratory closer to policing practice. The concept of “lab in a van” or “lab on a chip” (LOC) proposes the use of a mobile laboratory where analysis and interpretation of evidence is even possible at the scene of a crime [6], [p.153]. The advancements in mobile technologies continue to allow for even very tiny biological substances to undergo DNA testing resulting in accurate identification. Even a cigarette butt which has saliva on it containing epithelial cells can be screened for DNA evidence [4], [p.6].

SECTION 6. Comparing DNA and Fingerprinting

To begin with, traditional fingerprinting classification techniques have been around a lot longer than DNA identification, although both fingerprinting and DNA have been part of the human body since the start of time. In its manual form, the Galton-Henry system of fingerprint classification first made its impact on the practices of Scotland Yard in 1901. So whereas fingerprint recognition can happen using manual methods, DNA testing can only happen using laboratory systems, even if analysis now takes the form of a mobile lab on a chip. DNA is also a pervasive and invasive biometric technique. That is DNA is owned by everyone, and DNA actually belongs to the internals of what makes up the body. For a DNA reading, a hair shaft has been detached from the scalp, teeth and skin and bones have to be ‘dismembered’ from the body, blood and urine and saliva is extracted from the body [17], [p.374].

In most states, the police can take non-intimate samples if a person has been arrested for a serious recordable offence, and in other states DNA can be taken for offences such as begging, being drunk and disorderly, and taking part in an illegal demonstration. In the U.K. for instance, DNA does not have to be directly relevant to investigating the offence for which a person is being arrested and they do not have to be charged before the sample is taken. The police are not allowed to take more than one successful sample from the same body part during the course of an investigation. The police can take an intimate sample only with a person's written consent even if they have been arrested. However, there is a burgeoning debate at present about what actually constitutes consent during such a process-is it true consent, or merely compliance or acknowledgment of required police procedures by the individual under arrest.

Fingerprints are different in that while belonging to the body, they are a feature on the surface of the body, and they do not constitute mass. Fingerprints are patterns that appear on the skin, but they are not the fiber we know as skin. Fingerprints also exclude a small portion of the population-those who do not have particular fingers, or hands, or arms, or may have fingers that have been severely deformed due to accidental or deliberate damage. Despite these differences, the claim is made by scientists that forensic DNA testing has emerged as an accurate measure of someone's identification with reliability equal to that of fingerprint recognition [4], [p.5].

6.1. Intimate and Non-Intimate Measures: Other Biometrics Versus DNA Sampling

6.1.1. The United States and Other Biometrics

The notion of “intimacy” is very much linked to literature on DNA, and not of biometrics in general. Although historically there has been some contention that a fingerprint sample is both “intimate” and “private”, the proliferation of fingerprint, handprint, and facial recognition systems now used for government and commercial applications, has rendered this debate somewhat redundant. This is not to say that the storage of personal attributes is not without its own commensurate risks but large-scale applications enforced by such acts as the United States Enhanced Border Security and Visa Entry Reform Act of 2002 mean that fingerprint, hand and facial recognition systems have now become commonplace. In fact, this trend promises to continue through multimodal biometrics, the adoption of several biometrics toward individual authentication. Few travelers, at the time of transit, directly challenge the right of authorities to be taking such personal details, and to be storing them on large databases in the name of national security. However sentiment, at least in North America, was different prior to the September 11 terrorist attacks on the Twin Towers [18].

In 1997 biometrics were touted a type of personal data which was wholly owned by the individual bearer with statutory implications depending on the governing jurisdiction [19]. It followed that a mandatory requirement by a government agency to collect and store fingerprint data may have been in breach of an individual's legitimate right to privacy. In the U.S., court cases on this issue have found consistently that certain biometrics do not violate federal laws like the Fourth Amendment. It seems that the [20]:

“ … real test for constitutionality of biometrics … appears to be based on the degree of physical intrusiveness of the biometric procedure. Those that do not break the skin are probably not searches, while those that do are”.

In the context of DNA we can almost certainly claim that there is “physical intrusiveness” of a different nature to the collection of surface-level fingerprints (figure 2). In the collection of blood samples we must “break” or “pierce” the skin, in the collection of saliva samples we enter the mouth and touch the inner lining of the mouth with buccal swabs, in the removal of a hair or clump of hair we are “pulling” the hair out of a shaft etc. And it is here, in these examples, where consent and policing powers and authority become of greatest relevance and significance.

Figure 2. Left: finger “prints” on the surface of the skin. right: DNA blood “sample” taken by pricking the skin

6.1.2. Britain and DNA

In the world of DNA, there is a simple classification, followed by most law enforcement agencies that denote samples as either being of an “intimate” nature or “non-intimate” nature. In the British provisions of the original Police and Criminal Evidence Act of 1984 (PACE), section 65 defines intimate samples as: “a sample of blood, semen or any other tissue fluid, urine, saliva or pubic hair, or a swab taken from a person's body orifice” and non-intimate samples as “hair other than pubic hair; a sample taken from a nail or from under a nail; a swab taken from any part of a person's body other than a body orifice” [21], [p.80]. Generally, it must be noted that at times police can take a sample by force but on other occasions they require consent. In Britain, prior to 2001, intimate samples from a person in custody were once only obtainable through the express authority of a police officer at the rank of superintendent and only with the written permission of the person who had been detained (section 62) [21]. Non-intimate samples could be taken from an individual without consent but with permission from a police officer of superintendent rank (section 63). In both instances, there had to be reasonable grounds for suspecting that the person from whom the sample would be taken had been involved in a serious offence [21]. And above reasonable grounds, there had to be, theoreticall y at least, the potential to confirm or disprove the suspect's involvement through obtaining a DNA sample [22], [p.29]. Over time Acts such as the PACE have been watered down leading to controversial strategic choices in law enforcement practices, such as the trend towards growing national DNA databases at a rapid rate.

6.2. Continuity of Evidence

Table 2. Ways to mitigate the effect of DNA evidence

Policing and forensic investigative work, are no different to any other “system” of practice; they require to maintain sophisticated audit trails, even beyond those of corporate organizations, to ensure that a miscarriage of justice does not take place. However, fingerprints are much easier attributes to prove a continuity of evidence than DNA which is much more complex. A fingerprint found at a crime scene, does not undergo the same type of degradation as a DNA sample. Thus it is much easier to claim a fingerprint match in a court of law, than a DNA closeness match. Providing physical evidence in the form of a DNA sample or profile requires the litigator to prove that the sample was handled with the utmost of care throughout the whole chain of custody and followed a particular set of standard procedures for the collection, transportation, and handling of the material. The proof that these procedures were followed can be found in a series of paper trails which track the movements of samples [6], [p.114].

Beyond the actual location of the evidence, a continuity of evidence has to do with how a DNA sample is stored and handled, information related to temperature of the place where the sample was found and the temperature at the place of storage, whether surrounding samples to that being analyzed were contaminated, how samples are identified and qualified using techniques such as barcode labels or tags, how samples were tested and under what conditions, and how frequently samples were accessed and by whom and for what purposes [4], [p.43]. When DNA forensic testing was in its infancy, knowledgeable lawyers would contest the DNA evidence in court by pointing to micro-level practices of particular laboratories that had been tasked with the analytical process. The first time that attention had been focused on the need to standardize procedures and to develop accreditation processes for laboratories and for personnel was in the 1989 case People v Castro 545 N.Y.S.2d 985 (Sup. Ct. 1989). When DNA testing began it was a very unregulated field, with one commentator famously noting that: “clinical laboratories [were required to] meet higher standards to be allowed to diagnose strep throat than forensic labs [were required to] meet to put a defendant on death row” [9], [p.55]. But it must be said, given the advancement in quality procedures, attacks on DNA evidence, rarely focus on the actual standards, and more so focus on whether or not standards were followed appropriately [9], [p.61].

In the event that a defense lawyer attempts to lodge an attack on the DNA evidence being presented in a court of law, they will almost always claim human error with respect to the procedures not being followed in accordance to industry standards. Human error cannot be eradicated from any system, and no matter how small a chance, there is always the possibility that a sample has been wrongly labeled or contaminated with other external agents [9]. Worse still is the potential for a forensic expert to provide erroneous or misleading results, whether by a lack of experience, a miscalculation on statistical probabilities or deliberate perjury. The latter is complex to prove in court. Some have explained away these human errors toward wrongful conviction as a result of undue political pressure placed on lab directors and subsequently analysts for a timely response to a violent crime [16], [p.157]. As Michaelis et al. note [9], [p.69]:

“[i]n far too many cases, the directors of government agencies such as forensic testing laboratories are subjected to pressure from politicians and government officials to produce results that are politically expedient, sometimes at the expense of quality assurance … Laboratory directors are too often pressured to produce results quickly, or to produce results that will lead to a conviction, rather than allowed to take the time required to ensure quality results.”

Thus attacks on DNA evidence can be made by attacking the chain of custody among other strategies shown in Table 2.

SECTION 7. The Difference Between Databases and Databanks

7.1. Of Profiles and Samples

In almost any biometric system, there are four steps that are required towards matching one biometric with another. First, data is acquired from the subject, usually in the form of an image (e.g. fingerprint or iris). Second, the transmission channel which acts as the link between the primary components will transfer the data to the signal processor. Third, the processor takes the raw biometric image and begins the process of coding the biometric by segmentation which results in a feature extraction and a quality score. The matching algorithm attempts to find a record that is identical resulting in a match score. Finally, a decision is made based on the resultant scores, and an acceptance or rejection is determined [23]. At the computer level, a biometric image is translated into a string of bits, that is, a series of one's and zero's. Thus a fingerprint is coded into a numeric value, and these values are compared in the matching algorithm against other existing values. So simply put, the input value is the actual fingerprint image, and the output value is a coded value. This coded value is unique in that it can determine an individual profile.

With respect to the extraction of a DNA sample the process is much more complex, as is its evaluation and interpretation. A DNA sample differs from a fingerprint image. A sample is a piece of the body or something coming forth or out from the body, while in the case of fingerprints, an image is an outward bodily aspect. When a DNA sample undergoes processing, it is also coded into a unique value of As, Ts, Gs and Cs. This value is referred to as a DNA profile. Storing DNA profiles in a computer software program is considered a different practice to storing the actual feature rich DNA sample in a DNA store. Some members of the community have volunteered DNA samples using commercial DNA test kits such as “DNA Exam” by the BioSynthesis Corporation [24]. For example, the DNA Diagnostics Center [25] states that one may:

“ … elect to take advantage of [the] DNA banking service without any additional charge if [one] orders a DNA profile [and that the company] will store a sample of the tested individual's DNA in a safe, secure facility for 15 years-in case the DNA sample is ever needed for additional testing”.

The controversy over storing “samples” by force in the crime arena has to do with the potential for DNA to generate information such as a person's predisposition to disease or other characteristics that a person might consider confidential. It is the application of new algorithms or extraction/evaluation/ interpretation techniques to an existing sample that is of greatest concern to civil liberties advocates. Profiles are usually unique combinations of 16 markers [26], they can only be used to match, and cannot be used toward further fact finding discoveries although some believe that you might be able to draw conclusions from profiles in the future. In a given population, there are several different alleles for any single marker and some of these may appear more frequently than others. The best markers are those with the greatest number of different alleles and an even distribution of allele frequencies [9], [p.19].

7.2. Of Databases and Databanks

Although textbooks would have us believe that there is a clear-cut distinction about what constitutes a database as opposed to a databank, in actual fact the terms are used interchangeably in most generalist computing literature. Most dictionaries for example will define the term database without an entry for databank. A database is a file of information assembled in an orderly manner by a program designed to record and manipulate data and that can be queried using specific criteria. Commercial enterprise grade database products include Oracle and Microsoft Access. The International Standards Organization however, does define a databank as being “a set of data related to a given subject and organized in such a way that it can be consulted by users” [27]. This distinction is still quite subtle but we can extrapolate from these definitions that databases are generic information stores, while databanks are specific to a subject [28].

In the study of DNA with respect to criminal law, the distinction between databases and databanks is a lot more crystallized, although readers are still bound to be confused by some contradictory statements made by some authors. Still, in most cases, a databank is used to investigate crimes and to identify suspects, and a database is used to estimate the rarity of a particular DNA profile in the larger population [9], [p.99]. Databanks contain richer personal information related to samples, even if the identity of the person is unknown. For example, the databank can contain unique profiles of suspects and convicted criminals and content about physical crime stains and records of DNA profiles generated by specific probes at specific loci [10], [p.40]. Databases are much more generic than databanks containing information that is representative of the whole populace or a segment of the populace. For example, a database can contain statistical information relating to the population frequencies of various DNA markers generated from random samples for particular ethnic groups or for the whole population at large. Databanks may contain rich personal data about offenders and cases [16], [pp.157f] but databases only contain minimal information such as the DNA profile, ethnic background and gender of the corresponding individuals.

Table 3. The NDNAD database attributes [30]

The premise of the DNA databank is that DNA profile data of known offenders can be searched in an attempt to solve crimes, known as ‘cold cases’. They are valuable in that they can help investigators string a series of crimes together that would otherwise go unrelated, allowing for the investigator to go across space and time after all other avenues have been exhausted [9, p.99]. With respect to violent crimes, we know that offenders are highly prone to re-offending and we also know that violent crimes often provide rich DNA sample sources such as bones, blood, or semen. Thus DNA left at the scene of a crime can be used to search against a DNA databank in the hope of a “close” match [16], [p.157]. The probative value of the DNA evidence is greater the rarer the DNA profile in the larger population set [9], [p.19].

Different jurisdictions have different standards on the criteria for inclusion into DNA databanks and what attribute information is stored in individual records and who has access. In the United States for instance, different states have different rules, some allowing for DNA databanks to be accessed by law enforcement agencies alone, and others allowing for public officials to have access for purposes outside law enforcement [9], [p.100]. In the U.S. the CODIS (Combined DNA Index System) system was launched in 1998–99 by the FBI. It contains two searchable databases, one with previous offenders and another with DNA profiles gathered from evidence at crime scenes [9], [p.16]. In the case of the U.K., the National DNA Database (NDNAD) of Britain, Wales and Northern Ireland, contains very detailed information for each criminal justice (CJ) record (see table 3) and profiles are searched against each other on a daily basis with close hit results forwarded on to the appropriate police personnel. It is quite ironic that the 1995 NDNAD is a databank but is so large that it is considered a database by most, as is also evident by the fact that the word “database” also appears in the NDNAD acronym [29], [p.2].

SECTION 8. Legal, Ethical and Social Concerns

The collection, storage, and use of DNA samples, profiles and fingerprints raise a number of legal, ethical and social concerns. While some of the concerns for the collection and storage of an individual's fingerprints by the State have dissipated over the last decade, the debate over the storage of DNA samples and profiles rages more than ever before. It was around the turn of the century when a number of social, ethical and legal issues were raised with respect to DNA sampling but councils and institutes through lack of knowledge or expertise could hardly offer anything in terms of a possible solution or way forward to the DNA controversy [31], [p.34]. At the heart of the techno-legal “controversy” is a clash of ideals coming from a collision of disciplines. For many medical practitioners working on topics related to consent or confidentiality, the legal position on DNA is one which acts as a barrier to important medical research. While few would dispute the importance of data protection laws and the ethical reasons behind balancing the right to privacy against other rights and interests, some in the medical field believe that the law has not been able to deal with exceptions where the use of DNA data could be considered proportionate, for instance, in the area of epidemiology. There are those like Iverson who argue that consent requirements could be relaxed for the sake of the common good.

“We are not arguing that epidemiological research should always proceed without consent. But it should be allowed to do so when the privacy interference is proportionate. Regulators and researchers need to improve their ability to recognize these situations. Our data indicate a propensity to over-predict participants' distress and under-predict the problems of using proxies in place of researchers. Rectifying these points would be a big step in the right direction” [32], [p.169].

Thinking in this utilitarian way, the use of DNA evidence for criminal cases, especially violent crimes, is something that most people would agree is a legitimate use of technology and within the confines of the law. The application of DNA to assist in civil cases, again, would seem appropriate where family and state-to-citizen disputes can only be settled by the provision of genetic evidence. Volunteering DNA samples to appropriate organizations and institutions is also something that an individual has the freedom to do, despite the fact that a large portion of the population would not participate in a systematic collection of such personal details. Voluntary donation of a DNA sample usually happens for one of three reasons: (i) to assist practitioners in the field of medical research; (ii) to assist in DNA cross-matching exercises with respect to criminal cases; and (iii) to aid an individual in the potential need they may have of requiring to use their own DNA in future uses with any number of potential possibilities. For as Carole McCartney reminds us:

“[f]orensic DNA technology has multiple uses in the fight against crime, and ongoing research looks to expand its usefulness further in the future. While the typical application of DNA technology in criminal investigations is most often unproblematic, there needs to be continued vigilance over the direction and implications of research and future uses” [33], [p.189].

Table 4. Legal, ethical and social issues related to use of DNA in criminal law

It is in this parallel development that we can see an evolution of sorts occurring with the collection of highly intimate personal information. On the one hand we have the law, on the other hand we have medical discovery, both on parallel trajectories that will have overflow impact effects on one other. For many, the appropriate use of DNA in the medical research field and criminal law field can only have positive benefits for the community at large. There is no denying this to be the case. However, the real risks cannot be overlooked. Supplementary industries can see the application of DNA in a plethora of programs, including the medical insurance of ‘at risk’ claimants to an unforeseen level of precision, measuring an individual's predisposition to a particular behavioral characteristic for employment purposes [34], [p.897], and the ability to tinker with the genes of unborn children to ensure the “right” type of citizens are born into the world. All of these might sound like the stuff of science fiction but they are all areas under current exploration.

For now, we have the ability to identify issues that have quickly escalated in importance in the DNA debate. For this we have several high profile cases in Europe to thank but especially the latest case which was heard in the European Court of Human Rights (ECtHR) on the 4 December 2008, that being S and Marper v. the United Kingdom [35]. This landmark case, against all odds, acted to make the U.K. (and to some extent the rest of the world) stop and think about the course it had taken. For the U.K. this meant a re-evaluation of its path forward via a community consultation process regarding the decade old initiatives of the NDNAD. The main issues that the case brought to the fore, and those of its predecessor cases, can be found in summary in Table 4. The table should be read from left to right, one row at a time. The left column indicates what most authors studying the socio-ethical issues regard as an acceptable use of DNA, and the right column indicates what most authors regard as either debatable or unacceptable use of DNA.

Of greatest concern to most civil libertarians is the issue of proportionality and the potential for a disproportionate number of profiles to be gathered relative to other state practices towards a blanket coverage databank. Blanket coverage databanks can be achieved by sampling a populace, a census approach is not required. Maintaining DNA profiles for some 15–20% of the total population, means you could conduct familial searching on the rest to make associations between persons with a high degree of accuracy [4], [p.274], something that would be possible in the U.K. by 2018 if it maintained the same level of sampling due process. This is not without its dangers, as it promotes adventitious searching and close matches that might not categorically infer someone's guilt or Innocence.

Table 5. Social, ethical and legal issues pertaining to DNA databanks identified by national institute of justice in the united states in 2000 [31, pp. 35f].

In addition, the large databanks are not without their bias. Already police records are filled with the presence of minority groups of particular ethnic origin for instance, which can have an impact on the probability of a close match despite someone's innocence. Being on the database means that there is a chance a result might list you as a suspect based on having a similar DNA profile to someone else. And ultimately, the fact that innocent people would have their profiles stored on the NDNAD would do little in the way of preventing crime, and would lead before too long, to a de facto sampling of all state citizens.

The driving force behind such a campaign could only be achieved by obtaining DNA samples from persons (including innocent people or ‘innocents’), either via some event triggering contact between an individual and the police or via an avenue at birth [10], [p.40]. Police powers have increased since world wide terrorist attacks post 2000 especially, and this has led to a tradeoff with an individual's right to privacy [36], [p.14]. Notions of consenting to provide a DNA sample to law enforcement personnel have been challenged whereby the use of force has been applied. And not consenting to a sample being taken, even if you are innocent has its own implications and can be equally incriminating. So legislative changes have encroached on individual rights; whereby a warrant was once required to take a DNA sample from a suspect's body based on reasonable grounds, today it is questionable if this caveat actually exists.

Beyond the obvious downsides of retaining the DNA profile or sample of innocent people who are in actual fact law abiding citizens, there is the potential for persons to feel aggravated because they have not been let alone to go about their private business. Innocent persons who are treated like criminals may end up losing their trust in law enforcement agencies. This problem is not too small of a social issue, given that there are about 1 million innocent people on the NDNAD in the U.K. And in this context, it is not difficult to see how some individuals or groups of individuals might grow to possess an anti-police or antigovernment sentiment, feeling in some way that they have been wronged or singled out. In some of these ‘mistaken identity’ situations, surely it would have been better to prove someone’ s innocence by using other available evidence such as closed circuit television (CCTV), without the need to take an intimate DNA sample first. Despite these problems, it seems anyone coming under police suspicion in the U.K. will have their DNA taken anyway [33], [p.175].Of a most sensitive nature is the collection of DNA samples for an indefinite period of time [4], [p. 7]. In most countries, samples are taken and DNA profiles are determined and stored in computer databases, and subsequently samples are destroyed. The long-term storage of DNA samples for those who have committed petty crimes and not violent crimes raises the question of motivation for such storage by government authorities [4]. There are critics who believe that the retention of samples is “an unjustifiable infringement on an individual's privacy” [33], [p.189].

There is much that has changed with respect to social, ethical and legal issues since 2000, both in the United States and the United Kingdom since its publication. But the table still provides a historical insight into the growing list of issues that were identified at the turn of the century.

Equally alarming is the storage of samples of innocents and also of those who are minors. Even more disturbing is the storage of samples with which no personal details have been associated. DNA databanks are not different to other databanks kept by the state-they can be lost, they can be accessed by unauthorized persons, and results can be misrepresented either accidentally or deliberately [33], [p.188]. The stakes however are much higher in the case of DNA than in fingerprinting or other application areas because the information contained in a DNA sample or profile is much richer in potential use. All of this raises issues pertaining to how changes in the law affect society, and how ethics might be understood within a human rights context.

SECTION 9. Conclusion

The legal, social and ethical issues surrounding the collection, use and storage of DNA profiles and samples is probably more evident today than at any other time in history. On the one hand we have the necessity to advance technology and to use it in situations in which it is advantageous to the whole community, on the other hand this same technology can impinge on the rights of individuals (if we let it), through sweeping changes to legislation. Whether we are discussing the need for DNA evidence in criminal law, civil law, epidemiological research or other general use, consent should be the core focus of any and every collection instance. Unlimited retention of DNA samples collected from those arrested but not charged is another issue where legislative reforms need to be taken in a number of European jurisdictions, although this trend seems to be gathering momentum now more so outside Europe. Another issue is the redefinition of what constitutes an intimate or non-intimate sample, and here, especially most clearly we have a problem in a plethora of jurisdictions with regards to the watering down of what DNA procedures are considered invasive as opposed to non-invasive with respect to the human body. The bottom line is that we can still convict criminals who have committed serious recordable offences, without needing to take the DNA sample of persons committing petty crimes, despite that statistics allege links between those persons committing serious and petty offences. So long as a profile is in a database, it can be searched, and the problem with this is that so-called ‘matches’ (adventitious in nature) can be as much ‘incorrect’ as they are ‘correct’. And this possibility alone has serious implications for human rights. The time to debate and discuss these matters is now, before the potential for widespread usage of DNA becomes commonplace for general societal applications.

SECTION 10. Afterword

Although members of society should not expect to learn of a black market for DNA profiles just yet, it is merely a matter of time before the proliferation and use of such profiles means they become more attracti ve to members of illicit networks. There is now overwhelming evidence to show that identity theft worldwide is on the rise (although estimates vary depending on the study and state). The systematic manipulation of identification numbers, such as social security numbers, credit card numbers, and even driver's license numbers for misuse is now well documented. Victims of identity theft know too well the pains of having to prove who they are to government agencies and financial institutions, and providing adequate evidence that they should not be held liable for information and monetary transactions they did not commit. Today's type of identity theft has its limitations however-stealing a number is unlike stealing somebody's godly signature. While credit card numbers can be replaced, one's DNA or fingerprints cannot. This resonates with the well-known response of Sir Thomas More to Norfolk in A Man for All Seasons: “you might as well advise a man to change the color of his eyes [another type of biometric]”, knowing all too well that this was impossible. While some have proclaimed the end of the DNA controversy, at least from a quality assurance and scientific standpoint, the real controversy is perhaps just beginning.


The author would like to acknowledge Associate Professor Clive Harfield of the Centre for Transnational Crime Prevention in the Faculty of Law at the University of Wollongong for his mentorship in the areas of U.K. law and policing in 2009. The author also wishes to extend her sincere thanks to Mr Peter Mahy, Partner at Howells LLC and the lawyer who represented S & Marper in front of the Grand Chamber at the European Court of Human Rights, for his willingness to share his knowledge on the NDNAD controversy via a primary interview.


1. J. R. Parks, P. L. Hawkes, "Automated personal identification methods for use with smart cards" in Integrated Circuit Cards Tags and Tokens: new technology and applications, Oxford: BSP Professional Books, pp. 92-135, 1990.

2. A. K. Jain, L. Hong, S. Pankati, R. Bolle, "An identity-authentication system using fingerprints", Proceedings of the IEEE, vol. 85, pp. 1365-1387, 1997.

3. J. Cohen, Automatic Identification and Data Collection Systems, London:McGraw-Hill Book Company, pp. 228, 1994.

4. L. Koblinsky, T. F. Liotti, J. Oeser-Sweat, "DNA: Forensic and Legal Applications" in , New Jersey:Wiley, 2005.

5. P. T. Higgins, "Standards for the electronic submission of fingerprint cards to the FBI", Journal of Forensic Identification, vol. 45, pp. 409-418, 1995.

6. M. Lynch, S. A. Cole, R. McNally, K. Jordan, Truth Machine: the Contentious History of DNA Fingerprinting, Chicago:The University of Chicago Press, 2008.

7. L. T. Kirby, DNA Fingerprinting: An Introduction, New York:Stockton Press, 1990.

8. J. M. Butler, Forensic DNA Typing: Biology Technology and Genetic of STR Markers, Amsterdam:Elsevier Academic Press, pp. 2, 2005.

9. R. C. Michaelis, R. G. Flanders, P. H. Wulff, A Litigator's Guide to DNA: from the Laboratory to the Courtroom, Amsterdam:Elsevier, 2008.

10. C. A. Price, DNA Evidence: How Reliable Is It? An Analysis of Issues Which May Affect the Validity and Reliability of DNA Evidence, Legal Research Foundation, vol. 38, 1994.

11. A. Donahue, E. Devine, S. Hill, "Death Pool (Season 5 Episode 3)", CSI Miami, 2006.

12. J. Haynes, S. Hill, "Dead Air (Season 4 Episode 21)", CSI Miami, 2006.

13. B. Selinger, J. Vernon, B. Selinger, "The Scientific Basis of DNA Technology" in DNA and Criminal Justice, Canberra:, vol. 2, 1989.

14Man jailed in first DNA case wins murder appeal, May 2009, [online] Available: http://uk.reuters.comlarticle/idUKTRE54D3cc20090514?pageNumber=1&virtuaIBrandChannel=O.

15The Innocence Project-Home, 2009, [online] Available:

16. N. Rudin, K. Inman, An Introduction to Forensic DNA Analysis, London:CRC Press, 2002.

17. A. Roberts, N. Taylor, "Privacy and the DNA Database", European Human Rights Law Review, vol. 4, pp. 374, 2005.

18. K. Michael, M. G. Michael, Automatic Identification and Location Based Services: from Bar Codes to Chip Implants:, 2009.

19. R. Van Kralingen, C. Prins, J. Grijpink, Using your body as a key; legal aspects of biometrics, 1997, [online] Available: http://cwis.kub.nll~frw/people/kraling/contentlbiomet.htm.

20. S. O'Connor, "Collected tagged and archived: legal issues in the burgeoning use of biometrics for personal identification", Stanford Technology Law Review, 1998, [online] Available:

21. S. Ireland, "What Authority Should Police Have to Detain Suspects to take Samples?", DNA and Criminal Justice, pp. 80, 1989.

22. I. Feckelton, J. Vernon, B. Selinger, "DNA Profiling: Forensic Science Under the Microscope" in DNA and Criminal Justice, Canberra:, vol. 2, pp. 29, 1989.

23. K. Raina, J. D. Woodward, N. Orlans, J. D. Woodward, N. M. Orlans, P. T. Higgins, "How Biometrics Work", Biometrics, pp. 29, 2002.

24Identity DNA Tests, 2009, [online] Available: http://www.800dnaexam.comlIdentity_dna_tests.aspx.

25Profiling, 2009, [online] Available: http://www.dnacenter.comldna-testing/profiling.html.

26. "Biosciences Federation and The Royal Society of Chemistry", Forensic Use of Bioinformation: A response from the Biosciences Federation and the Royal Society of Chemistry to the Nuffield Council on Bioethics, January 2007, [online] Available:

27. J. C. Nader, "Data bank" in , Prentice Hall's Illustrated Dictionary of Computing, pp. 152, 1998.

28DNA Safeguarding for security and identification, 2009, [online] Available: http://www.dnatesting.comldna-safeguarding/index.php.

29. "The British Academy of Forensic Sciences", response to the Nuffield Bioethics Council Consultation-The Forensic use of bioinformation: ethical issues between November 2006 and January 2007, 2007, [online] Available:

30What happens when someone is arrested?, 2009, [online] Available:

31. "The Future of Forensic DNA Testing: Predictions of the Research and Development Working Group", National Institute of Justice, 2000.

32. A. Iversen, K. Liddell, N. Fear, M. Hotopf, S. Wessely, "Consent confidentiality and the Data Protection Act", British Medical Journal, vol. 332, pp. 169, 2006.

33. C. McCartney, "The DNA Expansion Programme and Criminal Investigation", The British Journal of Criminology, vol. 46, pp. 175-189, 2006.

34. D. Meyerson, "Why Courts Should Not Balance Rights Against the Public Interest", Melbourne University Law Review, vol. 33, pp. 897, 2007.

35. "Grand Chamber I Case of S. and Marper v. The United Kingdom (Applications nos. 30562/04 and 30566/04) Judgment", European Court of Human Rights Strasbourg, December 2008.

36. J. Kearney, P. Gunn, "Meet the Experts-Part III DNA Profiling", pp. 14, 1991.


Law, Legal factors, Fingerprint recognition, DNA, Forensics, Biometrics, Sampling methods, Skin, Sociotechnical systems, History, Controlled Indexing
social sciences, criminal law, ethical aspects, fingerprint identification, forensic science, social issue, fingerprint profile collection, fingerprint profile storage, DNA sample, forensic science, nonviolent crime, biometric technique, buccal swab, legal issue, ethical issue

Citation: Katina Michael, "The legal, social and ethical controversy of the collection and storage of fingerprint profiles and DNA samples in forensic science", 2010 IEEE International Symposium on Technology and Society (ISTAS), 7-9 June 2010, Wollongong, Australia

Toward a State of Überveillance


Überveillance is an emerging concept, and neither its application nor its power have yet fully arrived [38]. For some time, Roger Clarke's [12, p. 498] 1988 dataveillance concept has been prevalent: the “systematic use of personal data systems in the investigation or monitoring of the actions of one or more persons.”

Almost twenty years on, technology has developed so much and the national security context has altered so greatly [52], that there is a pressing need to formulate a new term to convey both the present reality, and the Realpolitik (policy primarily based on power) of our times. However, if it had not been for dataveillance, überveillance could not be. It must be emphasized that dataveillance will always exist - it will provide the scorecard for the engine being used to fulfill überveillance.

Dataveillance to Überveillance

Überveillance takes that which was static or discrete in the dataveillance world, and makes it constant and embedded. Consider überveillance not only automatic and having to do with identification, but also about real-time location tracking and condition monitoring. That is, überveillance connotes the ability to automatically locate and identify - in essence the ability to perform automatic location identification (ALI). Überveillance has to do with the fundamental who (ID), where (location), and when (time) questions in an attempt to derive why (motivation), what (result), and even how (method/plan/thought). Überveillance can be a predictive mechanism for a person's expected behavior, traits, likes, or dislikes; or it can be based on historical fact; or it can be something in between. The inherent problem with überveillance is that facts do not always add up to truth (i.e., as in the case of an exclusive disjunction T + T = F), and predictions based on überveillance are not always correct.

Überveillance is more than closed circuit television feeds, or cross-agency databases linked to national identity cards, or biometrics and ePassports used for international travel. Überveillance is the sum total of all these types of surveillance and the deliberate integration of an individual's personal data for the continuous tracking and monitoring of identity and location in real time. In its ultimate form, überveillance has to do with more than automatic identification technologies that we carry with us. It has to do with under-the-skin technology that is embedded in the body, such as microchip implants; it is that which cuts into the flesh - a charagma (mark) [61]. Think of it as Big Brother on the inside looking out. This charagma is virtually meaningless without the hybrid network architecture that supports its functionality: making the person a walking online node i.e., beyond luggable netbooks, smart phones, and contactless cards. We are referring here to the lowest common denominator, the smallest unit of tracking - presently a tiny chip inside the body of a human being, which could one day work similarly to the black box.

Implants cannot be left behind, cannot be lost, and supposedly cannot be tampered with; they are always on, can link to objects, and make the person seemingly otherworldly. This act of “chipification” is best illustrated by the ever-increasing uses of implant devices for medical prosthesis and for diagnostics [54]. Humancentric implants are giving rise to the Electrophorus [36, p. 313], the bearer of electric technology; an individual entity very different from the sci-fi notion of Cyborg as portrayed in such popular television series as the Six Million Dollar Man (1974–1978). In its current state, the Electrophorus relies on a device being triggered wirelessly when it enters an electromagnetic field; these properties now mean that systems can interact with people within a spatial dimension, unobtrusively [62]. And it is surely not simple coincidence that alongside überveillance we are witnessing the philosophical reawakening (throughout most of the fundamental streams running through our culture) of Nietzsche's Übermensch - the overcoming of the “all-too-human” [25].

Legal and Ethical Issues

In 2005 the European Group on Ethics (EGE) in Science and New Technologies, established by the European Commission (EC), submitted an Opinion on ICT implants in the human body [45]. The thirty-four page document outlines legal and ethical issues having to do with ICT implants, and is based on the European Union Treaty (Article 6) which has to do with the “fundamental rights” of the individual. Fundamental rights have to do with human dignity, the right to the integrity of the person, and the protection of personal data. From the legal perspective the following was ascertained [45, pp. 20–21]:

  • the existence of a recognised serious but uncertain risk, currently applying to the simplest types of ICT implants in the human body, requires application of the precautionary principle. In particular, one should distinguish between active and passive implants, reversible and irreversible implants, and between offline and online implants;
  • the purpose specification principle mandates at least a distinction between medical and non-medical applications. However, medical applications should also be evaluated stringently, partly to prevent them from being invoked as a means to legitimize other types of application;
  • the data minimization principle rules out the lawfulness of ICT implants that are only aimed at identifying patients, if they can be replaced by less invasive and equally secure tools;
  • the proportionality principle rules out the lawfulness of implants such as those that are used, for instance, exclusively to facilitate entrance to public premises;
  • the principle of integrity and inviolability of the body rules out that the data subject's consent is sufficient to allow all kinds of implant to be deployed; and
  • the dignity principle prohibits transformation of the body into an object that can be manipulated and controlled remotely - into a mere source of information.

ICT implants for non-medical purposes violate fundamental legal principles. ICT implants also have numerous ethical issues, including the requirement for: non-instrumentalization, privacy, non-discrimination, informed consent, equity, and the precautionary principle (see also [8], [27], [29]). It should be stated, however, that the EGE, while not recommending ICT implants for non-medical applications because they are fundamentally fraught with legal and ethical issues, did state the following [45, p. 32]:

ICT implants for surveillance in particular threaten human dignity. They could be used by state authorities, individuals and groups to increase their power over others. The implants could be used to locate people (and also to retrieve other kinds of information about them). This might be justified for security reasons (early release for prisoners) or for safety reasons (location of vulnerable children).

However, the EGE insists that such surveillance applications of ICT implants may only be permitted if the legislator considers that there is an urgent and justified necessity in a democratic society (Article 8 of the Human Rights Convention) and there are no less intrusive methods. Nevertheless the EGE does not favor such uses and considers that surveillance applications, under all circumstances, must be specified in legislation. Surveillance procedures in individual cases should be approved and monitored by an independent court.

The same general principles should apply to the use of ICT implants for military purposes. Although this Opinion was certainly useful, we have growing concerns about the development of the information society, the lack of public debate and awareness regarding this emerging technology, and the pressing need for regulation that has not occurred commensurate to developments in this domain.

Herein rests the problem of human rights and striking a “balance” between freedom, security, and justice. First, we contend that it is a fallacy to speak of a balance. In the microchip implant scenario, there will never be a balance, so long as someone else has the potential to control the implant device or the stored data about us that is linked to the device. Second, we are living in a period where chip implants for the purposes of segregation are being discussed seriously by health officials and politicians. We are speaking here of the identification of groups of people in the name of “health management” or “national security.” We will almost certainly witness new, and more fixed forms, of “electronic apartheid.”

Consider the very real case where the “Papua Legislative Council was deliberating a regulation that would see microchips implanted in people living with HIV/AIDS so authorities could monitor their actions” [50]. Similar discussions on “registration” were held regarding asylum seekers and illegal immigrants in the European Union [18]. RFID implants or the “tagging” of populations in Asia (e.g., Singapore) were also considered “the next step” in the containment and eradication of the Severe Acute Respiratory Syndrome (SARS) in 2003 [43]. Apart from disease outbreaks, RFID has also been discussed as a response and recovery device for emergency services personnel dispatched to terrorist disasters [6], and for the identification of victims of natural disasters, such as in the case of the Boxing Day Tsunami [10]. The question remains whether there is a truly legitimate use function of chip implants for the purposes of emergency management as opposed to other applications. Definition plays a critical role in this instance. A similar debate has ensued in the use of the Schengen Information System II in the European Union where differing states have recorded alerts on individuals based on their understanding of a security risk [17].

In June of 2006, legislative analyst Anthony Gad, reported in brief 06-13 for the Legislative Reference Bureau [16], that the:

2005 Wisconsin Act 482, passed by the legislature and signed by Governor Jim Doyle on May 30, 2006, prohibits the required implanting of microchips in humans. It is the first law of its kind in the nation reflecting a proactive attempt to prevent potential abuses of this emergent technology.

A number of states in the United States have passed similar laws [63], despite the fact that at the national level, the U.S. Food and Drug Administration [15] has allowed radio frequency identification implants for medical use in humans. The Wisconsin Act [59] states:

The people of the state of Wisconsin, represented in senate and assembly, do enact as follows: SECTION 1. 146.25 of the statutes is created to read: 146.25 Required implanting of microchip prohibited. (1) No person may require an individual to undergo the implanting of a microchip. (2) Any person who violates sub. (1) may be required to forfeit not more than $10,000. Each day of continued violation constitutes a separate offense.

North Dakota followed Wisconsin's example. Wisconsin Governor Hoeven signed a two sentence bill into state law on April 4, 2007. The bill was criticized by some who said that while it protected citizens from being “injected” with an implant, it did not prevent someone from making them swallow it [51]. And indeed, there are now a number of swallowable capsule technologies for a variety of purposes that have been patented in the U.S. and worldwide. As with a number of other states, California Governor Arnold Schwarzenegger signed bill SB 362 proposed by state Senator Joe Simitian barring “employers and others from forcing people to have a radio frequency identification (RFID) device implanted under their skin” [28], [60]. According to the Californian Office of Privacy Protection [9] this bill

… would prohibit a person from requiring any other individual to undergo the subcutaneous implanting of an identification device. It would allow an aggrieved party to bring an action against a violator for injunctive relief or for the assessment of civil penalties to be determined by the court.

The bill, which went into effect January 1, 2008, did not receive support from the technology industry on the contention that it was “unnecessary.”

Interestingly, however, it is in the United States that most chip implant applications have occurred, despite the calls for caution. The first human-implantable passive RFID microchip (the VeriChipTM) was approved for medical use in October of 2004 by the U.S. Food and Drug Administration. Nine hundred hospitals across the United States have registered the VeriChip's VeriMed system, and now the corporation's focus has moved to “patient enrollment” including people with diabetes, Alzheimer's, and dementia [14]. The VeriMedTM Patient Identification System is used for “rapidly and accurately identifying people who arrive in an emergency room and are unable to communicate” [56].

In February of 2006 [55], reported two of its employees had “glass encapsulated microchips with miniature antennas embedded in their forearms … merely a way of restricting access to vaults that held sensitive data and images for police departments, a layer of security beyond key cards and clearance codes.” Implants may soon be applied to the corrective services sector [44]. In 2002, 27 of 50 American states were using some form of satellite surveillance to monitor parolees. Similar schemes have been used in Sweden since 1994. In the majority of cases, parolees wear wireless wrist or ankle bracelets and carry small boxes containing the vital tracking and positioning technology. The positioning transmitter emits a constant signal that is monitored at a central location [33]. Despite continued claims by researchers that RFID is only used for identification purposes, Health Data Management disclosed that VeriChip (the primary commercial RFID implant patient ID provider) had enhanced its patient wander application by adding the ability to follow the “real-time location of patients, the ability to define containment areas for different classes of patients, and one-touch alerting. The system now also features the ability to track equipment in addition to patients” [19]. A number of these issues have moved the American Medical Association to produce an ethics code for RFID chip implants [4], [41], [47].

Outside the U.S., we find several applications for human-centric RFID. VeriChip's Scott Silverman stated in 2004 that 7000 chip implants had been given to distributors [57]. Today the number of VeriChip implantees worldwide is estimated to be at about 2000. So where did all these chips go? As far back as 2004, a nightclub in Barcelona, Spain [11] and Rotterdam, The Netherlands, known as the Baja Beach Club was offering “its VIP clients the opportunity to have a syringeinjected microchip implanted in their upper arms that not only [gave] them special access to VIP lounges, but also [acted] as a debit account from which they [could] pay for drinks” [39]. Microchips have also been implanted in a number of Mexican officials in the law enforcement sector [57]. “Mexico's top federal prosecutors and investigators began receiving chip implants in their arms … in order to get access to restricted areas inside the attorney general's headquarters.” In this instance, the implant acted as an access control security device despite the documented evidence that RFID is not a secure technology (see Gartner Research report [42]).

Despite the obvious issues related to security, there are a few unsolicited studies that forecast that VeriChip (now under the new corporate name Positive ID) will sell between 1 million and 1.4 million chips by 2020 [64, p. 21]. While these forecasts may seem over inflated to some researchers, one need only consider the very real possibility that some Americans may opt-in to adopting a Class II device that is implantable, life-supporting, or life-sustaining for more affordable and better quality health care (see section C of the Health Care bill titled: National Medical Device Registry [65, pp. 1001–1012]. There is also the real possibility that future pandemic outbreaks even more threatening than the H1N1 influenza, may require all citizens to become implanted for early detection depending on their travel patterns [66].

In the United Kingdom, The Guardian [58], reported that 11-year old Danielle Duval had an active chip (i.e., containing a rechargeable battery) implanted in her. Her mother believes that it is no different from tracking a stolen car, albeit for more important application. Mrs. Duvall is considering implanting her younger daughter age 7 as well but will wait until the child is a bit older, “so that she fully understands what's happening.” In Tokyo the Kyowa Corporation in 2004 manufactured a schoolbag with a GPS device fitted into it, to meet parental concerns about crime, and in 2005 Yokohama City children were involved in a four month RFID bracelet trial using the I-Safety system [53]. In 2007, Trutex, a company in Lancashire England, was seriously considering fitting the school uniforms they manufacture with RFID [31]. What might be next? Will concerned parents force microchip implants on minors?

Recently, decade-old experimental studies on microchip implants in rats have come to light tying the device to tumors [29]. The American Veterinary Medical Association [3] was so concerned that they released the following statement:

The American Veterinary Medical Association (AVMA) is very concerned about recent reports and studies that have linked microchip identification implants, commonly used in dogs and cats, to cancer in dogs and laboratory animals…. In addition, removal of the chip is a more invasive procedure and not without potential complications. It's clear that there is a need for more scientific research into this technology. [emphasis added]

We see here evidence pointing to the notion of “no return” - an admittance that removal of the chip is not easy, and not without complications.

The Norplant System was a levonorgestrel contraceptive insert that over 1 million women in the United States, and over 3.6 million women worldwide had been implanted with through 1996 [2]. The implants were inserted just under the skin of the upper arm in a surgical procedure under local anesthesia and could be removed in a similar fashion. As of 1997, there were 2700 Norplant suits pending in the state and federal courts across the United States alone. Most of the claims had to do with “pain or damage associated with insertion or removal of the implants … [p]laintiffs have contended that they were not adequately warned, however, concerning the degree or severity of these events” [2]. Thus, concerns for the potential for widespread health implications caused by humancentric implants have also been around for some time. In 2003, Covacio provided evidence why implants may impact humans adversely, categorizing these into thermal (i.e., whole/partial rise in body heating), stimulation (i.e., excitation of nerves and muscles), and other effects, most of which are currently unknown [13].

Role of Emerging Technologies

Wireless networks are now commonplace. What is not yet common are formal service level agreements to hand-off transactions between different types of networks. These architectures and protocols are being developed, and it is only a matter of time before existing technologies have the capability to track individuals between indoor and outdoor locations seamlessly, or a new technology is created to do what present-day networks cannot [26]. For instance, a wristwatch device with GPS capabilities to be worn under the skin translucently is one idea that was proposed in 1998. Hengartner and Steenkiste [23] forewarn that “[l]ocation is a sensitive piece of information” and that “releasing it to random entities might pose security and privacy risks.”

There is nowhere to hide in this digital society, and nothing remains private (in due course, perhaps, not even our thoughts). Nanotechnology, the engineering of functional systems at the molecular level, is also set to change the way we perceive surveillance - microscopic bugs (some 50 000 times smaller than the width of the human hair) will be more parasitic than even the most advanced silicon-based auto-ID technologies. In the future we may be wearing hundreds of microscopic implants, each relating to an exomuscle or an exoskeleton, and which have the power to interact with literally millions of objects in the “outside world.” The question is not whether state governments will invest in this technology: they are already making these investments [40]. There is a question whether the next generation will view this technology as super “cool” and convenient and opt-in without comprehending the consequences of their compliance.

The social implications of these über-intrusive technologies will obey few limits and no political borders. They will affect our day-to-day existence and our family and community relations. They will give rise to mental health problems, even more complex forms of paranoia and obsessive compulsive disorder. Many scholars now agree that with the support of modern neuroscience, “the intimate relation between bodily and psychic functions is basic to our personal identity” [45, p. 3]. Religious observances will be affected; for example, in the practice of confession and a particular understanding of absolution from “sin” - people might confess as much as they might want, but the records on the database, the slate, will not be wiped clean. The list of social implications is limited only by our imaginations. The peeping Tom that we carry on the inside will have manifest consequences for that which philosophers and theologians normally term self-consciousness.

Paradoxical Levels of Überveillance

In all of these factors rests the multiple paradoxical levels of überveillance. In the first instance, it will be one of the great blunders of the new political order to think that chip implants (or indeed nanodevices) will provide the last inch of detail required to know where a person is, what they are doing, and what they are thinking. Authentic ambient context will always be lacking, and this could further aggravate potential “puppeteers” of any comprehensive surveillance system. Marcus Wigan captures this critical facet of context when he speaks of “asymmetric information held by third parties.” Second, chip implants will not necessarily make a person smarter or more aware (unless someone can afford chip implants that have that effect), but on the contrary and under the “right” circumstances may make us increasingly unaware and mute. Third, chip implants are not the panacea they are made out to be - they can fail, they can be stolen, they are not tamper-proof, and they may cause harmful effects to the body. They are a foreign object and their primary function is to relate to the outside world not to the body itself (as in the case of pacemakers and cochlear implants). Fourth, chip implants at present do not give a person greater control over her space, but allow for others to control and to decrease the individual's autonomy and as a result decrease interpersonal trust at both societal and state levels. Trust is inexorably linked to both metaphysical and moral freedom. Therefore the naive position routinely heard in the public domain that if you have “nothing to hide, why worry?” misses the point entirely. Fifth, chip implants will create a presently unimaginable digital divide - we are not referring to computer access here, or Internet access, but access to another mode of existence. The “haves” (implantees) and the “have-nots” (non-implantees) will not be on speaking terms; perhaps this suggests a fresh interpretation to the biblical tower of Babel (Gen. 11:9).

In the scenario, where a universal ID is instituted, unless the implant is removed within its prescribed time, the body will adopt the foreign object and tie it to tissue. At this moment, there will be no exit strategy and no contingency plan; it will be a life sentence to upgrades, virus protection mechanisms, and inescapable intrusion. Imagine a working situation where your computer - the one that stores all your personal data - has been hit by a worm, and becomes increasingly inoperable and subject to overflow errors and connectivity problems. Now imagine the same thing happening with an embedded implant. There would be little choice other than to upgrade or to opt out of the networked world altogether.

A decisive step towards überveillance will be a unique and “non-refundable” identification number (ID). The universal drive to provide us all with cradle-to-grave unique lifetime identifiers (ULIs), which will replace our names, is gaining increasing momentum, especially after September 11. Philosophers have have argued that names are the signification of identity and origin; our names possess both sense and reference [24, p. 602f]. Two of the twentieth century's greatest political consciences (one who survived the Stalinist purges and the other the holocaust), Aleksandr Solzhenitsyn and Primo Levi, have warned us of the connection between murderous regimes and the numbering of individuals. It is far easier to extinguish an individual if you are rubbing out a number rather than a life history.

Aleksandr Solzhenitsyn recounts in The Gulag Archipelago (1918–56), (2007, p. 346f):

[Corrective Labor Camps] quite blatantly borrowed from the Nazis a practice which had proved valuable to them - the substitution of a number for the prisoner's name, his “I”, his human individuality, so that the difference between one man and another was a digit more or less in an otherwise identical row of figures … [i]f you remember all this, it may not surprise you to hear that making him wear numbers was the most hurtful and effective way of damaging a prisoner's self-respect.

Primo Levi writes similarly in his own well-known account of the human condition in The Drowned and the Saved (1989, p. 94f):

Altogether different is what must be said about the tattoo [the number], an altogether autochthonous Auschwitzian invention … [t]he operation was not very painful and lasted no more than a minute, but it was traumatic. Its symbolic meaning was clear to everyone: this is an indelible mark, you will never leave here; this is the mark with which slaves are branded and cattle sent to the slaughter, and this is what you have become. You no longer have a name; this is your new name.

And many centuries before both Solzhenitsyn and Levi were to become acknowledged as two of the greatest political consciences of our times, an exile on the isle of Patmos - during the reign of the Emperor Domitian - referred to the abuses of the emperor cult which was practiced in Asia Minor away from the more sophisticated population of Rome [37, pp. 176–196]. He was Saint John the Evangelist, commonly recognized as the author of the Book of Revelation (c. A.D. 95):

16 Also it causes all, both small and great, both rich and poor, both free and slave, to be marked on the right hand or the forehead, 17 so that no one can buy or sell unless he has the mark, that is, the name of the beast or the number of its name. 18 This calls for wisdom: let him who has understanding reckon the number of the beast, for it is a human number, its number is six hundred and sixty-six (Rev 13:16–18) [RSV, 1973].

The technological infrastructures—the software, the middleware, and the hardware for ULIs—are readily available to support a diverse range of humancentric applications, and increasingly those embedded technologies which will eventually support überveillance. Multi-national corporations, particularly those involved in telecommunications, banking, and health are investing millions (expecting literally billions in return) in identifiable technologies that have a tracking capability. At the same time the media, which in some cases may yield more sway with people than government institutions themselves, squanders its influence and is not intelligently challenging the automatic identification (auto-ID) trajectory. As if in chorus, blockbuster productions from Hollywood are playing up all forms of biometrics as not only hip and smart, but also as unavoidable mini-device fashion accessories for the upwardly mobile and attractive. Advertising plays a dominant role in this cultural tech-rap. Advertisers are well aware that the market is literally limitless and demographically accessible at all levels (and more tantalizingly from cradle-to-grave consumers). Our culture, which in previous generations was for the better part the vanguard against most things detrimental to our collective well-being, is dangerously close to bankrupt (it already is idol worshipping) and has progressively become fecund territory for whatever idiocy might take our fancy. Carl Bernstein [7] captured the atmosphere of recent times very well:

We are in the process of creating what deserves to be called the idiot culture. Not an idiot sub-culture, which every society has bubbling beneath the surface and which can provide harmless fun; but the culture itself. For the first time the weird and the stupid and the coarse are becoming our cultural norm, even our cultural ideal.

Despite the technological fixation with which most of the world is engaged, there is a perceptible mood of a collective disquiet that something is not as it should be. In the face of that, this self-deception of “wellness” is not only taking a stronger hold on us, but it is also being rationalized and deconstructed on many levels. We must break free of this dangerous daydream to make out the cracks that have already started to appear on the gold tinted rim of this seeming 21st century utopia. The machine, the new technicized “gulag archipelago” is ever pitiless and without conscience. It can crush bones, break spirits, and rip out hearts without pausing.

The authors of this article are not anti-government; nor are they conspiracy theorists (though we now know better than to rule out all conspiracy theories). Nor do they believe that these dark scenarios are inevitable. But we do believe that we are close to the point of no return. Others believe that point is much closer [1]. It remains for individuals to speak up and argue for, and to demand regulation, as has happened in several states in the United States where Acts have been established to avoid microchipping without an individual's consent, i.e., compulsory electronic tagging of citizens. Our politicians for a number of reasons will not legislate on this issue of their own accord, with some few exceptions. It would involve multifaceted industry and absorb too much of their time, and there is the fear they might be labelled anti-technology or worse still, failing to do all that they can to fight against “terror.” This is one of the components of the modern-day Realpolitik, which in its push for a transparent society is bulldozing ahead without any true sensibility for the richness, fullness, and sensitivity of the undergrowth. As an actively engaged community, as a body of concerned researchers with an ecumenical conscience and voice, we can make a difference by postponing or even avoiding some of the doomsday scenario outlined here.

Finally, the authors would like to underscore three main points. First, nowhere is it suggested in this paper that medical prosthetic or therapeutic devices are not welcome technological innovations. Second, the positions, projections, and beliefs expressed in this summary do not necessarily reflect the positions, projections, and beliefs of the individual contributors to this special section. And third the authors of the papers do embrace all that which is vital and dynamic with technology, but reject its rampant application and diffusion without studied consideration as to the potential effects and consequences.


1. Surveillance Society Clock 23:54 American Civil Liberties Union, Oct. 2007, [online] Available:, accessed.

2. Norplant system contraceptive inserts, Oct. 2007, [online] Available:

3. "Breaking news: Statement on microchipping", American Veterinary Medical Association, Oct. 2007, [online] Available: aa/microchip/breaking_news_070913_pf.asp.

4. B. Bacheldor, "AMA issues Ethics Code for RFID chip implants", RFID J., Oct. 2007, [online] Available: articleprint/3487/-1/1/.

5. E. Ball, K. Bond, Bess Marion v. Eddie Cafka and ECC Enterprises Inc., Oct. 2007, [online] Available: http://www.

6. "Implant chip to identify the dead", BBC News, Jan. 2006, [online] Available: 

7. C. Bernstein, The Guardian, June 1992.

8. P. Burton, K. Stockhausen, The Australian Medical Association's Submission to the Legal and Constitutional's Inquiry into the Privacy Act 1988, Oct. 2007, [online] Available: WEEN-69X6DV/\$file/Privacy_Submission_to_Senate_Committee. doc.

9. California privacy legislation, State of California:Office of Privacy Protection, July 2007, [online] Available:

10. "Thai wave disaster largest forensic challenge in years: Expert", Channel News Asia, Feb. 2005, [online] Available:

11. C. Chase, "VIP Verichip", Baja Beach House- Zona VIP, Oct. 2007, [online] Available: http://

12. R. A. Clarke, "Information technology and dataveillance", Commun. ACM, vol. 31, no. 5, pp. 498-512, 1988.

13. S. Covacio, "Technological problems associated with the subcutaneous microchips for human identification (SMHId)", InSITE-Where Parallels Intersect, pp. 843-853, June 2003.

14. "13 diabetics implanted with VeriMed RFID microchip at Boston diabetes EXPO", Medical News Today, Oct. 2007, [online] Available:

15. "Medical devices; General hospital and personal use devices; classification of implantable radiofrequency transponder system for patient identification and health information", U.S. Food and Drug Administration-Department of Health and Human Services, vol. 69, no. 237, Oct. 2007, [online] Available:

16. A. Gad, "Legislative Brief 06-13: Human Microchip Implantation", Legislative Briefs from the Legislative Reference Bureau, June 2006, [online] Available:

17. E. Guild, D. Bigo, "The Schengen Border System and Enlargement" in Police and Justice Co-operation and the New European Borders, European Monographs, pp. 121-138, 2002.

18. M. Hawthorne, "Refugees meeting hears proposal to register every human in the world", Sydney Morning Herald, July 2003, [online] Available:

19. "VeriChip enhances patient wander app", Health Data Management, Oct. 2007, [online] Available: HDMSearchResultsDetails.cfm?articleId=12361.

20. "VeriChip buys monitoring tech vendor", Health Data Management, July 2005, [online] Available: HDMSearchResultsDetails.cfm?articleId=12458.

21. "Chips keep tabs on babies moms", Health Data Management, Oct. 2005, [online] Available: cfm?articleId=15439.

22. "Baylor uses RFID to track newborns", Health Data Management, July 2007, [online] Available:

23. U. Hengartner, P. Steenkiste, "Access control to people location information", ACM Trans. Information Syst. Security, vol. 8, no. 4, pp. 424-456, 2005.

24. "Names" in Oxford Companion to Philosophy, U.K., Oxford:Oxford Univ. Press, pp. 602f, 1995.

25. "Nietzsche Friedrich" in Oxford Companion to Philosophy, U.K., Oxford:Oxford Univ. Press, pp. 619-623, 1995.

26. "RFID tags equipped with GPS", Navigadget, Oct. 2007, [online] Available:

27. "Me & my RFIDs", IEEE Spectrum, vol. 4, no. 3, pp. 14-25, Mar. 2007.

28. K. C. Jones, "California passes bill to ban forced RFID tagging", InformationWeek, Sept. 2007, [online] Available: shared/printableArticle.jhtml?articleID=201803861.

29. T. Lewan, "Microchips implanted in humans: High-tech helpers or Big Brother's surveillance tools?", The Associated Press, Oct. 2007, [online] Available:

30. T. Lewan, Chip implants linked to animal tumors, Associated Press/, Oct. 2007, [online] Available: html.

31. J. Meikle, "Pupils face tracking bugs in school blazers", The Guardian, Aug. 2007, [online] Available: story/0, 2152979,00.

32. K. Michael, Selected Works of Dr. Katina Michael, Australia, Wollongong:Univ. of Wollongong, Oct. 2007, [online] Available:

33. K. Michael, A. Masters, "Realised applications of positioning technologies in defense intelligence" in Applications of Information Systems to Homeland Security and Defense, IDG Press, pp. 164-192, 2006.

34. K. Michael, A. Masters, "The advancement of positioning technologies in defence intelligence" in Applications of Information Systems to Homeland Security and Defense, IDG Press, pp. 193-214, 2006.

35. K. Michael, M. G. Michael, "Towards chipification: The multifunctional body art of the net generation" in Cultural Attitudes Towards Technology and Communication, Estonia, Tartu:, pp. 622-641, 2006.

36. K. Michael, M. G. Michael, "Homo electricus and the continued speciation of humans" in The Encyclopedia of Information Ethics and Security, IGI Global, pp. 312-318, 2007.

37. M. G. Michael, Ch IX: Imperial cult in The Number of the Beast 666 (Revelation 13:16-18): Background Sources and Interpretation, Macquarie Univ., 1998.

38. M. G. Michael, "Überveillance: 24/7 × 365-People tracking and monitoring", Proc. 29 International Conference of Data Protection and Privacy Commissioners: Privacy Horizons Terra Incognita, 2007-Sept.-25-28, [online] Available:

39. S. Morton, "Barcelona clubbers get chipped", BBC News, Oct. 2007, [online] Available: 

40. D. Ratner, M. A. Ratner, Nanotechnology and Homeland Security: New Weapons for New Wars, U.S.Α., New Jersey:Prentice Hall, 2004.

41. J. H. Reichman, "RFID labeling in humans American Medical Association House of Delegates: Resolution: 6 (A-06)", Reference Committee on Amendments to Constitution and Bylaws, 2006, [online] Available: http://www.

42. M. Reynolds, "Despite the hype microchip implants won't deliver security", Gartner Research, Oct. 2007, [online] Available: DisplayDocument?doc_cd=121944.

43. "Singapore fights SARS with RFID", RFID J., Aug. 2005, [online] Available:

44. "I am not a number - Tracking Australian prisoners with wearable RFID tech", RFID Gazette, Oct. 2007, [online] Available: http://www.

45. S. Rodotà, R. Capurro, "Ethical aspects of ICT implants in the human body", Opinion of the European Group on Ethics in Science and New Technologies to the European Commission N° 20 Adopted on 16/03/2005, Oct. 2007, [online] Available: avis20_en.pdf.

46. "Papua Legislative Council deliberating microchip regulation for people with HIV/AIDS", Radio New Zealand International, Oct. 2007, [online] Available: php?op=read&id=33896.

47. R. M. Sade, "Radio frequency ID devices in humans Report of the Council on Ethical and Judicial Affairs: CEJA Report 5-A-07", Reference Committee on Amendments to Constitution and Bylaws, Oct. 2007, [online] Available: mm/369/ceja_5a07.pdf.

48. B. K. Schuerenberg, "Implantable RFID chip takes root in CIO: Beta tester praises new mobile device though some experts see obstacles to widespread adoption", Health Data Management, Feb. 2005, [online] Available: cfm?articleId=12232.

49. B. K. Schuerenberg, "Patients let RFID get under their skin", Health Data Management, Nov. 2005, [online] Available: http://healthdatamanagement. com/HDMSearchResultsDetails.cfm?articleId=12601.

50. N. D. Somba, "Papua considers 'chipping' people with HIV/ AIDS", The Jakarta Post, Oct. 2007, [online] Available: http://www.thejakartapost. com/yesterdaydetail.asp?fileid=20070724.G04.

51. M. L. Songini, "N.D. bans forced RFID chipping Governor wants a balance between technology privacy", ComputerWorld, Oct. 2007, [online] Available: =viewArticleBasic&taxonomyId=15&articleId=9016385&intsrc=h m_topic.

52. D. M. Snow, National Security For A New Era.: Globalization And Geopolitics, Addison-Wesley, 2005.

53. C. Swedberg, "RFID watches over school kids in Japan", RFID J., Oct. 2007, [online] Available: articleview/2050/1/1/.

54. C. Swedberg, "Alzheimer's care center to carry out VeriChip pilot", RFID J., Oct. 2007, [online] Available: articleview/3340/1/1/.

55. "Chips: High tech aids or tracking tools?", Fairfax Digital: The Age, Oct. 2007, [online] Available: html. 

56. "VeriChip Corporation adds more than 200 hospitals at the American College of Emergency Physicians (ACEP) Conference", VeriChip News Release, 2007-Oct.-11, [online] Available: news/1192106879.

57. W. Weissert, "Microchips implanted in Mexican officials", Associated Press, Oct. 2007, [online] Available:

58. J. Wilson, "Girl to get tracker implant to ease parents' fears", The Guardian, Oct. 2002, [online] Available:,3858,4493297,00. html.

59. Wisconsin Act 482, May 2006, [online] Available: http://www.legis.state.

60. J. Woolfolk, "Back off Boss: Forcible RFID implants outlawed in California", Mercury News, Oct. 2007, [online] Available: http://www.mercurynews. com/portlet/article/html/fragments/print_article.jsp?articleId=7162880.

61. Macquarie Dictionary, Sydney University, pp. 1094, 2009.

62. K. Michael, M. G. Michael, Innovative Automatic Identification and Location-Βased Services: From Bar Codes to Chip Implants, PA, Hershey:IGI Global, pp. 401, 2009

63. A. Griggieri, K. Michael, M. G. Michael, "The legal ramifications of microchipping people in the United States of America- A state legislative comparison", Ρroc. 2009 IEEE Int. Symp. Technology and Society, pp. 1-8, 2009.

64. A. Marburger, J. Coon, K. Fleck, T. Kremer, VeriChip™: Implantable RFID for The Health Industry, June 2005, [online] Available: http://www.

65. 111TH CONGRESS 1ST SESSION H. R. 11 A BILL: To provide affordable quality health care for all Americans and reduce the growth in health care spending and for other purposes, 2010-Apr.-1, [online] Available: http://waysandmeans.

66. Positive ID. 2010. Health-ID, May 2010, [online] Available: health-id.html.

IEEE Keywords: Implants, TV, Data systems, National security, Pressing, Engines, Condition monitoring, Circuits,Feeds, Databases

Citation: M.G. Michael, Katina Michael, Toward a State of Überveillance, IEEE Technology and Society Magazine ( Volume: 29, Issue: 2, Summer 2010 ), pp. 9 - 16, Date of Publication: 01 June 2010, DOI: 10.1109/MTS.2010.937024

RFID-Enabled Inventory Control Optimization


This study examines the impact of radio-frequency identification (RFID) technology on the inventory control practices of a small-to-medium retailer using a proof of concept (PoC) approach. The exploratory study was conducted using a single case study of a hardware retailer stocking 5000 product lines provided by 110 active suppliers. To analyze the present mode of operation, procedural documents, semi-structured interviews and a participant observation was conducted. The basis for the proof of concept was a future mode of operation using a quasi-experimental design. Results indicate that in a small-to-medium retail environment, RFID technology could act as a loss prevention mechanism, an enabler for locating misplaced stock, and make a significant contribution to the overall improvement of the delivery process.

Section I


Radio-frequency identification (RFID), which is defined as a wireless automatic identification and data capture (AIDC) technology [1], is increasingly considered by many scholars as the “missing link” in the supply chain management [2], [3]. For example, the technology could allow the identification of any tagged item in real-time in a given supply chain with minimum human intervention [4] [5] [6] [7]. When integrating into a firm's business processes [5], the RFID technology allows “any tagged entity to become a mobile, intelligent, communicating component of the organization's overall information infrastructure” (p. 88), thus improving supply chain information flow [8], [9] and supply chain efficiency [3]. A basic RFID system is composed of a tag containing a microprocessor, a reader and its antennas, and a computer equipped with a middleware program, in which business rules are configured to automate some decisions [10]. Despite the high potential of the technology as an enabler of the supply chain transformation, the current adoption rate is still fairly low mainly because many technological and business questions are still to be answered. In order to reduce this knowledge gap, this study draws on the current RFID agenda [5] to answer the following questions: What is the impact of RFID on loss prevention? What is the impact of RFID technology on the delivery process in a small-to-medium retailer store? How can RFID help to locate misplaced stock? How may the RFID reading rate be influenced by the physical characteristics of items? More precisely, the objective of this paper is to document the results of a proof of concept (PoC) that examines the impact of RFID on inventory control. The PoC consists of RFID simulations and re-engineered business processes that demonstrate whether the RFID technology can operate within the small-to-medium retail industry and illustrates the anticipated impact of RFID on business operations.

Section 2 presents related works. In section 3, the methodology used in this study, including all simulation of RFID enabled scenarios are presented. Finally, section 4 presents the discussion and conclusion.

Section II

Background and Context of the Study

The current study uses the proof of concept approach to assess the feasibility of RFID technology in a small-to-medium retail store. Most early studies on the feasibility of RFID technology have mostly been conducted using this approach or pilots projects (e.g. [11] [12] [13]). A proof of concept is used to illustrate whether a proposed system or application is likely to operate or function as expected [14]. Using, data from “Wal-Mart RFID-enabled stores” over a period of 29 weeks, the conclusion was reached that RFID-enabled stores were 63% more efficient in replenishing out-of-stocks than stores without RFID, thus leading to a reduction of out-of-stocks by 16% over that 29 week period [12]. In a more recent study, [15] examined data collected over a period of 23 weeks from eight test stores equipped with a new “RFID-based perpetual inventory adjustment tool” and a corresponding set of eight control stores (without RFID), and found that “RFID is making a difference. Understated perpetual inventory inaccuracy declined by about 13% in the test stores, relative to control stores, with no additional labour. Furthermore, manual adjustments declined in the test stores” (p. 55). Finally, the outcome of a study by [11], who used a PoC in a laboratory setting, was that process optimization can be achieved when the RFID technology is integrated in intra- and inter-organizational information systems applications. All these studies have been largely conducted in large firms, but very few of them are concerned with RFID adoption within small-to-medium firms.

Section III


The research study documented in this paper involves a case examining a single small-to-medium retailer. A case study method has been employed as it is ideal for investigating contemporary events and is able to take into account a wide variety of evidence [16]. For this study data have been gathered through the collection of procedural documents, semistructured interviews and a participant observation. This paper presents the data collected from the semistructured interviews conducted with employees of the organization, as well as revealing the business process flows (through flowcharts) of the organization in order to determine whether RFID is a feasible automated data capture technology for small-to-medium retailers. An observational study was also conducted over a period of two weeks in 2007. A daily diary was kept by the participant and this data was analyzed together with full-length transcripts. A single small-to-medium hardware retailer is focused on in this paper in order to analyze and present inventory control practices.

3.1. Research design

As the main objective of the overall study is to improve our understanding of RFID impacts in the context of a small-to-medium retailer, the research design is clearly an exploratory research initiative. A case study method has been conducted as it is ideal for investigating contemporary events and is able to take into account a wide variety of evidence [16].

3.2. Research sites

The organization examined in this study is located on the south coast of New South Wales, approximately 128 kilometers from the centre of Sydney. The company employs ten staff including casuals and is classified as a small-to-medium hardware retailer. The current proprietors have operated the business since 2003. The premises of the retailer measures approximately 2000 square meters, with about 550 square meters of this area making up the internal shop floor. The shop floor is composed of four sheds, each with independent access. There are two small internal offices, one designed to deal with customer purchasing and point-of-sale (POS) transactions while the other is used by managers and bookkeepers for ordering, accounting and other administrative practices. The external perimeter of the organization is surrounded by an eight foot high barbed wire fence.

The retailer currently possesses between 400,000 worth of inventory which is kept on the premises. The inventory held by the organization is estimated to consist of 5000 product lines, which are provided by 110 active suppliers. Products and other inventory are stored or displayed before purchase inside the store or outside within the confines of the premises. Items and stock within the store are positioned based on the type of product as well as the supplier. Most items kept inside the store are also shelved on racks that measure 2.1m in height. The shop floor is divided into five separate areas that include general hardware, timber, gardening, cement and building supplies. Products stored outside are generally unaffected by environmental and weather conditions such as landscaping supplies, cement blocks, treated pine sleepers and sheets of steel reinforcing. Stock is usually delivered to the store packaged at pallet, crate, carton or item level.

The retailer provides many services to its customers primarily through the selling of hardware and other building related supplies. The organization provides a delivery service to its customers if they purchase products that are too large to be transported or products that they wish to be delivered on a certain day. Products are delivered to customers in one of the three vehicles the organization owns. A flat top truck is used for steel deliveries, a tip truck is used for landscaping supplies and a utility vehicle is used for general deliveries. The organization also has a front-end loader that it uses to load landscaping supplies on vehicles. The organization offers accounts for customers that purchase products frequently.

The retailer currently has limited Information Technology (IT) infrastructure and does not utilize a server, as the current operations of the business do not require a large volume storage device. The organization utilizes two desktop computers in their administration office that are primarily used to manage customer accounts through the software package MYOB Premier Version 10. At the end of each month, the organization uses the MYOB software to generate invoices which are sent out to account holding customers, requesting that they pay for the items they have purchased. The organization has another desktop computer which is used by employees to search a program that acts as an index of paint colors provided by different paint suppliers. All computers within the organization are able to access the Internet.

3.3. Data collection

For this study data have been gathered through the collection of procedural documents, semi-structured interviews and a participant observation. This paper presents the data collected from the semi-structured interviews conducted with employees of the organization, as well as revealing the business process flows (through flowcharts) of the organization in order to determine whether RFID is a feasible automated data capture technology for small-to-medium retailers. An observational study was also conducted over a period of two weeks in 2007. A daily diary was kept by the participant and this data was analyzed together with full-length transcripts. A single small-to-medium hardware retailer is focused on in this paper in order to analyze and present inventory control practices.

3.3.1. Interviews-interviewees

Insights into the current inventory control practices at the small-to-medium retailer are based on semi-structured interviews carried out on four employees of the organization. The roles and duties of these employees are documented in Table 1.



As can be seen from Table 1, employees of the organization have minimal job specialization, which reinforces [17] observations of small businesses. The proprietor/manager and proprietor/part-time manager are responsible for the overall running of the business whereas the store manager is specifically responsible for shop maintenance and management. The delivery truck driver is primarily responsible for making outbound deliveries. The store manager and delivery truck driver are answerable to both of the proprietor/managers.

3.3.2. Interview questions and the inventory cycle

Inventory control as defined by [18] involves “coordinating the purchasing, manufacturing and distribution functions to meet marketing needs”. Coordinating these functions requires many discrete activities including ordering stock or materials and shelving or putting it in the correct position so that customers have access to it. In this section, the inventory control process has been broken down so that the inventory practices of the small-to-medium retailer can be explored in greater detail. Figure 1 illustrates the inventory cycle. It should be noted that the inventory flow cycle is focused on the flow of raw materials to their finished state, while this inventory control cycle has been developed based on a retailer that sells finished goods (p. 21) [19].

Figure 1. The Inventory Cycle

Figure 1. The Inventory Cycle


As can be seen in Figure 1, customer demand triggers the ordering or re-ordering of stock. Stock then arrives at the retailer, where it is checked and sorted before being shelved in the correct position. Stock is then purchased by a customer and delivered by the retailer if necessary.

The inventory cycle demonstrated in Figure 1 was considered when developing questions for the semistructured interviews. The majority of the questions asked related to the six different processes that were identified in the inventory control cycle. There were a total of twenty-eight questions included in the original semi-structured interview protocol but additional probing sub-questions were asked where the respondent was able to expand their response due to their knowledge of operations. The questions covered the background of the company case, the role of the employee in the organization, questions related to the current mode of operation to gauge the current inventory control practices and set-up, and more speculative questions regarding the transition of the organization from a manual-based system to barcode and/or RFID. For instance the proprietor was asked:

Can you describe the process that you use to check that orders have been delivered with the correct contents?

  1. Do you keep any sort of record of how much stock you carry, either in physical or electronic form?
  2. How would you describe the theft prevention measures in your workplace?
  3. What triggers your organization to reorder or order stock?
  4. Are there any issues affecting your adoption of automated data capture technology?
  5. Do you think that RFID could be used within your business to improve inventory control?

The interview transcripts were analyzed using a qualitative approach and the findings were presented using a modular narrative style based on the steps in the inventory control cycle. The following sections summarize the findings of the semi-structured interviews.

3.3.3. Participant observation

A participant observation requires the researcher to become a direct participant in the social process being studied by becoming a member of an organization. The participant observation was carried out over a two week period with the intention of recording observations relating to the inventory control practices used within the small-to-medium retailer. This study utilizes an overt participant observation as members of the organization were already aware of the researcher's presence due to interviews being carried out at an earlier date. The overt approach was perceived to have had minimal influence on the behavior of the organization's members as they were informed that the purpose of the study was to examine inventory control practices of the retailer, not their personal behaviors. During the participant observation annotations and issues were documented through the use of a diary. Field notes were recorded during each day, and were formalized at the end of the day.

3.3.4. Procedural documentation

The small-to- medium retailer's procedural documents were used to complement the semi-structured interviews and participant observation. Documentary secondary data, such as an organization's communications, notes, and other policy and procedural documents have been examined.



Official documents, like procedural documents can be treated as unproblematic statements of how things are or were (p. 104) [20]. The procedural documents have been used as evidence to support the determination of the inventory control practices of the small-to-medium retailer. The interviews conducted, participant observation and the collection of procedural documents were combined to develop the business process flows of the organization. A narrative presentation is used to bring together participant observational data and interviewee responses.

3.4. Simulation of RFID-enabled scenarios

Eight simulations have been developed which are aimed at examining different aspects of inventory control and known RFID issues that have been documented in the literature. However, within the scope of this paper, we'll only present and discuss four RFID-enabled scenarios (Table 2): (i) RFID-enabled loss prevention, (ii) RFID-enabled delivery portal, (iii) RFID tag environment simulation and (iv) RFID-enabled locating misplaced stock.

The results of the simulations are documented qualitatively, discussing read rates as well as any other technical issues experienced in the following section.

3.4.1. RFID enabled-loss prevention simulation-method

Exhibit 1. An RFID armed entry/exit

Exhibit 1. An RFID armed entry/exit

A fixed RFID reader with one and then two antennas will be placed above or around the entry/exit of the store with the aim of identifying any tagged item or product that passes through the entry/exit. Items that have been tagged with RFID labels will be moved past the reader in order to determine if the tag is interrogated and identified successfully. The tagged product will be concealed by the participant carrying it so the effect of this can be gauged. Multiple items will also be carried out by the participant to test if the reader identifies multiple tagged items.

In the initial part of this simulation a fixed reader was set up with one antenna which was positioned above the entry/exit, 2.1 metres off the ground.

The antenna was orientated at a 45 degree angle, sloping inwards towards the interior of the store. The participant walked towards the entry/exit with an RFID tagged item held 1.5 meters off the ground. Five different items of stock were used in this simulation, each being RFID tagged in a different configuration. Two of the items had tags wrapped around them so the tag was overlapping itself, one item had its tag wrapped around it but was not overlapping, another item was labelled with a tag that was folded in half and the final item had a tag applied to it in a general flat configuration. The tagged items were passed through the RFID monitored entry/exit individually in plain view of the reader, then concealed under the jumper of the participant and finally all items were passed through the entry/exit simultaneously in a plastic basket.

The results revealed that items which had RFID tags wrapped around them and were overlapping could not be detected by the reader when passed through the entry/exit. It was also found that concealing items had an effect on whether they would read or not with a single concealed product being identified compared to the three tagged items which were identified when they were passed through the entry/exit in plain sight. Table 3 summarises the results of the simulation = read successfully, = not able to be read).

Figure 2. Configuration of the loss prevention portal

Figure 2. Configuration of the loss prevention portal

Once this simulation was carried out another antenna was attached to the fixed reader and a small portal was created to see whether it was more accurate to identify tagged products from side-on than from above. Figure 2 illustrates the configuration of the portal.

The participant once again walked through the doorway with items held 1.5 metres from the ground. The items that had RFID tags wrapped around so they overlapped were still not able to be read in this variation of the simulation, but three tagged items that had been concealed were identified compared to the one item identified in the previous variation. The range of the antennas was also tested with items being passed through the portal held above (1.8 metres from the ground) and below them (30 centimetres from the ground). The three tagged items that were identified initially were also read when they were passed above and below the antennas at the entry/exit to the store.



The results of this simulation revealed that RFID experienced poor to average read rates when implemented for loss prevention. It is perceived that if RFID was applied in the small-to-medium retailer for loss prevention purposes, theft may be reduced but the reliability of the technology could not be guaranteed; unless orientation issues are resolved and read rates are improved.


3.4.2. RFID-enabled delivery portal simulation-method

This simulation involves RFID tagged items being placed on a pallet then onto a delivery vehicle at the loading dock of the hardware store. A portal will be created at the loading dock, equipped with two antennas originating from an RFID reader which will be used to identify the products and stock that are moving in and out of the premises.

Exhibit 2. Tagged RFID products on pallet (top); the flat top truck being reversed into the loading dock (middle); the utility vehicle in the RFID portal (bottom)

Exhibit 2. Tagged RFID products on pallet (top); the flat top truck being reversed into the loading dock (middle); the utility vehicle in the RFID portal (bottom)

To test the RFID delivery portal, a flat top truck is reversed into the loading bay of the organisation. Seven products that are commonly delivered to or by the organisation are RFID tagged, including a wooden pallet which the items are placed on. The truck is reversed in and out of the loading bay on five occasions and the read rates are recorded each time.

Three of the tagged items including a piece of treated pine, a roll of foam joint and the pallet are successfully interrogated on each of the five times the truck is reversed.

A tagged piece of treated pine is also identified on the first and the last time the vehicle is backed into the loading dock.

The other three items on the truck are unable to be identified at all, most likely due to the back tray of the truck, sitting higher than the antenna (all the RFID tagged products on the truck were situated above the antenna).

Another vehicle, a utility that is used by the organisation to deliver products is then employed in the simulation with the same products and pallet being placed in the vehicle's tray. The tray of this vehicle is at a more suitable height for the RFID antennas, as it sits 80 centimetres off the ground. Exhibit 2 demonstrates the RFID portal with the utility vehicle reversed into the loading dock.

The read rates experienced when products were placed on the utility were far superior to those experienced when the flat top truck was employed, with read rates ranging from 71% to 100% of all items and products tagged. Table 4 reveals the read rates of the tagged items and products on the utility vehicle (= read successfully, = not able to be read). This simulation illustrated that if an RFID portal was constructed appropriately by considering the conditions and vehicle used by the small-to-medium retailer it could effectively monitor stock being delivered to the business and stock being delivered to customers of the business.



3.4.3. RFID tag environment simulation-method

This simulation involves trying to identify RFID tagged products of various compositions using the mobile RFID reader. Items composed of wood, metal, plastic, stone and those containing liquids were tagged and attempted to be read. Items left outside and exposed to the elements were also tagged and attempted to be read, along with other items that are stored in dirty manufacturing type environments.

Ten products composed of varying materials were RFID tagged and attempted to be read by the mobile RFID reader. The compositions of the ten items tagged varied greatly with some of them being made or packaged from metal, plastic, cardboard, paper, wood and stone. Some of the items such as the container of nails and the bag of cement were also dusty and dirty. The mobile RFID reader was used to make six attempts to read data from all of the tagged products individually. Table 5 reveals the results of the six attempts for each product (= read successfully, = not able to be read).

Exhibit 3. An RFID tagged treated pine sleeper (top); An RFID tagged pipe (bottom)

Exhibit 3. An RFID tagged treated pine sleeper (top); An RFID tagged pipe (bottom)

As can be seen in Table 5 all items could be read by the mobile reader, but objects made of metal took around 5 or 6 attempts to be read successfully. It should also be noted that dirty and dusty products were interrogated successfully by the reader on every attempt.

In order to further test the effect the environment had on the readability of tags, four items that were regularly kept outside were RFID tagged. These items included a treated pine sleeper, a stone paver, a bale of sugar cane mulch wrapped in plastic and a 6 metre length galvanised pipe (Exhibit 3).



After being tagged with RFID labels these items were left outside for five nights. It rained quite heavily over the time the items were left outside and upon examining the products and RFID tags after the fifth night had elapsed, they were saturated.

This however did not have any effect on the readability of tags, with all items being successfully identified in all six of the scans except for the metal item (the 6 metre length of galvanised pipe) which was only interrogated successfully on the sixth attempt.

To compare the robustness of RFID tags and barcodes, a cardboard box with a barcode imprinted on it in ink was also left outside over the same period as the RFID tagged items. Like the RFID tags and products the cardboard box was saturated after the fifth night outside. The barcode on the box was able to be scanned successfully, but when the researcher applied some friction to the barcode it was damaged. Once the barcode was damaged it could not be identified by the barcode reader. Unlike the barcode the RFID tags were not affected or damaged by friction in this simulation.

This simulation revealed that the readability of RFID tags was not affected when applied to products of varying compositions, except for products composed of metal which resulted in these products only being identified in about one out of six attempts. It was also revealed that RFID tags were able to function after being stored outdoors and exposed to the elements over five nights. To further test the robustness of RFID tags it is recommended that they are exposed to the same environmental conditions for longer periods of time in a future study.

3.4.4. RFID-enabled- locating misplaced stock simulation-method

An RFID tagged product will be positioned so that it can be read by an antenna attached to a fixed RFID reader. Once data have been read from the tagged item it will then be moved around the shop to another location so it is within range of another antenna. The results of this simulation will focus on the ‘tag reads’ at each of the antennas. After one tagged item has been tested the read rates of multiple items will be observed.

A fixed RFID reader was set up with two antennas situated 10 metres apart. RFID tagged items were initially positioned in front of an antenna then put on a trolley and moved outside the range of the antenna and into the range of a second antenna to simulate stock being misplaced within the retailer. Exhibit 4 shows RFID tagged products that have been moved past an antenna on a trolley.

Exhibit 4. RFID tagged cartons of nails within the read range of an antenna

Exhibit 4. RFID tagged cartons of nails within the read range of an antenna

A plastic 5 kilogram carton of galvanised bullet head nails was RFID tagged and moved from the read range of the first antenna to within the read range of the second antenna which resulted in it being detected by both antennas. Once a single RFID tagged carton was tested more were introduced to further examine the accuracy of the antennas. Table 6 illustrates the results of this simulation. It should be noted that in the table, tags which were identified by both antennas (at the first antenna prior to being ‘misplaced’ and or the second antenna after being ‘misplaced’) were recorded as being read successfully (✓=read successfully,= not able to be read).



The results revealed read rates ranging from 67% to 100% for the five tests conducted in this simulation. When products were placed on the trolley and transported between antennas they were placed in a random configuration which meant that the RFID tags applied to them were not presented to the reader in the same arrangement for each of the tagged cartons of nails.

It was noted that tagged cartons that were not detected when moved between antennas, had tags orientated perpendicular to them or had tags that were applied to the opposite side of products. Figure 3 illustrates where RFID tags were applied on products that were not identified by the antennas.

Figure 3. The position of RFID tags that were not identified

Figure 3. The position of RFID tags that were not identified

Apart from the orientation issues that were encountered, this simulation illustrated that RFID could be used within the small-to-medium retailer to monitor the positioning of products within the store. If RFID was employed in the store and appropriate backend software was developed it is highly likely that misplaced items that had been tagged within the store could be registered on the system, and found thereafter.

Section IV

Discussion and Conclusion

The simulations revealed that items with overlapping RFID tags wrapped around them could not be detected by the reader when they passed through the entry/exit. It was also found that concealing items had an effect on whether they would read or not with a single concealed product being identified, as compared to the three tagged items which were identified when passing through the entry/exit in plain sight. Moreover, the results showed that RFID experienced poor to average read rates when implemented for loss prevention. It is perceived that if RFID was applied in the small-to-medium retailer for loss prevention purposes, theft may be reduced but the reliability of the technology could not be guaranteed, unless orientation issues were resolved and the read rates improved. Also, if an RFID portal were constructed appropriately, taking into account the conditions and the vehicle used by the small-to-medium retailer, it could effectively monitor the stock being delivered to the business and the one delivered to the customers of the business. In addition, the study revealed that the readability of RFID tags was not affected when applied to products of varying compositions, except for metal products - which were identified only once on six attempts. Moreover, the RFID tags were able to function after being stored outdoors and exposed to the elements over five nights. These results provide strong support to previous studies on RFID technology [11], [12] and highlight the fact that RFID technology is mostly product driven, and therefore, the best performance of the system heavily depends on the type of product, the context of implementation, the level of tagging, etc.

Consequently, a scenario building, validation and demonstration of RFID-enabled process optimization is highly recommended prior to any large RFID technology deployment [13]. To our knowledge, this study is among the first studies to illustrate that RFID technology could be used within a small-to-medium retailer in real-life settings to monitor the positioning of products within the store, to help small-to-medium retailer prevent in-store stock losses, enhance delivery process and improve the process of locating misplaced stock within the store. Nevertheless, these findings are consistent with results of prior research by [15] at Wal-Mart stores, which are mainly large stores. Despite these encouraging results, further tests on the robustness of RFID tags should be conducted when they are exposed to the same environmental conditions for longer periods of time. Moreover, given that the more recent RFID tags have a tag reading accuracy of almost 100%, their use is highly recommended [21]. The study was conducted in a single store of a small-to-medium retailer situated almost at the last node of the retail supply chain, and therefore was not able to capture the network effects of RFID technology.

Therefore, further works need to be done to assess the impact of RFID technology at the supply chain level in a real-life setting and to develop different models of cost sharing between stakeholders involved in RFID-enabled projects.


1. S. Fosso Wamba, L. A. Lefebvre, Y. Bendavid, and É. Lefebvre, "Exploring the impact of RFID technology and the EPC network on mobile B2B eCommerce: a case study in the retail industry," International Journal of Production Economics (112:2), 2008, 614-629.

2. R. Roman and J. Donald, "Impact of RFID technology on supply chain management systems," in 19th Annual Conference of the National Advisory Committee on Computing Qualifications (NACCQ 2006) Wellington, New Zealand, 2006.

3. C. Loebbecke, J. Palmer, and C. Huyskens, "RFID's potential in the fashion industry: a case analysis," in 19th Bled eConference, eValues Bled, Slovenia, 2006.

4. C. Poirier and D. McCollum, RFID Strategic Implementation and ROI: a Practical Roadmap to Success. Florida: J. ROSS Publishing, 2006.

5. J. Curtin, R. J. Kauffman, and F. J. Riggins, "Making the most out of RFID technology: a research agenda for the study of the adoption, usage and impact of RFID," Information Technology and Management (8:2), 2007, 87-110.

6. N. Huber and K. Michael, "Minimizing product shrinkage across the supply chain using radio frequency identification: A case study on a major Australian retailer," in IEEE Computer Society of the Seventh International Conference on Mobile Business Toronto, Canada, 2007.

7. B. D. Renegar and K. Michael, "The RFID value proposition," in CollECTeR Iberoamérica Madrid, Spain, 2008.

8. F. J. Riggins and K. T. Slaughter, "The role of collective mental models in IOS adoption: opening the black box of rationality in RFID deployment," in Proceedings of the 39th Hawaii International Conference on System Sciences Hawaii, 2006.

9. S. Fosso Wamba and H. Boeck, "Enhancing information flow in a retail supply chain using RFID and the EPC network: a proof-of-concept approach," Journal of Theoretical and Applied Electronic Commerce Research (3:1), 2008, 92-105.

10. Z. Asif and M. Mandviwalla, "Integrating the supply chain with RFID: a technical and business analysis," Communications of the Association for Information Systems (15), 2005, 393-427.

11. Y. Bendavid, S. Fosso Wamba, and L. A. Lefebvre, "Proof of concept of an RFID-enabled supply chain in a B2B e-commerce environment," in The Eighth International Conference on Electronic Commerce (ICEC) Fredericton, New Brunswick, Canada, 2006, 564-568.

12. B. C. Hardgrave, M. Waller, and R. Miller, " Does RFID reduce out of stocks? a preliminary analysis," 2005.

13. S. Fosso Wamba, E. Lefebvre, Y. Bendavid, and L. A. Lefebvre, From automatic identification and data capture (AIDC) to "smart business process": a proof of concept integrating RFID: CRC Press, Taylor & Francis Group, 2008.

14. W. E. Solutions, "Appendix A: Glossary," 1996.

15. B. C. Hardgrave, J. Aloysius, and S. Goyal, "Does RFID improve inventory accuracy? a preliminary analysis," International Journal of RF Technologies: Research and Applications (11:1), 2009, 44-56.

16. R. K. Yin, Case Study Research: Design and Methods. Newbury Park, CA: Sage, 1994.

17. J. Diamond and G. Pintel, Retailing. Upper Saddle River: Prentice Hall, 1996.

18. T. Wild, Best Practice in Inventory Management. New York: John Wiley & Sons, 1997.

19. R. Tersine, Principles of Inventory and Material Management. Upper Saddle River: Prentice Hall, 1998.

20. P. Knight, Small-Scale Research. London: Sage, 2002.

21. M. H. M. News, "UHF Gen 2 RFID delivers 100% read accuracy for item tagging," 2009.

IEEE Keywords: Australia, Business process re-engineering, Hardware, Humans, Inventory control, Radio frequency, Radiofrequency identification, Supply chain management, Supply chains, Testing

INSPEC: optimisation, radiofrequency identification, retail data processing, small-to-medium enterprises, stock control, RFID-enabled inventory control optimization, delivery process, hardware retailer, participant observation, procedural documents, proof of concept approach, quasi experimental design, radio-frequency identification technology, semi structured interviews, small-to-medium retailer

Citation: Dane Hamilton, Katina Michael, Samuel Wamba, 2010, "RFID-Enabled Inventory Control Optimization: A Proof of Concept in a Small-to-Medium Retailer", 2010 43rd Hawaii International Conference on System Sciences (HICSS), Date of Conference: 5-8 Jan. 2010, DOI: 10.1109/HICSS.2010.473