In this blog post, we examine whether the convenience offered by Verichip technology is truly worth the risk of personal data leaks.
In an information-driven society, personal data holds immense significance. The most fundamental and crucial role of personal data is that it allows us to establish our identity specifically among countless others. In other words, it establishes a clear criterion for distinguishing individuals. What does this mean? It means we can build a space that is clearly isolated from others—a space accessible only to us. A bank account where only I can make deposits and withdrawals, online posts that only I can edit, and cloud storage that holds the owner’s files. In today’s highly digitized society, we need the key of personal information to enjoy all these conveniences.
There are various types of keys used to access virtual spaces. From credit cards used as simple payment methods to card-style access passes required to enter and exit company buildings, and even intangible accounts required to identify individuals on websites, information is utilized in diverse ways. But what if there were a key that could be implanted in the body for constant use? Known as VeriChip (short for verification chip), this rice-grain-sized electronic circuit chip can store the owner’s information. The VeriChip can be implanted under the skin for semi-permanent use and can interact with its surroundings at any time to exchange information. This is because the VeriChip is a type of RFID (Radio-Frequency Identification) tag. Since RFID tags use radio waves to share information with a reader that wants to read personal data, the reader can recognize the tag even from a distance. When the reader detects the VeriChip, it decodes the code stored on the chip to verify the owner’s identity, thereby gaining access to the owner’s virtual personal space stored in a database.
In the past, people did not always carry personal identification devices with them, and even when they did, their use was limited. However, with the Verichip, the versatility of personal information will increase to an unprecedented degree. All of the owner’s activities are recorded in a database via the Verichip, and using this data, the owner can receive services best suited to their needs. Furthermore, due to the nature of RFID chips, which allow for active interaction with the surrounding environment, functions such as automatic payment, access control, and location tracking can be carried out effectively. This implies that the “ubiquitous city”—once a vision of a city capable of everything—could become a reality. However, the Verichip’s characteristic of constantly and openly exchanging personal information ultimately carries the risk of facilitating easy data breaches. Anyone possessing a device capable of interacting with the Verichip could intercept personal information without the owner’s knowledge.
During the height of the controversy surrounding the Verichip, many opponents voiced their opposition to its commercialization, citing not only the risk of data leaks but also various conspiracy theories regarding privacy infringement. As a result, production of the Verichip was halted in 2010. On the other hand, some argue that the risks associated with the Verichip have been exaggerated. They compare the Verichip to credit cards, claiming that the risk of information leakage from the Verichip is no different from that of existing media like credit cards. According to this argument, it is quite contradictory that we worry about the Verichip yet use credit cards and transit cards without a second thought. Furthermore, RFID tags, such as those used in transit cards, can only exchange information when within a certain distance of a reader. Given this method of use, the argument is that there is no need to worry excessively about the risk of information leakage from the Verichip alone.
However, I believe the Verichip poses significant risks. First, in terms of its intended use, the Verichip is far more dangerous than existing methods. Even with a credit card, how many different ways can it be used? It is merely a payment method. Therefore, the damage incurred if a credit card is stolen is limited to the amount in the bank account linked to the card. However, the Verichip can provide all information about its owner. Not only the owner’s basic personal details, but also their residence, primary spending categories, and frequented locations—everything related to the owner’s daily life—is stored in a database. In this scenario, if personal information is leaked even once, the damage would be unimaginable. Since it means anyone could access all information about me, it would be possible for a third party to completely impersonate the owner. Depending on the criminal’s intentions, they could register everything belonging to the owner as their own or frame the owner for crimes they did not commit. It is even possible to completely exclude the owner from society.
As such, the benefits a criminal gains by extracting information stored in the Verichip are immense, and there are various ways they could misuse this information. This makes social systems based on the Verichip even more vulnerable to crime. For example, let’s assume that the security levels of credit card and Verichip databases are similar. By hacking into a credit card company’s network, a criminal can obtain information such as the cardholder’s personal details, bank account information, and transaction history. Most of this information does not provide significant benefit to the criminal. Therefore, the number of criminals willing to take the risk of infiltrating such a network would be relatively small. In contrast, the Verichip database stores all information about the user. Moreover, the potential gains from obtaining this data are significant enough to justify the risk for criminals. Consequently, attempts to access the Verichip network will occur far more frequently than in the case of credit cards. As a result, the security risks associated with Verichips are much greater than those of credit cards.
Finally, the fact that the Verichip is implanted under the skin and cannot be lost may reduce the ability to respond to criminal activity. For example, what should one do if they discover that a credit card has been lost or that information from the network has been leaked, allowing others to freely use the user’s balance? The cardholder can respond quickly by immediately canceling the credit card and obtaining a new one. You can simply delete the information stored on the credit card or destroy the existing card. In contrast, since the Verichip is implanted in the body for semi-permanent use, destroying the existing chip and obtaining a new one is a far more cumbersome process than with a credit card. Furthermore, deleting information stored in the database is also difficult because it would cause significant harm to the user.
As such, the level of personal information protection offered by Verichips is extremely vulnerable compared to existing media in terms of the scale of potential harm, safety, and post-incident handling. Living in the information age, we have come to fully appreciate the importance of personal information protection through both direct and indirect experiences. We also know that no matter how great the convenience, such technology must never be introduced without robust security. Of course, technological advancements to date have likely also raised concerns about various risks. It is also possible that these issues have been resolved by our ethical standards as the users of the technology. In this regard, we may be able to alleviate some of our concerns regarding the elaborate conspiracy theories surrounding the Verichip. However, unless clear solutions are presented for the practical risks discussed earlier, the Verichip implanted under our skin will instead become a blade, inflicting terrible harm upon us.
