Do we need a UK Library User’s Guide to RFID?
As regular readers will know I have been working closely with an organisation called Book Industry Communication (BIC) – a charity supported by both the book trade and the library community – for many years. BIC’s mission is, as the name suggests, to improve communication across all sectors of the book trade (including electronic) and has been instrumental in establishing many of the standards now used in libraries.
This post has been inspired in part by an email from Kathy Settle. In a three-way discussion about BIC’s recent report on RFID privacy she commented that the sample poster template included at the foot of the web page (for use in libraries to help inform users about the potential risks associated with RFID tags) , “If it was my mum reading it, I’d think she would be very confused – and worse, very worried – about what this all means”.
She has a point. The public aren’t included in the long list of people for whom the guidance is intended – but it does suggest ways in which libraries should inform their users that RFID is being used by the staff.
By pure coincidence I received an email this morning from a library user who is writing his own application to interact directly with library stock. I can’t tell you what he wants to do with it in case he plans to sell it to other members of the public, but I can at least assure you that it is an entirely innocent idea that has some merit.
This may sound surprisingly ambitious – after all librarians have been rather slow to recognise the potential that now sits on their shelves – but such initiatives are likely to become increasingly more frequent as the public recognise that most of the stock on the shelves of our libraries are wide open to exploitation by anyone with a smartphone app.
Why a ‘UK’ guide? Well almost 100% of UK libraries now use essentially the same technology and standards whether they know it or not, so this guide will work for almost 100% of UK library users. There’s no mention of data models, frequencies, encryption, or any of the myriad other variables that make RFID sound more complicated than it is – and which have led to other countries choosing different paths to RFID deployment.
This guide is different from everything else I have written about RFID over the past 10 years or so. It is much shorter, and is for the individual who wants to write their own app as well as the ordinary citizen who just wants to borrow a book.
And of course it’s for Kathy’s mum.
A UK Library User’s Guide to RFID
RFID stands for Radio Frequency Identification. Your library uses it to keep track of its books etc. It’s a very simple idea with a huge range of applications so you probably already have some form of it in your possession already. If you have a bus pass, travelcard (like Oyster), a bank card that you can just wave at a terminal or a library book the chances are that it has RFID on board.
There are lots of different kinds of RFID but they all have two things in common – they use a ‘chip’ to store information and an aerial (attached to the chip) to send and receive information. The ones in your library books are about the size of a credit card and are called ‘tags’.
Why is my library using RFID?
Well according to the findings of surveys that I used to carry out annually almost 100% of them are using it to allow you to borrow items from the library without the need to trouble a member of staff. Libraries call this “self-service circulation” and it’s a bit like using the self-service device to buy goods in a supermarket except that you don’t have to pay and you use a radio scanner to read a library RFID tag instead of an optical scanner to read a supermarket barcode.
Like supermarkets libraries still do use barcodes to manage their stock sometimes although the information in the barcode is also present on the tag – plus a whole lot more. The main reason libraries switched from barcodes to tags was to improve security. Before RFID libraries tried a variety of ways to protect themselves from theft – the most popular was something called ‘tattle-tape’ – a magnetic strip hidden in a stock item that could be magnetised and de-magnetised. Security gates at library exits used magnetic waves to detect any item being removed illegally. The system worked well but required expensive and bulky electromagnets to arm and disarm the strips. RFID simply writes a code to each tag to specify whether it can be borrowed or not.
RFID security devices often resemble the earlier electromagnetic ones but work in a completely different way so you cannot ‘mix and match’ the two technologies.
Is RFID harmful?
The technology has been in use for more than half a century without any reports of any impact on health and the voltages used to run RFID systems are very much lower than those used by electromagnetic devices.
Why does my library want me to know if they are using RFID?
The European Union issued a mandate some years ago that recommends that libraries (and other establishments) notify their users if RFID technology is in use in a location to enable them to assess any personal risk to their privacy.
Are there risks to my privacy?
Because data is being broadcast over the airwaves there is the possibility that a third party could intercept messages exchanged between your books and the library’s self-service devices.
However most libraries do not record any data that can be traced to an individual on their RFID tags. Anyone seeking to discover what someone is reading would also have to gain access to the library’s database in order to decode what would otherwise be just a stream of numbers flying through the ether. It is nonetheless a level of risk that the EU feels deserves advertisement by the library.
Your membership card by the way is still most likely to be using the ‘old’ technology barcodes which cannot be read by radio.
Is RFID used for anything else?
Some librarians have been very creative in finding ways to exploit RFID technology and use it for much more than issuing and returning stock. There are examples all over the internet and elsewhere in this blog. None of them offer any additional threat to library users over and above that mentioned above.
So that’s my attempt at a user’s guide to RFID. I am aware that it will not apply to everyone but I think it works quite well for the majority of UK libraries. My thanks to Kathy’s mum for taking the time to read it and offer some helpful suggestions – likewise to Kathy for finding the time to do likewise.
A final word for librarians
If there are any additional concerns about public interaction with the library they should be troubling librarians rather than the public. The reason for my saying this concerns recent advances in a technology called NFC (short for Near Field Communication) that have resulted in many smartphones being able to read and write to library tags. As I indicated at the start of this post some members of the public are already using this capability to develop their own apps to interact with library stock. For the moment this appears to be for purely benign reasons.
But that could change of course.