![[Externer Link]](../img/ex.gif)
Have a look
at what else we do...
Time is running short: Since 1 February 2005 fans can order the RFID-bugged tickets for the FIFA World Cup. Details about what data will be collected and who will get them afterwards are being made public only sparingly. Scandalous behaviour, properly speaking, but since fans eagerly want to get at the tickets (it is estimated that there will be 5 to 10 times more applications than tickets), the German Federal Football Association (DFB) and FIFA can more or less do whatever they want. Only after a widely recognised press release from the FoeBuD did the relevant authority, the Regional Presidency of Darmstadt, publicise any details. On these pages we collect everything we can find out. If you only want information on the current state of affairs – 1 Feb. 2005 – click here. What you can do yourself can be read here.
More details about the radio and reading technology employed can be found in our FAQ.
Football, or soccer if you like, is going to be the highest ranking side issue of the world at the World Championship. “The 2006 World Cup has to do with football only on the surface. In reality, it is going to be a trade fair for Germany’s economical capacities. Economy and politics want to show themselves off, and they are using the popularity of the game as their stage”, said Matthias Bettag from the “Bund aktiver Fussballfans”, the German Association of Active Football Fans, towards silicon.de (in German).
Especially for RFID technology, the world championship will serve as the flying lane. It hasn’t been really possible to convince the German citizens of how they would personally be profiting from the spychips, as yet. For the time being, scepticism and concerns prevail. This makes the World Cup an ideal platform: One can take advantage of the fear of hooligans to sell RFID as “security technology”. And fans’ wishes to be there live will almost surely be greater than concerns about being spied out.
And spying out the fans is what this technology is all about. This is what Helmut Baeumler, former Data Protection Officer of the federal state of Schleswig-Holstein, said already some months ago in an interview with German TV network ARD: “It isn’t about who has the ticket so much, the ticket itself is not important. It is which person is in the stadium what one wants to find out. And as much as I understand that one wants to recognise and ward off hooligans in time, here one can see what this technology leads to, namely, surveillance of people.”
The danger of this: If the fans don’t defend themselves against this, the RFID lobby in the future will advertise with the slogan: “Football fans have nothing against RFID”
Every entrance ticket will contain an RFID chip. These chips will contain, according to what the speaker of the German Federal Data Protection Officer, Peter Buettgen, said towards news agency ddp, only “serial and customer’s number, but no information on personal data.” However, in the same article he is reported by ddp as saying: “To have the last four digits [of the applicant’s passport number] would be totally sufficient.” So the last word on this has not yet been spoken. The radio transmission of the data would be encrypted, anyway.
It is to be expected that RFID chips with the common standard ISO 14443 will be used. From what range these chips can be read out depends on the strength of the antenna in the reading device. Officials still do go on saying that the reading range is only three to five inches (ten to fifteen centimetres), in order to play down the dangers of being spied upon. This is wrong! With chips of ISO 14443 experts speak of maximum reading ranges of about five feet, or 1.7 metres (state 2004) – how else would theft protection be expected to work efficiently?
So is it ignorance or cover-up tactics when it is said time and again that fans would have to hold their tickets “against a reading device” at the entrance? They are also readable through buttoned-up coats… In any case it was once said that one wanted to speed up entrance procedures with this. But since there will still have to be passport controls - if only spot checks – the time saving factor which once was an argument for the introduction of RFID will be rather limited. For some time now this argument has not been uttered any more.
Supposedly RFID tagged tickets are forgery proof. – No, they’re not, forging them will only be a little more expensive.
Supposedly one wants to “personalise” the tickets through them, i.e. trace back every ticket to a specific person. (In former times one would simply have printed the name of the owner on them. Why isn’t that sufficient any more nowadays?) For this the fans have to fill out a rather detailed questionnaire through the internet that asks personal data – and more of them than would seem necessary at first sight (see below).
"Personalising" the tickets is to prevent black marketing. Also, one wants to keep hooligans and other kinds of blackguards and rioters out of the stadiums, said head of the ticket-division of the organising committee, Juergen Domscheidt, at a meeting of the security tickets industry (according to German daily newspaper “tageszeitung”, also known as “taz”). How exactly this is going to go has not yet been made known.
No spychip can prevent brawls, scuffles, or fights.
Instead it will be so, as the Regional Presidency of Darmstadt comfirmed, that the ticket data will be compared with the stadiums’ databases of banned individuals. We assume that also the police’s database “Gewalttater Sport” will be attached. So, in the simplest case the RFID chip in the ticket of such a suspicious person will stop the turnstile, but according to the RP of Darmstadt (the DFB does not mention this passage in its otherwise partially word-identical data protection statements) the reading devices can also be tuned in such a way “that the personnel employed by the DFB (or their servicers [i.e. private security firms]) can at the same time read the personal data of the respective person and compare them with the passport presented.” For reasons of simplicity the ticket could also set off an alert when it is being scanned, along the lines of “Caution, person XY is entering the stadium.”During the World Cup, Darmstadt confirms, this data base will be infinitely supplemented, e.g. through registration of fans who “make themselves conspicuous during the World Cup matches.” The more reading devices will be installed, the more detailed this information will be. Also information like “Person XY has been standing in the same block as person ZA, who fired a flare at the field” etc. will become thinkable, dependent on the number of reading devices placed in the stadiums. And all this without person XY noticing at all that he has been scanned by an antenna, or getting information about this, or being able to take any influence when being denied access to a game.
Data will presumably be collected in at least two places: For one, through the questionnaire for application for a ticket (see above), secondly, directly in the stadiums. As yet, there is only talk of “entrance controls”, where the ticket-spychips will be read out. If there will be reading devices also in other places (e.g. at every block), or whether even the security services and personnel will be equipped with mobile (handheld) reading devices is at the moment probably only known to the organising committee. The more readers there are, the more detailed the personal profiles will be.
The questionnaire at beginning of sales on 1 Feb. requires the following data:
We wonder. For what does one need the date of birth in an application for a football ticket? For what does one need the number of an ID card or a passport? Why telephone number and favourite team? All of this are data which are of considerable value for the advertising industry, but we can’t see their use for the issue of the entrance tickets. If one wants to “personalise” tickets, why not simply print a name on them?
Also: If one applies for (additional) tickets for other people, the last question asks for the personal data of them – which requires an explicit consent of the people concerned for passsing on their personal data. How this will be checked and made feasible through the internet without opening doors to misuse has yet to be found out.
Persistently one hears rumours that the chips probably will contain the passport number of the ticket-owner, i.e. not just any old encrypted sign code which would make sense only with a data base behind it. The relevant data protection authorities have by now disclaimed this. The speaker of the Federal Data Protection Officer, Peter Buettgen, said towards ddp that “the last four digits [of the passport number] will be absolutely sufficient” – so there is still talk of storing of passport numbers. Heightened scepticism in this point is in order, because:
Already about asking the passport number through the internet there has been a shower of criticisms over the past weeks. Renate Hillenbrand-Beck from the Regional Presidency of Darmstadt wrote about this on 25 January 2005: “The gathering of complete passport numbers as requested by security authorites is yet accompanied by a question mark. About this the Federal Data Protection Officer will seek consultations with the Federal Ministry of the Interior.” But in the questionnaire that was launched on February 1 the passport number is not at all indicated with a question mark but with an *asterisk* for “required information”. Maliciously speaking: The authorities are still consulting, but the industry can meanwhile go ahead…??
Good question.
We don’t know. Who is it, actually, that runs this so-called security technology? The individual stadiums? From the letter from the Regional Presidency of Darmstadt we assume that at least the DFB (German Football Association) and FIFA will have access to the data. And presumably the private security service(s) that have been commissioned. “FIFA is the main organiser of the World Cup but the ticket sales will be organised by the DFB (through the Organising Committee). So it is the DFB who is the contract partner responsible,” writes the Regional Presidency of Darmstadt. What contracts on sharing of data have been made with FIFA or others is not known to us. Among the members of the Board of Directors of said Organisation Committee, incidentally, is also the German Minister of the Interior, Otto Schily, who is an advocate of RFID chips in passports and identity cards. So, could it be that also the police or the Ministry will get access to the data? – Asking maliciously: The data will be available to everyone who would like to have a look?
German newspaper “Tageszeitung” (also known as “taz”) cites minister Schily in connection with the World Cup tickets in an article from January 21: “We will set up … a national office where all information and analyses of the relevant national and international security authorities will come together and be coordinated. From this information arise images of the national situation which will be made accessible to all authorities involved.”
The data will thus be shared first of all with all participating “countries” – what ever this may mean: Security services? Governments? Apart from this perhaps also at least with the sponsors (if one has ticked one’s consent in the relevant place in the application form). The press spokesman of the organising committee, Gerd Graus, is cited by silicon.de as saying: “Data will only be shared with state institutions, and only if they have sufficient legal provisions. Further sharing will, of course, only take place with the consent of the ticket-buyer.”
But according to data protection laws one has to prove one’s legitimate interest in gaining insight into the data bases. And which interests are deemed “legitimate” is laid down in the “Terms and Conditions” (Allgemeine Geschaeftsbedingungen / AGB), which have been made public only at the start of ticket-sales – and which no one will read, anyway, if he wants to be the first to apply…
Here also we have to say: We don’t know. But what is clear is that it will go on. Already now a number of stadiums, among them the “Arena Auf Schalke” in Gelsenkirchen, the "Gottlieb-Daimler-Stadion" in Stuttgart and the "Fritz-Walter-Stadion" in Kaiserslautern, are using RFID in their entrance tickets. (Source: FIFA). And of course, so says the DFB, the technology in the stadiums will not be dismantled but extended afterwards.
As yet there is no official statement about whether the ticket- and spectator-databases will be deleted after the World Cup!
In the middle or long run there will be no RFID-less soccer games at all anymore.
World Cup matches, and that also means “RFID first equipments”, will be in the following stadiums:
Netzeitung will already in the coming season be equipped with the necessary turnstiles and reading devices. Security personnel will also go through the stands with handheld readers, Ingo Schiller, director of Berlin club Hertha BSC, is reported as saying. But they will be used “only to a limited extent” for surveillance purposes.) “terms and conditions” of ticket vendor “Ticket und Secure (T&S)” it says: “T&S reserves the right to pass on the data to third parties, who have been commissioned by T&S to carry out the ticket sales, insofar as this measure is prerequisite to fulfilling the contract. T&S furthermore reserves the right, as long as there is no objection of the customer, to collect, use and process the data collected from the customer for advertising, market research on behalf of T&S and the design of the services of T&S.”) The organising committee has announced that it will hand over the ticketing system to the “Deutscher Fussballbund (DFB)”, the German Federal Football Association, after the Championships. However, the speaker of the Federal Data Protection Officer, Peter Buettgen, in newspaper "Rheinische Post" voices doubts about the appropriateness of RFID-enabled tickets for normal first league matches. "Considering the importance of the World Cup, they may well be in order there. But they should not be used in regular Bundesliga matches." Nonetheless:
According to Netzeitung also the “Volkwagen-Arena” in Wolfsburg, which isn’t part of the World Cup, is installing RFID based entrance controls. Uwe Kaempfe, head of the ticket department at football club VFL Wolfsburg, is in raptures, according to this article, about “total control from point of sale to entering the stadium”: The stadium owners could see exactly who is passing which turnstile when. Plans are, apart from this, that fans could pay without cash through the RFID tickets, the amount would then simply be debited to their bank accounts. Curiously enough, advocates of RFID tickets at the same time try to soothe critics by saying that a see-through fan were impossible because the tickets (especially those for the World Cup) would be thrown away directly by the fans. Our advice: take good care of where you dispose of it, so as not to give someone else an opportunity to stand the whole stadium a round at your expense…
The RFID-equipped tickets will probably cost 20 to 30 Euro-Cents more than without (in the autumn of 2004 the cost of one RFID was at ca. 50 ct. per piece, but prices are dropping continuously). But since they don’t have to be posted as insured mail any more, as they can quickly be blocked when they get lost or stolen, the individual cost of the chips will very soon get levelled. Said press spokesman Gerd Gaus from the organisation committee towards silicon.de. Installing the technology, according to him, will have to be paid for by the individual stadiums.
It is not yet known who will be manufacturing the chips for the tickets. But: Philips is one of the sponsors of the FIFA World Cup...
If you don’t want your personal data to be collected, you shouldn’t have yourself be registered. ... But of course this is no real alternative, for the simple formula is: "No data – no ticket!"
A first step would be to make as many fans as possible aware of the dangers towards their personal privacy before the date of issue of the tickets, i.e. January next year. By the way: Our work is completely voluntary and therefore needs to be subsidised by donations! And if you find out details about the use of RFID at the World Cup matches, please write us a mail!
Next, the problems arising from the questionnaires and the terms of commerce need to be cleared up.
As long as the FIFA cannot explain that and why security in the stadiums can’t be held up without RFID, there is no reason for employment of spychips!
Write to the data protection officials of the German Federal States and the Federal Government to take care of the use of RFID at the World Cup!
It is a little complicated at times to find out the exact competencies and areas of jurisdiction, but in general the individual offices will forward your letters and requests to the appropriate stations. An example: The DFB, the German Federal Football Association, is located in Frankfurt. That is in the state of Hessen. The Hessen data protection officer, Prof Dr Michael Ronellenfitsch (contact see below), told a reader of STOPRFID that he himself is concerned only with data protection questions that have to do with the public administration, and that he therefore has passed on this reader’s request to the appropriate body, i.e. in this case the Regional Presidency of Darmstadt. This letter, then, has reached its destination and therefore has been worth while! The authorities have to be notified that the fans do not want to be spied upon!
The stadiums, however, are located also in other states than Hessen, that means that the respective authorities of those states are the first addresses – if not for the distribution of the tickets then perhaps for the authorisation of deployment of antennas at the stadiums?
These authorities are:
Berlin: Prof Dr Hansjuergen Garstka Hamburg: Hartmut Lubomierski Baden-Wuerttemberg: Peter Zimmermann Bayern: Reinhard Vetter Niedersachsen: Burckhard Nedden Rheinland-Pfalz: Prof Dr Walter Rudolf Sachsen: Andreas Schurig Nordrhein-Westfalen: Bettina Sokol Hessen: Prof Dr Michael Ronellenfitsch, but he points to the Darmstadt data protection authority: Aufsichtsbehoerde für den Datenschutz, Regierungspraesidium, Luisenplatz 2, D-64278 Darmstadt. The contact person there is Renate Hillenbrand-Beck.Homepage of the organisation “Aktive Fussball-Fans (BAFF)”
Unsere allgemeinen Forderungen zum Thema STOPRFID