InformationWeek reports that the Smart Card Alliance has criticised the proposed use of RFID technology in passports:

"RFID tag technology that was designed to track packages and products is not the appropriate technology to use for securing human identification systems," the group said through a prepared statement.

Such criticism is nothing new, but does add to growing weight of evidence that some of the thinking around protecting our security and privacy is out of step with the way technology will work in the wild. That it could well bring about the exact opposite results - the so-called "law of unintended consequences" - weakening security rather than strengthening it.

The alliance argues that the RFID technology would not protect people's information and will not allow border inspectors to verify the authenticity of the cards. So, someone with a reader could follow a person crossing a border, obtain the identification number, duplicate the card and give it to someone resembling the victim. The group said that the card's weaker cryptographic protections and longer-range reading would also likely raise concerns among users that the cards could be used for tracking people.

The "broadcasting" of our identity information in such uncontrolled ways also runs counter, of course, to the sensible "laws of identity" distilled by Kim Cameron and the wider expertise contributed by the blogosphere.

Given that the laws embody best practice learnings from identity over the last 30+ years, I'm unclear why we keep seeing systems that attempt to violate them - with all the inevitable consequences that will bring. You can't defy the laws of gravity when you design an aeroplane or a bridge - and you can't violate best practice identity design. Not unless you want to fail that is.

Tres Wiley, director of eDocuments for Texas Instruments, which provides both vicinity and proximity technologies said the company supports the Smart Card Alliance's conclusions.

"The vicinity technology proposed by the U.S. government was not intended or designed for sensitive ID application," he said.