"You're no longer in control of who can know what it is you have," Tien said. "We're all for the retail industry being able to more efficiently manage their inventory.
"The problem is, once you buy this item, the RFID tagging is of relatively little value - other than these kinds of after-marketing, more invasive situations. You should be able to just have that tag be deactivated."
Critics note that it's relatively easy to conceal inexpensive readers - hand-held or smaller - that can pick up an RFID tag a foot or two away. They could create a trail of your movements - an almost Orwellian capability.
"We spend our lives going through doorways. We are constantly channeled through, well, channels," Tien said. "That's where you can be easily tracked."
Although credit card companies boast of their security and encryption, spokesmen for several major suppliers said there's no need to drill or microwave an RFID-enabled card.
MasterCard spokesman Chris Monteiro said customers can ask the issuer for a card that doesn't have an RFID chip - or a referral to a card program that doesn't use them. "It's the consumer's choice, depending on their interest and concerns," he said.
American Express spokeswoman Molly Faust said her company's RFID card chips use a different number than the credit card itself. "Someone could read the chip, but they can't read the number. It's a unique code number," she said.
If consumers are still worried, AmEx can deactivate the chip in cards that use them, such as its Blue or Clear cards.
It's one thing to attack a credit card - but messing around with a U.S. passport can earn you a fine or a prison term.
"If you mutilate it or alter it, you're violating a federal statute," said Cy Ferenchak, a spokesman for the U.S Bureau of Consular Affairs.
He said the passport's RFID chip is encrypted and can only be read when the book is open. "The information that's on the chip is printed on the front page of the passport book itself," he added. "If you lose your passport entirely, you're probably more vulnerable than walking around with a passport with a chip in it."
Prison aside, dodging RFID may cost some convenience. The EFF's Tien does not carry any contactless credit cards, nor does he have a FasTrak pass, the West Coast equivalent of Maryland's E-ZPass.
Hopkins' Rubin, on the other hand, has owned an E-ZPass in the past but doesn't need one for his current commute. He doesn't have a wave-by credit card, either.
"I'm actually much more concerned about security than I am about privacy," he said.
"While the first generation of RFID tags had a lot of security problems ... eventually lessons are learned and the importance of security is appreciated - and later generations will get it right."
liz.kay@baltsun.com
