Via Kim Cameron's blog, an article -- ostensibly legit -- about a Cincinnati company that is implanting RFID tags in some of its employees. The thinking is apparently that "tagging" employees adds additional security, enabling better monitoring of where people are, or aren't in secure environments.
RFID chips in humans are a good example of omnidirectional identity, something I discussed in a recent post. In this case, it seems quite ill-advised for humans to equip themselves with an omnidirectional identifier that anyone with a proximal reader can detect, without the consent, or even knowledge of the bearer. This is a feature, not a bug, in many commercial contexts -- say when you're a tracking a flat screen TV through the supply chain. But as the recent passport+RFID controversy illustrates, the intrinsic omnidirectionality of RFID tags presents more problems than solutions when tied to human identity.
Not all RFID tags are world-readable. The SpeedPass tags that are widely used in certain parts of the US for automated roadway tracking contain low strength cryptographic tools to make them at least somewhat challenging to clone and read, for example. Other chips are available, at much higher prices that do provide a strong challenge/response sequence that manage the risks involved here.
The RFID technology embedded in the employees is provided by a company named VeriChip. While VeriSign is in the RFID space - we run the ONS root for RFID, for example -- VeriChip and VeriSign aren't related.