The contents of the chip is encrypted with the machine-readable text on the picture page, so you cannot harvest people's data like that without opening the passport.

But nothing is stopping the US customs service (or any other service) to store the unencrypted data for later reference right?

I don’t find it farfetched that some big players would have a database that holds basically a huge lookup table that goes from encrypted data to the unencrypted data.

This wouldn’t work on your first visits, but return visitors could have their rfid read like that.

Or do the rfid chips hold some kind of randomness in them so they can do a type of handshake (that is unique every time) where that machine readable password is needed?