Feeds

EU consults on RFID technology

Nothing too personal

  • alert
  • submit to reddit

Build a business case: developing custom apps

The EU is developing privacy guidelines for the use of RFID (radio frequency identification) technology. A European Commission advisory group, known as a Article 29 Working Party, is conducting a public consultation on the emerging technology.

RFID tags are small microchips attached to an antenna which emit a unique serial number by radio over short distances. Miniature RFID tags can be embedded in all kinds of consumer products and scanned from between two to three metres away, revealing information about the product and (potentially) its owner. Critics say the technology could reduce or eliminate purchasing anonymity and could even threaten civil liberties. The issue becomes even more acute with plans to put RFID tags into identity cards.

The EU aims to ensure its data protection directives whenever personal data are collected using RFID technology. It wants to give guidance to manufacturers and to RFID standardisation bodies, to ensure that they develop privacy-compliant products.

RFID technology offers numerous benefits to business. It can help retailers manage their inventory, enhance consumers' shopping experience as well as allow better control access by persons to restricted areas. But it also comes with serious privacy drawbacks, an EU working paper notes.

"The ability to surreptitiously collect a variety of data all related to the same person; track individuals as they walk in public places (airports, train stations, stores); enhance profiles through the monitoring of consumer behaviour in stores; read the details of clothes and accessories worn and medicines carried by customers are all examples of uses of RFID technology that give rise to privacy concerns."

The privacy implications of RFID chips go beyond cases where unique serial numbers are linked to an identity, the EU says. "Even if the individual is not immediately and directly identified at the item information level, he can be identified at an associative level because of the possibility of identifying him without difficulty via the large mass of information surrounding him or stored about him."

Unwanted individual tracking, without a link to the identity of the data subject, also falls within the scope of the Data Protection Directive. Because of this data protection rules apply to many RFID applications, the working paper concludes.

Interested parties are invited to submit comments before 31 March 2005. ®

Related stories

RSA looks ahead on RFID security
EU biometric RFID scheme unworkable, says EU tech report
MSN Belgium to use eID cards for online checking

External links

Working document on data protection and RFID technology (PDF)

A new approach to endpoint data protection

More from The Register

next story
Amazon says Hachette should lower ebook prices, pay authors more
Oh yeah ... and a 30% cut for Amazon to seal the deal
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
Nintend-OH NO! Sorry, Mario – your profits are in another castle
Red-hatted mascot, red-colored logo, red-stained finance books
Sonos AXES support for Apple's iOS4 and 5
Want to use your iThing? You can't - it's too old
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
Chips are down at Broadcom: Thousands of workers laid off
Cellphone baseband device biz shuttered
Feel free to BONK on the TUBE, says Transport for London
Plus: Almost NOBODY uses pay-by-bonk on buses - Visa
Twitch rich as Google flicks $1bn hitch switch, claims snitch
Gameplay streaming biz and search king refuse to deny fresh gobble rumors
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?