Feeds

Ofcom deregulates RFID in the UK

Lack of interference

3 Big data security analytics techniques

Communications watchdog Ofcom yesterday said that it would be making radio spectrum available for use by Radio Frequency Identification (RFID) equipment, and that those using the new technology would not need a wireless telegraphy licence.

The country's privacy watchdog – the Information Commissioner – has also clarified data protection implications of using RFID.

On Monday, (7 August) Ofcom published draft regulations which exempt the use of RFID equipment in the 865–868 MHz band from wireless telegraphy licensing. The draft regulations are open for consultation until 12 September.

Ofcom is responsible for civil use of the radio spectrum. To protect current users from interference, it authorises use of new or reclaimed frequencies by granting licences under the Wireless Telegraphy Act of 1949. Without such a licence it is illegal to use or install transmission equipment unless such use is exempt from the need to hold a wireless telegraphy licence.

The regulator has decided, however, that users of RFID technology are unlikely to cause interference to other users of the radio spectrum, and therefore they do not need a licence.

RFID is a generic term for technologies that use radio waves to automatically identify objects.

An RFID chip comprises a microchip and a tiny antenna that transmits the data from the chip to a reader. The reader is activated whenever the antenna comes into range and the data can be used to trigger an event – such as raising an alarm or signalling that a pallet of goods has arrived in a warehouse. Usually the range is no more than a few feet.

The chips can be incorporated into a range of products and have an advantage over barcodes in not requiring a line of sight between the chip and the reader. They offer a means of navigating complex global supply chains, allowing companies to track their products from factory to distribution centre, from warehouse to sales floor.

In response to growing interest in RFID, the European Conference of Communications and Postal Administrations (CEPT) recommended that additional spectrum be made available at 865-868MHz. Ofcom’s announcement yesterday implements this recommendation.

However, there are privacy implications relating to RFID chips.

In general the chips are too small to be removed, and if they are embedded in the product itself – clothes or shoes – rather than the packaging, then they will remain in it. It is also possible for them to remain trackable and this, say some privacy groups, is an unacceptable breach of privacy. They worry that criminals, governments or other agencies will be able to identify and track an individual by the RFID tags on his or her person.

Many of the privacy fears are exaggerated, given the limitations of the technology; but Ofcom acknowledges the concerns exist and warns that they fall out with its remit.

The regulator consulted with both the Department of Trade and Industry (DTI) and the Office of the Information Commissioner prior to making its announcements yesterday. As a result, the DTI has confirmed that it should be contacted in relation to any privacy concerns over the Ofcom consultation.

The Information Commissioner also issued a statement, clarifying his position on the use of RFID tags. This says:

“RFID tags may be used in circumstances where the Data Protection Act 1998 is unlikely to apply at all – for example, in monitoring distribution of pallets of goods from warehouse to stores. Even where personal information is involved it is perfectly possible to comply with the Act.

“Where the use of such tags involves the collection, generation or disclosure of personal information then the Act will apply. In particular, this means that individuals should be aware when information about them is being collected and what it will be used for.”

See:

Ofcom's proposal (26-page / 91KB PDF)
The Information Commissioner’s statement (1-page / 25KB PDF)

© Pinsent Masons 2000 - 2005

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.