Monday, March 3, 2008

Use of radio ID tags faces limits

I know its not "American" to say we could learn a lot from Europe when it comes to the issue of privacy protection (England aside)...but alas, it is true. The EU has been ahead of us when it comes to corporate mergers like Google and Doubleclick, and they seem to be a step ahead of us on establishing common sense privacy safeguards for the widespread, and increasing use of RFID technology.

This article in the International Herald Tribune details the ways in which the EU, and European businesses are addressing the various privacy concerns associated with RFID:

...the rapid development of RFID technology is also being regarded cautiously by the authorities in the European Union, who are moving quickly to establish privacy guidelines because the chips - and the information being collected - are not always visible.

Their goal is to raise awareness among consumers that the data-gathering chips are becoming embedded in their lives - in items like credit cards, public transportation passes, work access badges, borrowed library books and supermarket loyalty cards. There are also policy concerns regarding whether retailers could link a customer's credit card data to an RFID tag in a product, allowing clients to be identified when they return to a store.

In late February, the European Commission issued privacy protection proposals to establish a code of conduct for companies using RFID technology, fueling a debate among privacy advocates who seek more openness and trade groups of manufacturers and retailers who want practical guidelines that will allow the developing technology to flourish.


Privacy advocates have hailed what is known as the opt-in principle as a pioneering step by European regulators to establish clear privacy protections in connection with the technology. In February, lawmakers in the U.S. state of Washington also sought to carve out a privacy bill of rights, passing legislation in the state's House of Representatives to make it a felony for businesses to keep personal information gathered from RFID chips without consent from customers.

"For us, consumers have to be protected," said Emilie Berrau, a legal officer for the BEUC, the European Consumers Organization in Brussels. "They haven't asked for the technology, so why should they have the burden of protecting themselves?"


Retailers have tended to use the chips for logistical purposes like tracking deliveries, but companies are starting to get more inventive. A British uniform supplier, Trutex, said it was developing clothing with chips to track schoolchildren, in part because of surveys that showed parents were favorable to the idea.


But even without that prodding, companies are looking for ways to demonstrate their respect for privacy standards. European authorities started financing a €1.2 million, or $1.8 million, pilot project in the summer to create a trans-European "privacy seal of approval" that could be marked on products that meet independent evaluations of privacy standards and could be applied to products using RFID chips. Called the EuroPriSe Project, the program has already accepted 20 companies seeking the seal, according to the project manager, Kirsten Bock.


Bock said it was clear there was a demand for the logos - something akin to popular seals certifying organic products or fair-trade items. The new EuroPriSe program, she said, has had to turn away more than 80 companies during its test phase. And even Schleswig-Holstein, with its regional privacy seal, managed to attract a giant from across the Atlantic seeking a seal for its software, Bock said. At a ceremony last year in Berlin, Schleswig-Holstein officials awarded the privacy seal to Microsoft for its Update 6.0 and Windows Services 2.0.

Click here to read the article in its entirety. I'll be doing a little snooping around to see whether similar ideas as those laid out in this article could be adopted here in the US, and I'll check in with privacy rights champion Senator Joe Simitian's (author of numerous RFID regulation bills) office to see what they think as well.

No comments: