Abstract
This paper discussed the applications and implications for consumers of RFID, and focused on addressing consumer privacy challenges, including three fields: existing industry practices and standards, regulatory approaches, technological approaches.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Jo Best, Cheat sheet: RFID, silicon.com, April 16 (2004)
See, e.g., Allen, Texas Instruments, at 67-75. Unless otherwise noted, footnote citations are to the transcript of or comments submitted in connection with the Workshop. The Workshop transcript, specific panelist presentations, and comments are, http://www.ftc.gov/bcp/workshops/rfid/index.htm , Footnotes that cite to specific panelists cite to his or her last name, affiliation, and the page(s) where the referenced statement can be found in the transcript or appropriate comment. A complete list of Workshop participants can be found in Appendix A
See Press Release, Wal-Mart, Wal-Mart Begins Roll-Out of Electronic Product Codes in Dallas/ Fort Worth Area (April 30, 2004), http://www.walmartstores.com
See Jacqueline Emigh, More Retailers Mull RFID Mandates, eweek, August 19 (2004)
See Boone, IDC, at 226
Tien, Electronic Frontier Foundation (EFF), at 97
Press Release, FDA, FDA Announces New Initiative to Protect the U.S. Drug Supply Chain Through the Use of Radiofrequency Identification Technology (November 15, 2004), http://www.fda.gov
Over the past decade, the FTC has frequently held workshops to explore emerging issues raised by new technologies. The Commission’s earliest workshops on Internet-related issues were held in 1995, http://www.ftc.gov/opp/global/trnscrpt.htm More recently, the Commissions workshops have focused on such issues as wireless technologies, information security, spam, spyware, and peer-to-peer networks. For more information about each of these forums and the Commission’s privacy agenda, http://www.ftc.gov/privacy/privacyinitiatives/promises_wkshp.html
This report was prepared by Julie Brof and Tracy Thorleifson of the FTC staff. It does not necessarily reflect the views of the Commission or any individual Commissioner
See Maxwell, International Public Policy Advisory Councils, Auto-ID Labs and EPCglobal, at 260; Bruening, CDT, at 285-86
This panel focused largely on the privacy challenges facing private industry. The costs and benefits of RFID deployment by government, including current and proposed uses by the Department of Homeland Security, raise issues not addressed in depth at the Workshop or in comments submitted to the Commission
The Guidelines are posted at http://www.epcglobalinc.org/consumer/ , under the public policy section of the EPCglobal Inc. Web site
Board, EPCglobal, at 271-72. EPCglobal currently has over 400 members
Id. at 272
Board, EPCglobal, at 272 and presentation slide. More information about the template label is available on the EPCglobal Web site, along with explanatory information for consumers about RFID technology, http://www.epcglobalinc.org/consumer/
Board, EPCglobal, at 272 and presentation slide
The significance of this provision and the protection it provides consumers obviously depends on the existence and rigor of applicable privacy laws or regulations
All quoted items are excerpts from the EPCglobal Guidelines, supra note 127
The Guidelines provide that “EPCglobal will monitor the proper use of these Guidelines,” but details concerning enforcement or accountability mechanisms have not yet been announced
Board, EPCglobal, at 272; see also GMA, Comment, at 5 (stating that “[i]n January 2004, the GMA Board of Directors formally adopted privacy guidelines established by EPCglobal”). In addition, some industry members have endorsed self-regulatory principles similar to those embodied by the EPCglobal Guidelines. See, e.g., NRF, Comment; Microsoft, Comment, at 14-15. Another example is the 1,500-member Food Marketing Institute, which added RFID-specific provisions to its “Policy Statement on Consumer Privacy” in May 2004. In addition to calling for notice, choice, access, and security of consumer data, the FMI statement advocates legislation prohibiting the unauthorized access, interception, or receipt of an “EPC signal” (i.e., barring the rogue scanning of RFID tags), http://fmi.org/consumer/privpolicy.htm , Commission staff will continue to monitor compliance with the EPCglobal Guidelines and other industry self-regulatory standards
Board, EPCglobal, at 272; Langford, Wal-Mart, at 65-66. Wal-Mart’s RFID announcement calls for its top 100 suppliers to place RFID tags on cases and pallets shipped to a regional distribution center in Texas. Readers will be installed at the dock doors of seven stores in the Dallas-Ft. Worth metropolitan area in order to track tagged cases or packages of goods. No readers are placed on store floors. Other company stores in the distribution center’s region, which covers North Texas and parts of Oklahoma, may receive RFID-tagged cases and pallets, but no readers will be installed there as part of the pilot program. For more information about Wal-Mart’s RFID plans, see the “Supplier Information” section of http://www.walmartstores.com
Wal-Mart’s shelf-talker
See Langford, Wal-Mart, at 66
A list of current P&G trials using EPC technology, http://www.pg.com/company/our_commitment/privacy_policy/index.jhtml
P&G, Comment, http://www.pg.com/company/our_commitment/privacy_policy/index.jhtml
Hughes, P&G, at 172. However, some panelists asserted that retailers currently use bar code data to link customer identity to their purchases. Albrecht, CASPIAN, at 231; see also Atkinson, PPI, at 291
See Stafford, Marks & Spencer, at 265
Prior to implementing their program, company officials met with key privacy organizations in an effort to accommodate their concerns. See Marks & Spencer, Corporate Social Responsibility, Issue Two: Responsible Use of Technology, http://www2.marksandspencer.com/thecompany/
Consumers may detach the tags themselves post-purchase or may request that a cashier do so. The tags are not required for return, so may be discarded by consumers without further consideration. For a picture of what an Intelligent Label looks like, see Figure B, supra
Stafford, Marks & Spencer, at 266-68
Specifically, privacy advocates called for RFID users to make public their policies and practices involving the use and maintenance of RFID systems. Further there should be no “secret databases” or “tag-reading in secret.” Privacy Position Statement at 3
See id.; Laurant, Electronic Privacy Information Center (“EPIC”), at 278
Laurant, EPIC, at 278
Givens, PRC, at 211
See id
The Privacy Position Statement, which forty-five consumer and privacy organizations have signed, endorses the need for such an assessment. Workshop participants representing some of these groups reiterated this recommendation. See Givens, PRC, at 150-51, Laurant, EPIC, at 279; Bruening, CDT, at 282–83
Givens, PRC, at 150-51. For example, RFID tags could be used effectively for recycling purposes without containing unique identifiers; instead, the chips could be encoded to communicate only the presence of certain toxins that recyclable materials may contain. A comment from a consumer made an analogous suggestion, recommending that tollway transponders (such as E-ZPass), be sold like phone cards in stores, where they could be purchased with cash and used anonymously. See Greenberg, Comment
Privacy Position Statement at 3-4
See Tien, EFF, at 100-01; Laurant, EPIC, at 279. In addition, although Workshop participants did not discuss state legislation, a number of bills have been introduced across the country, including California, Maryland, Massachusetts, and Utah. See Claire Swedberg, States Move on RFID Privacy Issue, RFID Journal, Apr. 30, 2004; Thomas Claburn, Privacy Fears Create Roadblocks for RFID, InformationWeek, Mar. 8, 2004. These proposals, which were not enacted, would have required notice and other measures in connection with a retailer’s use of RFID on individual consumer items. Some observers believe that these or similar proposals are likely to resurface in next year’s legislative sessions
Laurant, EPIC, at 279; see also EPIC, Comment, at 14
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, X. (2009). RFID Application of Addressing Consumer Privacy Challenges. In: Qi, L. (eds) Applied Computing, Computer Science, and Advanced Communication. FCC 2009. Communications in Computer and Information Science, vol 34. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02342-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-02342-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02341-5
Online ISBN: 978-3-642-02342-2
eBook Packages: Computer ScienceComputer Science (R0)