RFID and Privacy an antagonism?

Transcription

1 BERLIN COMMISSIONER FOR DATA PROTECTION AND FREEDOM OF INORMATION, GERMANY RFID and Privacy an antagonism? Dr. Alexander Dix, LL.M. and Freedom of Information Member of the Art.29 Working Party Statement at the EU RFID Conference Brussels, 16 October 2006

2 Outline RFID a privacy issue? Personal data From tagged objects to persons Essentials Transparency Need for regulation Summary

3 Why is RFID a privacy issue? Common misunderstanding: RFID tags in the retail industry only identify objects, not persons But: they allow for - monitoring of staff handling the products and - tracing not only shoplifters but all persons possessing tagged objects

4 Personal data Broad definition of EU Directive 95/46 any information relating to an identified or identifiable natural person Identifiable is a person who can be identified directly or indirectly, in particular by reference... to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;

5 Profiling Linking RFID tags with payment systems (credit card) or CRM would lead to a massive storage of personal data, creation of consumer profiles, steering consumer behaviour Privacy is at stake even without storage of personal data on the tag (possible later)

6 Ubiquitous computing Invisible and intransparent technology Movements of tagged objects and their holders/owners can be traced What about data subject s rights? Infrastructure of surveillance possible

7 Wearable computing RFID tags may be integrated in clothes and fabrics They are wearable and washable We may resist subdermal chips but we will not notice that we wear them on our skin Pervasive, ubiquitous computing, ambient intelligence technology

8 Guiding principle data processing systems are designed to serve man; (...) they must, whatever the nationality or residence of natural persons, respect their fundamental rights and freedoms, in particular the right to privacy, and contribute to economic and social progress, trade expansion and the well-being of individuals. (Recital 2 of Directive 95/46)

9 Essentials Legal basis for processing in most cases: free and informed consent of the data subject (customer) - e.g. tagged loyalty cards Purpose limitation (only relevant data to be stored, use limitation, time limit for storage) User-controlled option to deactivate at point of sale and later without disadvantage

10 Transparency is key (1) Directive requires controllers to inform not only about the presence of tags (EPC Global) But also on the consequences for the data subject

11 Transparency is key (2) It must be made clear that tags broadcast information without the individual s initiative what is the purpose for which the information is to be used who is the controller how to exercise the right of access how to disable or remove tags

12 Technical measures for privacy-enhancing design (1) Visibility (marking) of RFID tags, readers and the reading process Simple technique enabling visual indication of tag status (activated, deactivated) User-friendly, easy readability If tag stores personal data: possibility for the data subject to read, correct them easily

13 Technical measures for privacy-enhancing design (2) In any case: Transparent, verifiable, user-controlled deactivation ( kill command, clippable tag) at point of sale Sleeping tags: who wakes them up if not the data subject (owner)? Encryption to protect tag content and communications with reader against unauthorized access

14 The need for regulation Attempts at self-regulation As yet no global standard EU and national legislation partly covering RFID (DP and Privacy Directives) Need for further regulation should be evaluated

15 Privacy-enhancing standards RFID standardization is main driver for interoperability Manufacturers and standards bodies should make privacy compliant RFID technology available Privacy should be built into technical specifications European initiatives necessary (ETSI-ISO)

16 Individual autonomy in the digital age The challenge is how to guarantee individual autonomy in the digital age (in the face of ambient intelligence technologies) Important is the right mix between technology and regulation

17 Summary RFID technology and privacy are no antagonism if manufacturers, standards bodies and deployers realize that privacy essentials are prerequisites for legality and economic success

18 Resources and contact details Sydney Resolution of the 25th International Conference of Privacy Commissioners on RFID ners.asp Art. 29 Working Document /wpdocs/2005/wp105_en.pdf Results of public consultation /wpdocs/2005/wp111_en.pdf