ICT for Enterprise NetworkingICT for Enterprise Networking

RFID Privacy panel contribution1

OECD, Paris

Florent Frederix October 5, 2005Florent Frederix October 5, 2005

[1] Disclaimer: Any opinions expressed in this presentation are the author’s own and do not reflect necessarily the position of the European Commission

ICT for Enterprise NetworkingICT for Enterprise Networking

European Commission & RFID

– DG Justice, Liberty and Security: Data privacy issues– DG Research: Industrial applications– DG Information Society and Media: R&D tech.,appl. Spectrum issues – DG Enterprise: Standardisation– DG Energy and Transport: Logistics, transport, car identif.– DG Taxation and Customs Union Cross-border supply chain security– Joint Research Center: Societal studies– DG Education and Culture: Culture, education– DG Competition: Open market, IPR– DG Environment:– DG External Relations Intergovernmental contacts– Secretariat-General:

The Reflection Group invites different stakeholders (technology companies, supply chain and logistics organisations, national registries etc.) in order to obtain a concise picture.

ICT for Enterprise NetworkingICT for Enterprise Networking

Topics of discussion

RFID applicationsResearch and DevelopmentInteroperability and StandardsRadio spectrumRFID governanceProtection of Personal Data and PrivacyOther policy issues

ICT for Enterprise NetworkingICT for Enterprise Networking

Other policy issues

IPR free standardsIntellectual property rightsIntergovernmental agreementsHealthEnvironmentIdentity theftEthical aspects of RFID implantsLabor practices and RFID

ICT for Enterprise NetworkingICT for Enterprise Networking

International dimensionInternational dimension

Challenge:– Interoperability among RFID tags and readers at

global (worldwide) level– Uniform standards for sensor-network

technologies

Some Applications– Green lane & express shipments– Enforced security for the shipment of goods

ICT for Enterprise NetworkingICT for Enterprise Networking

ICT for Enterprise NetworkingICT for Enterprise Networking

Some questions Some questions

What is the role of technological solutions ?

Role of industry self-regulation ?(code of conduct)

Is existing privacy and data protection legislation adequate ?

ICT for Enterprise NetworkingICT for Enterprise Networking

PrivacyPrivacy

RFID data linked to personal data– e.g. link with payment of credit card

-> privacy implication RFID used to storepersonal data

– e.g. travel pass -> record of individual travel

RFID tracking without ‘traditional’ identifiers– e.g. RFID coins to operate shopping carts

Working document in 2005 on data protection issues related to RFID technology by European Commission – recalling of basic principles for data protection set out in EU

directives in 1995 and 2002– guidance for RFID technology manufacturers to design privacy

compliant technology and for standardization bodies– public consultation from January 18 to March 31, 2005

Source: www.d-techdirect.com

ICT for Enterprise NetworkingICT for Enterprise Networking

Article 29 working party Article 29 working party

Mandate by article 30 of the 1995 directive on personal data protection

Consists of data privacy officers of different member states

Wrote down opinion on RFID in 2004

Document published and included in handout

ICT for Enterprise NetworkingICT for Enterprise Networking

Next steps Next steps

Continuous innovation – discussion not closed

Maybe more sectorial opinions of article 29 group

More holistic approach – Interservice group

ICT for Enterprise NetworkingICT for Enterprise Networking

ICT for Enterprise NetworkingICT for Enterprise Networking

Institution & organizations

Data protectionWorking party 29 (representatives of all Member

States' national data protection authorities)

Frequency spectrummanagement by CEPT (45 countries) and EU

Member States - Transfer into national regulations

StandardsCEN, CENELEC and ETSI

GS-1 for EAN & UPC bar codes

Supply chain securityExpert group from Member states’ authorities,

TAXUD, JRC, US Customs and Border Protection

ResearchEuropean research framework programme (FP6)

National research programmes, Internat. co-operat.

…….

DG JLS

DG TAXUD

DG ENTR

DG TREN

DG INFSO

DG RTD

JRC

DG …

Inte

rser

vice

RFI

D R

efle

ctio

n G

roup

European Commission

DG …

ICT for Enterprise NetworkingICT for Enterprise Networkingflorentflorent..frederixfrederix@@ceccec..eueu..intint