OPINION

Give Your Views to the EU—Now!


	Email Article
	Create PDF
	Print Article
	Digg This



	Increase Text Size
	Decrease Text Size
	Turn Definitions On

An "RFID application," meanwhile, is defined as "a system to process data through the use of RFID tags and/or readers, a back-end system and/or a networked communication infrastructure." This means most companies' IT systems would be considered an RFID application, if they integrate data with their back end.

"Monitoring" is defined as "any activity carried out for the purpose of detecting, observing, copying or recording the location, movement, activities, image, text, voice, sound or state of an individual." That means using RFID to detect or prevent theft might not be feasible.

Article 3 says: "Where it cannot be excluded that data processed in RFID applications can be related to an identifiable natural person by an RFID application operator or a third party, Member States should ensure that RFID application operators and providers of components of such applications take appropriate technical and organizational measures to mitigate the ensuing privacy and data protection risks."

In other words, if there is a chance—no matter how small—that RFID data could be linked to an individual, national governments in Europe should legislate technical protections and organizational measures to prevent it. The fact is, as any lawyer would attest, there is no application for which you can guarantee, with absolute certainty, that an RFID tag won't be linked to a specific person somehow or in some way, even if companies have the best intentions. It would make far more sense to say that where there is a reasonable likelihood RFID data will be linked to individuals, states should ensure there are protections in place.

Article 5 spells out some specific actions companies must take if they plan to employ RFID in "public spaces" (for instance, they must explain what their data storage policy is). However, as stated earlier, "public spaces" is not clearly defined, so these requirements could affect everyone.

Article 6 is problematic, because it requires users to establish security for RFID applications but doesn't recognize that many companies might participate in a single application, such as supply chain management. Who is responsible if one company in a particular chain fails to adhere to the recommendations? All of them?

<< Previous Page

| 1 | 2 | 3

Next Page >>

Print Article Email Article Reprints and Permissions

EPC Connection 2008, Oct. 14-16, Chicago

The EPC community comes together to share best practices and critical how-to's, and to discuss the business benefits achieved. Learn how to improve business processes and make your supply chain, manufacturing and retail operations more efficient. See the latest product innovations, and find out how to utilize EPC RFID to cut costs and gain a competitive advantage today. Register early and save!

RFID Journal LIVE! Europe, 4-6 Nov. 2008, Prague

Stay on top of how RFID is impacting your industry, and what your competitors are doing with the technology. See the latest product innovations from the leading vendors. Network with RFID pioneers and thought leaders across all industries, and learn how to put RFID to work for your company. Also, learn from leaders in the EPC movement about the benefits they are achieving today at the Co-located EPC Europe Conference. Register today!

RFID Home RFID Buyer's Guide Post a Resume Request a Quote

Retail/CPG	Health Care/Pharma	Chemical	Manufacturing
Transport/Logistics	Defense/Aerospace	Packaging/Labeling	Apparel & Footwear