Oct 05, 2006This article was originally published by RFID Update.
October 5, 2006—California Governor Arnold Schwarzenegger vetoed Senate Bill 768 (SB 768), which would have put restrictions on RFID systems used by government agencies in the state. In his comments to the state senate, Gov. Schwarzenegger cited some of the same concerns the RFID industry raised about the bill. Namely, that it may stifle beneficial uses of RFID.
"SB 768, which would impose technology regulation on RFID-enabled ID cards and public documents, is premature," the governor's statement reads. "In addition, I am concerned that the bill's provisions are overbroad and may unduly burden the numerous beneficial new applications of contactless technology." Download the full statement here.
Key provisions of the bill included citizen notification when cards or documents issued by California public-sector organizations contained RFID tags, plus notification of where RFID readers were located and when they were in use. The bill also required opt-out provisions and privacy security. See RFID Industry Weighs In On California Bill for more details about the legislation.
The office of California State Senator Joe Simitian, who sponsored the bill, did not respond to RFID Update's request for comment on the veto. Other media outlets reported the senator plans to reintroduce the bill next year.
"This is the beginning, not the end, of the legislative bell curve," Douglas Farry told RFID Update. Farry is managing director of law firm McKenna Long & Aldridge, which publishes the RFID Law Blog. Farry credited the industry response for bringing shortcomings about the legislation to light and said more education and communication is needed. "If industry leaders believe they dodged the last bullet, they will get hit by the next one... It is up to the industry to engage other states with a proactive, positive public policy agenda that advances the industry's interests -- not waiting to see how other states respond."
AIM Global is currently developing a more technical security/privacy document to supplement materials it has already released on privacy and technology issues, according to President Dan Mullen. "We made our members aware of the California legislation, and they did respond. The veto is encouraging. In our view, the technology is benign -- it's what people will do with it is where good and bad come in. We will continue to point back to best practices about consumer notification and choice."
AIM, the AeA (formerly the American Electronics Association) and the Secure ID Coalition were among the organizations who engaged in the legislative process to negotiate provisions of the bill and educate legislators about RFID technology. Consensus among the industry was that the final bill represented a decent compromise from Sen. Simitian's original far-reaching goals. But the industry still questioned whether separate, RFID-specific laws and regulations are necessary to protect privacy.
"The proposed legislation isn't really a debate over RFID, but rather one over data protection. While enhancing data protection is a legitimate legislative goal, it shouldn't be done at the expense of the development of a nascent technology," said Kevin Davis, articles contributor for the RFID Law Journal, in a statement to RFID Update. "Had the legislation been accepted by the Governor, it would've meant that RFID projects would be far less attractive from an ROI point of view and would probably have resulted in fewer RFID projects [in California] in the coming years. The Governor's cautious decision is a positive step for the RFID industry, as it gives industry proponents additional time to further develop the business case for RFID solutions and educate the public about these solutions."
The industry-government interaction over SB 768 may have been a preview of what will happen for the federal government's controversial REAL ID Act of 2005. That legislation, signed by President Bush, will set federal standards for driver's license security to be implemented by 2008. RFID is one possible option for the REAL ID program, which will be a battleground issue for privacy advocates. Uncertainty about REAL ID Act requirements and the possibility of conflict between state and federal regulations were other reasons Gov. Schwarzenegger cited in his veto.
"The biggest take away [from the California SB 768 legislative process] for your readers is that they should not assume their voice cannot make a difference, or that the issue will go away in time, or that the specific legislation won't affect you or your company," Farry told RFID Update. "If it inappropriately casts the entire category of technology in a dangerous light, this kind of legislation can have impacts on everyone making, selling or using RFID."
