Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

RFID Vendors Need a Privacy Strategy

To succeed, companies providing RFID solutions must work closely with their customers to develop a strategy for ensuring privacy and security compliance.
By Kirk J. Nahra and John W. Kuzin
Jun 19, 2006News reports continue to raise fears that RFID will be used to monitor consumers' personal lives. These reports demonstrate firsthand that RFID solutions providers that do not account for privacy and security concerns in their product development, marketing and sales cycles will be at a substantial disadvantage to those providers that do. A report published in the June 2006 issue of Consumer Reports (see Consumer Reports Looks at RFID) strongly implies the industry has decided to keep its head in the sand and hope privacy and security concerns will subside. Even though the implication is false, the likelihood of privacy and security concerns dissipating is slim.

Given how the press has followed the National Security Agency's alleged monitoring of phone calls made in the United States, it is much more likely that privacy and security concerns raised by RFID will continue to swell. In fact, a recent poll found 70 percent of Americans to be "worried about the invasion of privacy through new technology." This percentage was the highest among all countries surveyed, according to a poll taken by Roy Morgan International (see Five Countries Review Privacy, Technology).

Kirk J. Nahra
RFID solutions providers that work closely with their customers to develop a strategy for ensuring privacy and security compliance will be rewarded. Those that can demonstrate a deep understanding and appreciation of the concerns raised by applications including personally identifiable information (PII) will be more likely to gain customers' trust and close more substantial deals than those that only offer lip service to those concerns. How can RFID technology vendors use the issues of privacy and security affirmatively to give themselves a competitive advantage?

Develop a Compliance Strategy
RFID solutions providers should develop an appropriate program for managing their customer relationships from a privacy and security standpoint. It should be no surprise that the marketing credo of "know the customer" applies with equal force to RFID privacy and security issues. Solutions providers need to understand how and why their customers use PII, what they do with it and with whom they share it.

RFID solutions providers will find that many of their end-user customers outsource data management tasks, including those that involve PII. While the majority of domestic and international privacy laws permit outsourcing, the outsourcing of business operations involving PII introduces added risk (legal, political and reputational). These risks are made real by widespread publicity about security breaches and enforcement actions from regulators aimed at companies suffering such breaches. The emerging standard for addressing these issues from a legal perspective is to require additional oversight of end-user customers—at the front-end, due-diligence stage and at the back-end, through both comprehensive audits and spot-check assessments. Most end-user customers recognize this to be a serious and daunting challenge, one that must be taken seriously to avoid harming their business reputation.

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

Case Studies Features Best Practices How-Tos
Live Events Virtual Events Webinars
Simply enter a question for our experts.
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations