Privacy Gets on the Agenda

Regulators and legislators toss the ball to retailers, who are at last
ready to run with it.
Published: April 1, 2005

March was not a good month for privacy advocates in the United States looking to the federal government to limit the use of RFID technologies. The U.S. Federal Trade Commission released a report entitled “RFID: Applications and Implications for Consumers,” which says that for now, the agency will allow companies that make and use RFID technology to regulate themselves regarding consumer privacy.

Around the same time, a group of Republican U.S. senators said they would work to ensure that RFID deployments stay free of regulation. The 14-member Senate Republican High Tech Task Force published a policy platform that said: “RFID holds tremendous promise for our economy, including military logistics and commercial inventory efficiencies, and should not be saddled prematurely with regulation.”




The European Union has taken a tougher line on privacy. In late January, the European Commission’s advisory body on data protection and privacy released RFID guidelines that say retailers should obtain consent from individuals where RFID is used and provide information to those on whom data is collected, including the presence and location of RFID tags and readers, what sort of data is being collected and how it is being used. The E.U. also wants retailers to let customers know that they have the right to complete access to any personal data being collected and stored on them as well as the right to check on the accuracy of the data.

Up to now, retailers had felt little pressure to deal with privacy issues, because most expected they would not move to item-level tracking for several years. But tagged items are appearing in stores—Wal-Mart is receiving tagged printers and scanners from Hewlett-Packard, and Tesco is tagging DVDs—and some retailers say it is important to address the issue now.

The ability to kill—permanently deactivate—a tag is central to EPCglobal’s privacy strategy. The second-generation EPCglobal UHF standard requires that a 32-bit password be sent to the tag before the reader can kill the tag. The first-generation tag had only an 8-bit kill code, which meant that someone could send 256 random numbers to the tag and eventually find the one that would kill it. That would make it difficult to use the tags as an antitheft device by installing RFID readers at the exits.

With the new standard, manufacturers will assign a random 32-bit number to each tag when writing the unique EPC to the tag. They’ll send the 32-bit codes to their retail partners, who will store all the kill codes for all the items in the store and use them to kill tags at a consumer’s request.

During meetings of EPCglobal’s Hardware Action Group in Nice, France, in February, members discussed how to kill tags in stores in a way that is cost-effective for retailers and protects consumer privacy. Retailers are struggling with how to phase in the technology.

Retailers typically upgrade cash registers every seven years. If they have to purchase new registers with RFID readers that can kill tags, they would be replacing current equipment before it’s reached the end of its life—a step they don’t want to take when only a few items are tagged.

Another option is to retrofit existing registers, but there would be another cost in addition to the readers: more memory to store the kill codes. Each 32-bit kill code would require the retailer to download 9 bytes of data. A small retailer might have to store 50 MB worth of data in each register (so the kill code could be found quickly and not slow down the checkout process). A Wal-Mart Supercenter, which has about 120,000 different stock-keeping units, would have to store about 270 MB of information. Newer registers can be fitted with RFID readers and the 300 MB of RAM needed to store passwords and rapidly kill all tags if requested by customers. But many older cash registers only have 40 MB of memory and can’t be upgraded to 300 MB.

Retailers are now examining a variety of possible ways to protect privacy without incurring huge costs. It’s likely that different retailers will adopt different solutions—and as long as they make a good-faith effort to protect consumer privacy, government agencies and lawmakers will likely give retailers leeway.