Mar 23, 2007Efforts by Washington legislators have failed to pass legislation this year that would have required parties to obtain consent from consumers before using RFID to "collect, maintain and disclose information" on them, because the bill was not placed on the House legislative floor calendar by March 14. The bill, HB 1031, was returned to the House Rules Committee on March 15, but it will not be heard by the full House during this year.
The proposed legislation says parties selling or issuing RFID tags that are not disabled, deactivated or removed at the point of sale or issuance must use "industry-accepted best standards" to secure the data on the tag. That standard, undefined in the bill, would need to be the best standard endorsed by the RFID industry at the time the particular tag in question was first brought to market, State Representative Jeff Morris (D) told RFID Journal in February (see Washington State Representative Introduces RFID Legislation). In the event of a legal case, he said, the court would determine what that standard was by consulting industry experts. In addition, the bill would have enabled consumers to seek damages from parties violating these rights.
"The bill ended up with a few less than the majority it needed" to be placed on the calendar, explains Morris, who authored the legislation and introduced it in January. When the House Committee on Technology and Energy & Communications passed the bill and sent it to the Rules committee, Morris says, it had support from the entire Democratic Caucus and half the Republican Caucus. But then, he says, "the business lobby hit the issue hard," which led to the bill stalling in committee. The lobby he refers to is made up of representatives from a coalition of 34 companies and industry groups, including the American Electronics Association (AEA), EPCglobal, Hewlett-Packard (HP) and a number of semiconductor and telecommunications firms.
The group sent a letter of opposition to the bill to the Washington State House of Representatives on March 10, asking its members to oppose the bill on the basis that it fails to distinguish between different applications of RFID technology, such as retail product tracking versus securing identification cards. The lobby said its requirement for obtaining consumer consent would place "onerous burdens on small businesses," and called notification rules "unnecessary and burdensome."
According to Morris, the industry lobbyists, with whom he met a number of times before introducing HB 1031, urged representatives—many of them Freshman—that voting for HB 1031 would be voting against commercial interests. Those supporting the bill, including Morris, told them it was a bill designed to protect consumers. "When faced with voting against a bill that would protect consumers," he says, "or voting for a bill that would hinder business, many of them decided not to vote at all."
Though the bill will not be heard again during this legislative year, says Morris, it will remain in the House Rules Committee. Asked if he will reintroduce the bill next year, Morris says he will monitor the issues around RFID technology and the transmission of personally identifiable information. "I'm starting to see businesses introduce RFID products with [new] security tools built in." As devices like these come out, he says, they will make consumers more aware of the security issues around RFID tag data security. "If I see enough tools emerging [designed to protect consumer data], then there might not be a need for this legislation."
Morris notes, however, that he has the support of a number of state senators hoping to see HB 1031 pass into the senate. Washington State Senator Darlene Fairley (D) introduced a bill in mid-February, SB 6020, requiring that those producing, manufacturing, packaging, distributing or selling a retail product to which an RFID tag is attached place a conspicuous label on the product stating it contains or carries an RFID tag. That bill stalled in the Senate's Consumer Protection and Housing Committee.