backtop


Print 7 comment(s) - last by wrack.. on Mar 18 at 11:38 PM

The European Commission sets out to regulate RFID in terms of privacy and data security

The European Commission announced last week its plans to place guidelines on radio frequency identification, or RFID.  The CeBit technology trade show in Hannover, Germany held the stage for the announcement to draft rules to modify the EU e-privacy legislation in order to specify on the existing RFID regulations.

Information society commissioner, Vivien Redding, stated that a stakeholder group with industry, consumers, and data protection groups would be formed at first to give recommendations to the Commission in order to handle data security and privacy.  The group will report back in 2008 with all the information needed regarding EU laws that are necessary. 

Redding also told reporters, "We should stimulate the use of RFID technology in Europe while safeguarding personal data and privacy."  Also that the Commission would not tie up the use of RFID in the in regulations, Redding quoted, "We must not over regulate RFID, but we must provide the industry with legal certainty."

According to CNET, the Commission also published a strategy report on Thursday after consulting with interested partied.  The report included that the RFID tags needed to be more secure, in aspects of encryption and authentication.

With RFID technology implemented in a wide range of uses such as on transportation and tracking cattle, the regulations on the technology become a necessity for the privacy and date security of consumers.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Japan moving to rfid
By PrinceGaz on 3/17/2007 6:48:39 AM , Rating: 2
The problem is with what happens to those RFID tags when the items leave the supermarket and other stores. Without proper regulation in place, there would be nothing to stop people being scanned and data collected from tags in all their clothing as well as other items carried, allowing a complete dossier on where everyone goes, what they do, and so on from being compiled.

Regulation or not, I can see RFID detector/zappers becoming very common items to own in the near future, so you can ensure nothing you own has a functional tag (unless it is for identification purposes that benefit the user).


RE: Japan moving to rfid
By peternelson on 3/17/2007 9:21:31 AM , Rating: 4
2008 is a bit late.

I already have an RFID chip in my UK passport.

I already have an RFID chip in my Oyster card for travel in London.

I know zappers exist but don't really want to zap my stuff.

However I'm seriously considering one of those metal lined passport document holders.

RFID can be scanned from many metres away as long as there is a local power source. Thus you just need to point your antenna towards where it is being read and you eavesdrop.

I doubt the encryption used is that advanced (I think the german passport one got hacked already).

At the moment that probably means I can be identified, and my photo in some jpeg format is downloadable? The key I think is used to sign the photo to verify it has not been tampered with rather than to decrypt it?

At least my passport doesn't yet contain my fingerprints or iris scan (got in before they roll it out).

It would be nice if the Euro legislation could cripple the UK's National identity card scheme, particularly the associated database.

Personally I don't mind my iris scan being on a card or even a central database to verify me as me, but having my fingerprints on a central database - well that has big problems, such as tracing which glasses I was drinking from, placing similar prints to implicate me in a crime, wrongful convictions etc.

I think it's a benefit for me to prove who I am when needed (limits ID theft), but not some of the other applications the state has in mind (known and unknown). If the ID card was designed for me it could act as a wallet holding my private PGP keys and enable their use when I authenticate my eyescan. Unfortunately it is designed more for the benefit of the authorities, but my taxes are paying for it. The associated database is just function creep and unnecessary (eg the eyescan cards at Schipol airport store eyescans on the card only for comparison, not on any database).

So I wish the Euro efforts well to limit this but I only hope they can enforce such limitations on governments too.


"We can't expect users to use common sense. That would eliminate the need for all sorts of legislation, committees, oversight and lawyers." -- Christopher Jennings

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki