The Financial Times reports on a new privacy proposal in Europe designed to protect consumers who buy products with radio frequency identification (RFID) technology tags attached. (RFID systems transmit data wirelessly from a chip or tag to a reader.) It has been proven time and again that unsecured RFID tags can be scanned and the data gathered with cheap, off-the-shelf technology. Some states have laws that would protect such data. For example, Washington state has a law to prevent “skimming” (unauthorized gathering of data from RFID tags).
Now, the Financial Times reports:
European regulators and industry organisations have agreed to establish a voluntary code to protect consumers’ privacy when they buy or use products carrying ‘smart tags’.
The voluntary agreement establishes a set of tests to be carried out before the tags are put on the market to assess any privacy risks and take countervailing measures whenever a new application is introduced. […]
Since their invention, the tags have become a pervasive part of daily life and can be found in mobile phones, contactless travel passes, hospital patients’ wrist bands and in more unusual places such as implants in the hands of VIP guests to night clubs.They are sometimes used on car windscreens to allow drivers to pay road tolls without stopping at toll booths.
The privacy or data protection risk comes if they are used for purposes other than those originally intended – for example, to reveal the location of an individual or car.