View
212
Download
0
Category
Tags:
Preview:
Citation preview
••• 1
Communication on RFID: “steps towards a policy framework”
(COM(2007)96 of 15 March 2007)
Council of the European UnionWorking Party on Data Protection
Brussels, 24 May 2007
••• 2
How Does RFID Work?
Reader Antenna
Reader broadcasts signal through antenna
Transponder
Transponder receives signal
Computer System
Reader sends info/data to computer system for collecting, logging and processing
Transponder is charged with enough energy to send back an identifying response
••• 3
Why RFID Matters
• Strategic importance– Improve efficiency– Enable new products, services and solutions– Gain competitive advantage– Prepare Europe for the « Internet of Things »
• Socio-economic importance– Safety, convenience, accessibility– Sectoral benefits– Horizontal benefits (anti-
counterfeiting…)
••• 4
Need for Legal Certainty
• Data protection, privacy and securityData protection, privacy and security– Guidance on practical implementation of RFID
under existing legal framework• Governance of resourcesGovernance of resources
– Model of an information retrieval network for RFID tags in the emerging “Internet of Things”
• Radio spectrumRadio spectrum– Short-term and longer-term spectrum
requirements • StandardsStandards
– Working towards international standards• Environment and healthEnvironment and health
– Raising public awareness of existing legal framework
••• 5
Actions at European Level: A threefold strategy
• Technology development– ICT-FP7 (RFID in 4 ‘challenges’ out of 7)– Cluster of European Research Projects (CERP)
• Awareness and multi-stakeholder debate– RFID Expert Group: from June 2007 to 31 March 2009
• Regulatory measures – Self-regulation
• Codes of conduct, best practices and guidelines on data protection and privacy aspects of various RFID applications
• Close concertation with “Article 29 Data Protection Working Party”
– Legislation• RecommendationRecommendation to public authorities and other
stakeholders– Input from Expert Group, “Art. 29 WP”, other initiatives
• Further possible legislative steps
••• 6
Milestones
• June 2007– Establishment of RFID Expert (Stakeholder) Group
• Balanced representation of all relevant interests• By end of 2007
– Recommendation • Principles that public authorities and other stakeholders should
apply wrt RFID usage– Amendment of ePrivacy Directive
• Add appropriate provisions wrt RFID• By end of 2008
– Communication about the “Internet of Things”• Particular attention to security, privacy, trust, governance • Assessment of policy options, incl. legislation
• 2006 – 2008 – International dialogue
• China, Japan, Korea, Russia, USA…
••• 7
Follow-up
• Council of the EU– Telecommunications Council, 7 June
• German Presidency of the EU– Conference “RFID: Towards the Internet of Things”,
Berlin, 25-26 June (http://www.nextgenerationmedia.de/Nextgenerationmedia/Navigation/en/rfid-conference.html)
– ‘European Policy Outlook RFID’ document• Portugal Presidency of the EU
– Tentatively: Conference & Exhibition “Towards a European Policy on RFID”, Lisbon, 15-16 November
• European Parliament– Participation of MEPs in RFID Events– STOA 20th Anniversary Exhibition, Strasbourg, 18-21 May
– 5 RFID R&D projects with live demonstration• European Economic & Social Committee
– Exploratory Opinion expected in July
••• 8
Outcome of Public Online Consultation (1)
• Rely on technical solutions (70%) and awareness raising (67%) underpinned by legislation (55%) rather than on self-regulation (15%)
• Less than 10% think there is no issue, and just over 10% think it is up to the end user to take action
• 66% want RFID tags attached to products in supermarkets to be automatically de-activated, to be removable (51%) or only readable on short distance (44%)
••• 9
Outcome of Public Online Consultation (2)
• 74% of respondents is fairly strongly or very strongly concerned with RFID-enabled monitoring of employeesmonitoring of employees
• ~50% thinks use of PETsPETs in RFID applications should be mandatory, be promoted at European level (31%); ~10% wants to leave it to the market
• Notification of RFID use can be done either by 3rd party certification (says 56%), or by self-certification (says 44%), as long as RFID use is clearly indicated
••• 10
• Users’ privacy protection– Core principles should be defined
• EU’s Data Protection and ePrivacy Directives– Compliance with principles
“Working Party 29”
• Communication on promoting Data Protection by PETs (COM(2007) 228 final)
• Other societal concerns– RFID use in the workplace– Environment-friendly RFID tags
Privacy and Data Protection
••• 11
Further Information & Contact
• http://ec.europa.eu/information_society/newsroom/cf/itemlongdetail.cfm?item_id=3247
• http://www.rfidconsultation.eu/ • http://www.nextgenerationmedia.de
/Nextgenerationmedia/Navigation/en/rfid-conference.html
• gerald.santucci@ec.europa.eu
Recommended