Homing in on Privacy:

guineanscarletΗλεκτρονική - Συσκευές

27 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

85 εμφανίσεις

www.ipc.on.ca

Homing in on Privacy:

The Challenge for

Item Level RFID Deployment


Ann Cavoukian, Ph.D.

Information & Privacy Commissioner/Ontario



MAKING TRACKS: RFID

Montreal, Quebec


February 16, 2005


www.ipc.on.ca

Slide
2

Benefits of RFIDs

The benefits of RFID technology:


More efficient management and tracking of
goods and inventory through the supply
chain process


Reduced labour costs (e.g., no manual
scanning of individual items is required)


Better post
-
sale service for consumers,
warranty servicing, etc.

www.ipc.on.ca

Slide
3

Future of RFID Applications

in the Consumer Space

0


5 years


Pallets, cases, cartons...


Products not people

5


10 years


Improved technology, cheaper to
produce... Item level tracking and
tracing potential



www.ipc.on.ca

Slide
4

RFID future deployment

www.ipc.on.ca

Slide
5

Broader Future Deployment
Trends

0
-
5 years




Supply Chain
Management


Retail, back
-
end


Warehouse
management &
automation


Asset Management


5
-
10 years



Track and Trace to
item level


Airline Luggage


Pharmaceuticals


Library Inventory


Animals


Retail, smart shelves


Customer ‘insight’
(CRM)

www.ipc.on.ca

Slide
6

Consumer Deployments


0
-

5 Years


Limited deployment in the next 5 years


Retail, Smart Shelves & Electronic Article
Surveillance (Extra Stores, Germany, Benetton
15million tags) very limited deployment


Pharmaceuticals (Purdue Pharma tagging
OxyContin)


Convenience services (Easy Pay, Mobil, Ski
Passes, Vehicle access, Verichip implants as in
-
house debit cards)


Consumer Safety (Michelin plans for tires in the
wake of Firestone recalls).

www.ipc.on.ca

Slide
7

Consumer Deployments

5
-

10 Years



Broader utilization 2010
-

2015


Retail, smart shelves & electronic article
surveillance


Pharmaceuticals


Convenience services ( e.g., road tolls, Easy
Pay gas tokens)


Consumer safety (e.g., car security, smart
goods with post purchase consumer safety
issues such as food and vehicle parts)

www.ipc.on.ca

Slide
8

Privacy and RFIDs


RFID tags contain information about a
product, not an individual (e.g., EPC,
price, size, colour, manufacture date)



Despite that, many consumers perceive a
threat to privacy


why is that?

www.ipc.on.ca

Slide
9

Consumer Perceptions


Consumers perceive that RFIDs may
facilitate tracking:


The ability to track consumers who have
purchased a product


The establishment of a widespread
surveillance infrastructure


The linking of product information and
personal information without consent


www.ipc.on.ca

Slide
10

Survey Results


Auto
-
ID Centre/Proctor & Gamble
Internal study found:


78% of respondents had a negative reaction to
RFID use, with the majority claiming to be
extremely or very concerned


Also found that consumers did not want "smart
tags" in their homes, and the reassurance that the
"tags" could be turned off and privacy guaranteed
was not compelling

source:
http://cryptome.org/rfid/pk
-
fh.pdf


www.ipc.on.ca

Slide
11

Implementing RFIDs


A failure to build privacy into the design
and implementation of RFIDs can
produce a consumer backlash



This will have an adverse impact on a
company’s reputation and ultimately its
bottom line

www.ipc.on.ca

Slide
12

Consumer Backlash



How real are consumer concerns?



Could privacy issues potentially deter the
roll
-
out of RFIDs?

www.ipc.on.ca

Slide
13

Benetton


Italian clothier Benetton sparked a furor
after it announced plans to implant RFID
tags in its apparel (April 2003)



Public opposition was seen as forcing the
company to cancel its plans

www.ipc.on.ca

Slide
14

Gillette:

Keeping “Tags” on Customers


Privacy groups threatened a consumer boycott
after the media reported that Gillette was
testing a “smart shelf” at a Tesco store in the
U.K., possibly for theft detection purposes
(July 2003)


RFID tags embedded in Gillette razor
packages triggered CCTV cameras that took a
picture of a customer both when he or she
removed a package from the shelf and at the
check
-
out

www.ipc.on.ca

Slide
15

Metro AG


Metro AG, a German company, announced
plans to start using RFID chips in supermarket
loyalty cards in one store


The purpose of this initiative was supposedly
to allow the store to verify the age of shoppers
wanting to view DVD movie trailers


Metro AG abandoned its plans after protests
from privacy groups (March 2004)

www.ipc.on.ca

Slide
16

Checkpoint:

Tracking Individual Items


Checkpoint Systems Inc. announced that it
had developed new RFID solutions for
tracking individual consumer items


Checkpoint senior executive: “These RFID
applications are prototype designs to
demonstrate how the technology will fulfill a
customer’s need for greater information and
stock availability …”


www.ipc.on.ca

Slide
17

Get Ready for a Good Fight


CASPIAN, a U.S.
-
based consumer rights group,
claimed that:


Checkpoint was developing RFID “spychips” for three
well
-
known clothing labels


Consumers wearing the tagged clothing could potentially
be identified and tracked by readers



“[We] will be working with consumers on an aggressive
response to this privacy threat. Roll up your sleeves and
get ready for a good fight.”


UK consumer group
: ThoughtCrime News: “RFID is not
only the harbinger of heavy personal surveillance. It may
bring an end to civilization as we know it.”

www.ipc.on.ca

Slide
18

Information Privacy Defined


Information Privacy/Data Protection



Freedom of choice; control;
informational self
-
determination



Personal control over the collection, use
and disclosure of any recorded
information about an identifiable
individual

www.ipc.on.ca

Slide
19

Fair Information Practices:

A Brief History


OECD
Guidelines on the Protection of Privacy
and Transborder Flows of Personal Data



EU
Directive on Data Protection



CSA
Model Code for the Protection of
Personal Information



Personal Information Protection and
Electronic Documents Act

(Canada)

www.ipc.on.ca

Slide
20

Summary of

Fair Information Practices


Accountability


Identifying Purposes


Consent


Limiting Collection


Limiting Use,
Disclosure, Retention


Accuracy




Safeguards


Openness


Individual Access


Challenging
Compliance

www.ipc.on.ca

Slide
21


Federal Private
-
Sector

Privacy Legislation



Personal Information Protection and
Electronic Documents Act

(PIPEDA)



Applies to personal information collected,
used or disclosed in the course of commercial
activities by all:


federally regulated organizations and


provincially regulated organizations,
unless a
substantially similar

provincial
privacy law is in force

www.ipc.on.ca

Slide
22

Build It In




Embed privacy protective measures into
the actual design and infrastructure of
any new technology, including RFIDs

www.ipc.on.ca

Slide
23

Building Privacy Safeguards into
RFIDs


RFIDs will continue to produce a consumer
backlash unless both RFID manufacturers and
business users adopt privacy safeguards


Privacy is not a concern at most stages of the
supply chain (e.g., tracking items in a
warehouse)


However, privacy concerns are triggered at the
point when a consumer comes into contact
with a product with an RFID tag

www.ipc.on.ca

Slide
24

Possible Privacy Solutions


RFID tags should be deactivated at the point
of sale, or when the consumer comes into
contact with the tag (e.g., through blocking
technology carried by the consumer or
pervasive in the vicinity)


Deactivation at point of sale should be the
default, but not without its problems


Deactivation limits post
-
sale benefits of
RFIDs

www.ipc.on.ca

Slide
25


Addressing the Challenges of
Designing in Privacy



Options for Future Designs that address
consumer controls (design stage only):


Zombie Chips designed by RSA



Chips never die, but can be deactivated and then
reactivated at a later time



Could be switched from non
-
private to private mode


Smart Blocker Tags designed by RSA


Selective blocking made easy but not likely to be
adopted by tag manufacturers

www.ipc.on.ca

Slide
26

Mechanical Destruction of Tag


Provide RFID tag structures that permit a
consumer to disable a tag by mechanically
altering the tag in such a way as to inhibit the
ability of a reader to interrogate the tag or
transponder by wireless means:


provides visual confirmation that tag has
been deactivated


may be read later on by mechanical contact
if desired by consumer

www.ipc.on.ca

Slide
27

Example: Consumer Disabled Tag

www.ipc.on.ca

Fair Information Practices

as Applied to RFIDs

www.ipc.on.ca

Slide
29

Openness and Transparency


Businesses should be open and
transparent with consumers about the use
of RFID tags and readers



If RFIDs are embedded in a product that
makes its way to the retail shelf, proper
notice should be provided to consumers

www.ipc.on.ca

Slide
30

Notice


Notice must be conspicuous to the consumer
and explain what an RFID is in plain language
(not technical jargon)



Notice must explain where RFIDs are being
used and for what purposes



Proper notice could be in the form of signs,
labels, brochures, etc.

www.ipc.on.ca

Slide
31

Choice


Potential reasons for RFID tag deactivation
followed by reactivation:


Facilitating product returns and warranty
servicing


Facilitating recovery of lost or stolen products
to consumer


Enabling interaction with “smart” appliances


Consumers should have the choice to have an
RFID tag reactivated without cost

www.ipc.on.ca

Slide
32

Use Limitation



Personal information must not be used
for purposes other than those for which it
was collected, except with the consent of
the individual or as required by law

www.ipc.on.ca

Slide
33

Consent


A business must not merge or link a
consumer’s personal information with RFID
information about a specific purchased
product, without that individual’s knowledge
and consent



Consent must be voluntary and informed,
which means that the individual understands
the nature and consequences of providing or
withholding consent

www.ipc.on.ca

Slide
34

Challenging Compliance


A business should have a clear process in
place for resolving privacy complaints
from its customers about RFIDs



A business’s chief privacy officer (CPO)
and other privacy staff should be key
players in the design and launch of any
RFID initiative

www.ipc.on.ca

Slide
35

Staff Education and Training


Both managers and frontline employees
must be provided with privacy training
that includes information about RFIDs



Employees must be trained to provide
clear, honest and informed answers to
customers who have privacy concerns
about the tracking potential of RFID tags

www.ipc.on.ca

Slide
36

Conclusions


Many RFID deployments do not
presently involve consumers


This is the time to address the privacy
issues of the mid
-
term deployments that
will involve consumer
-
specific RFIDs


You do not have the luxury of time


Act now

www.ipc.on.ca

Slide
37

To Find out More …


The Information and Privacy Commissioner of
Ontario has published two RFID papers:


Tag, You’re It: Privacy Implications of Radio
Frequency Identification (RFID) Technology
(February 2004)


www.ipc.on.ca/docs/rfid.pdf


Guidelines for Using RFID Tags in Ontario
Public Libraries

(June 2004)


www.ipc.on.ca/docs/rfid
-
lib.pdf

www.ipc.on.ca

Slide
38

Final Thought



“Anyone today who thinks the
privacy issue has peaked is
greatly mistaken…we are in the
early stages of a sweeping
change in attitudes that will
fuel political battles and put
once
-
routine business practices
under the microscope.”

Forrester Research, March 5, 2001

www.ipc.on.ca

How to Contact Us

Commissioner Ann Cavoukian

Information & Privacy
Commissioner/Ontario

2 Bloor Street East, Suite 1400

Toronto, Ontario M4W 1A8


Phone:

(416) 326
-
3333

Web:

www.ipc.on.ca

E
-
mail:

commissioner@ipc.on.ca