The Privacy Lawyer: RFID May Be Risky Business
As we move closer to the day when individual items by and large will be tagged, companies had better be prepared to have clear policies for how they'll handle data they may collect from consumers.
So far, only a couple of retailers are even selling individually tagged items. And most consumers currently don't even have a clear idea about what RFID is, how it is being used, and what the privacy and convenience implications will be for them, the retailer, and the manufacturer. When polled recently, most consumers indicated that they were willing to allow a certain amount of tracking using RFID if it increased their convenience or saved them time. But when asked how they felt about the product tracking being tied to their payment information, they overwhelmingly objected to such use.
Whether we know enough to object or not, some of the proposed applications of RFID are likely to freak out most people. An RFID supplier was recently given the go-ahead to test RFID tags that can be implanted in humans, though the Food and Drug Administration is still reviewing usage of the technology in this way. It's currently being proposed as a security/biometric technology, allowing or preventing access to certain areas of health-care facilities based on the facility's rules. (The manufacturer has used this technology previously to track pets and livestock.) Is providing an easier way to identify who can pass certain thresholds in a health facility really worth implanting RFIDs into our muscles? Can't good old-fashioned biometrics work just as well?
In the rush to adopt RFID, businesses have not paid enough attention to legal and consumer-relations risks. And, until consumers are convinced that the benefits of RFID outweigh their privacy and security concerns, this may be a very serious risk indeed.
RFID shouldn't be the latest toy IT adopts. It should be a well-thought-out decision that takes all risks, potential consumer reactions, and business benefits into consideration. This is one technological application where early adoption may be a costly mistake.
Parry Aftab is a cyberspace lawyer, specializing in online privacy and security law, and she's also executive director of WiredSafety. She hosts the Web site aftab.com and blogs regularly at theprivacylawyer.blogspot.com.
To discuss this column with other readers, please visit the Talk Shop.
To find out more about Parry Aftab, please visit her page on the Listening Post.
About the Author
You May Also Like