What are the privacy aspects of RFID in information security?

RFID systems that gather data associated to identifiable individuals raise particular privacy issues that should be regarded as a priority challenge to the acceptance of the technology in a huge number of regions.

In many cases, the potential attack of privacy via the use of RFID is based on both the technology accessed and the context. Invisibility of the data compilation may be the primary trait of RFID that raises concerns. It is also a possibility multiplier for the possible privacy dispute connected with the need of the technology.

RFID might disclose to third parties information regarding objects carried by individuals without their information. It might permit inferences allowing links to more information on the individual and more accurate profiling.

Such a scenario would need the occurrence of readers in the tags’ environment in addition to the capacity for the third party to convert the objects’ tag information into meaningful data. Likewise, tracking in real time or after the fact may be the major functionality of RFID that raises issues.

Especially, because of the invisibility of the technology, tracking of individuals can take place without their knowledge, if they are supported with hidden tags or tags that are not sufficiently protected. In other cases, tracking people could also be the purpose of the RFID application (e.g. tracking children in an amusement park).

Another apprehension is that interoperable (“open loop”) RFID technologies make possible and as a result multiply the collection and processing of personal information.

RFID taking benefit of interoperability and ever-present web connectivity is defined as a predictable future, although there are currently some examples of open loop systems. In cases where RFID systems collect data which is connected with an identified or identifiable individual, the OECD Privacy Guidelines offer a useful framework.

When an RFID system processes personal data, transparency of the function of the processing and consent of individuals are necessary. Beyond fundamental data protection information, privacy observe may usefully comprise additional information like −

  • The existence of the tags.
  • Their content, use and control.
  • The presence of readers.
  • The reading activity.
  • The ability to disable tags.
  • Where to obtain assistance.

Innovative means of informing individuals competently could be discovered. Continued stakeholder dialogue among stakeholders, across sectors and in each of the particular application areas, would help elucidate or reach a consensus on what information to offer to individuals, the best means to converse it to attain efficient transparency, in addition to the cases where consent should be or not be needed.

The broad variety of technical configurations and use scenarios make privacy impact assessments a good practice for identifying and accepting privacy risks and best approaches to mitigate them in a specified system.