Abstract
This paper discussed the applications and implications for consumers of RFID, and focused on consumer perceptions and privacy concerns, including three fields: consumer survey results, RFID and consumer privacy, database security issues.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Jo Best, Cheat sheet: RFID, silicon.com, April 16 (2004)
See, e.g., Allen, Texas Instruments, at 67-75. Unless otherwise noted, footnote citations are to the transcript of or comments submitted in connection with the Workshop. The Workshop transcript, specific panelist presentations, and comments are http://www.ftc.gov/bcp/workshops/rfid/index.htm , Footnotes that cite to specific panelists cite to his or her last name, affiliation, and the page(s) where the referenced statement can be found in the transcript or appropriate comment. A complete list of Workshop participants can be found in Appendix A.
See Press Release, Wal-Mart, Wal-Mart Begins Roll-Out of Electronic Product Codes in Dallas/ Fort Worth Area (April 30, 2004), http://www.walmartstores.com
See Jacqueline Emigh, More Retailers Mull RFID Mandates, eweek, August 19 (2004)
See Boone, IDC, at 226
Tien, Electronic Frontier Foundation (“EFF”), at 97
Press Release, FDA, FDA Announces New Initiative to Protect the U.S. Drug Supply Chain Through the Use of Radiofrequency Identification Technology (November 15, 2004), http://www.fda.gov
Over the past decade, the FTC has frequently held workshops to explore emerging issues raised by new technologies. The Commission’s earliest workshops on Internet-related issues were held in 1995, http://www.ftc.gov/opp/global/trnscrpt.htm More recently, the Commissions workshops have focused on such issues as wireless technologies, information security, spam, spyware, and peer-to-peer networks. For more information about each of these forums and the Commission’s privacy agenda, http://www.ftc.gov/privacy/privacyinitiatives/promises_wkshp.html
This report was prepared by Julie Brof and Tracy Thorleifson of the FTC staff. It does not necessarily reflect the views of the Commission or any individual Commissioner
The survey discussed at the Workshop, “RFID and Consumers: Understanding Their Mindset,” was commissioned by Capgemini and the National Retail Federation, Unless otherwise noted, references to survey results concern this study, http://www.nrf.com/download/NewRFID_NRF.pdf
The unfamiliarity with the concept of RFID extended even to those consumers who might be using it. For example, eight out of ten survey respondents did not know that the ExxonMobil Speedpass and the E-ZPass employ RFID technology
Other pre-programmed benefits consumers were asked to rank included improved security of prescription drugs, faster and more accurate product recalls, improved price accuracy, faster checkout times, and reduced out-of-stocks
Consumer comments are, http://www.ftc.gov/bcp/workshops/rfid/index.htm
BIGresearch and Artafact LLC released the results of their joint study, RFID Consumer Buzz (October 2004), http://www.bigresearch.com
The RFID Consumer Buzz survey broke respondents into two categories: “RFID-aware” and “RFID non-aware” consumers. Interviewers described how RFID works to the latter group prior to asking them about perceived benefits and concerns associated with the technology
According to an Artafact spokesperson, “The people [who] were aware of RFID were more practical about balancing the positives and the negatives. Those who were not aware seemed to be surprised to learn about the technology, and they gravitated more toward the potential negative impacts of RFID. We concluded from that that it’s better to inform people about the positive applications than to wait for them to discover the technology on their own.” Mark Roberti, Consumer Awareness of RFID Grows, RFID Journal, October 22 (2004)
See Albrecht, CASPIAN, at 228-29 (discussing a hypothetical manufacturer’s internal RFID program); Stafford, Marks & Spencer, at 264
Privacy advocates at the Workshop collectively called for RFID to be subjected to a neutral, comprehensive technology assessment. For a discussion of this and other requests by these advocates, see infra Section V.B
Givens, Privacy Rights Clearinghouse (“PRC”) at 145; CASPIAN, PRC, et al., Position Statement on the Use of RFID on Consumer Products (“Privacy Position Statement”), Comment, at 2. This capability distinguishes EPCs from typical bar codes, which use generic identifiers
Id. For example, using RFID devices to track people (such as students) or their automobiles (as with E-ZPasses) could generate precise and personally identifiable data about their movements, raising privacy concerns. As one ninth grader in the Texas school system that reportedly plans to use RFID explained, “Something about the school wanting to know the exact place and time [of my whereabouts] makes me feel like an animal.” Matt Richtel, In Texas, 28,000 Students Test an Electronic Eye, N.Y. Times, November 17 (2004)
See, e.g., Givens, PRC, at 145; Parkinson, Capgemini, at 213-14
Fishkin, Intel, at 76. He also stated that he had recently seen a reader the size of a U.S. dime, but explained that the scanning range for such small readers would be less than an inch. These readers would be appropriate for hospital use, for example; they can be integrated into medical equipment “to make sure that when you stick RFID tagged object A into . . . RFID reader receptacle B, you did the right thing.” Id. at 78
See Albrecht, CASPIAN, at 235
See id. at 232; Givens, PRC, at 145
Parkinson, Capgemini, at 213-14
Privacy Position Statement at 2
See Tien, EFF, at 96; Mulligan, Samuelson Clinic, at 156
See, e.g., Juels, RSA Labs, at 311. This access depends on whether RFID devices are interoperable. Currently, “existing RFID systems use proprietary technology, which means that if company A puts an RFID tag on a product, it can’t be read by company B unless they both use the same vendor.” See Frequently Asked Questions, supra note 15. This limitation may change, however, with the recent announcement by EPCglobal approving the second-generation EPC specification. The so-called Gen 2 standard will allow for global interoperability of EPC systems, although it is unclear when Gen 2-compliant products will be introduced or whether the initial round of these products will be interoperable. See Jonathan Collins, What’s Next for Gen 2?, RFID Journal, December 27 (2004)
Albrecht, CASPIAN, at 231
See id.; see also Atkinson, Progressive Policy Institute (“PPI”), at 291 (explaining that “[e]very time I use a credit card, I link product purchases to [personally identifiable information]. We’ve been doing it for 30 years”). Cf. Constance L. Hays, What Wal-Mart Knows About Customers’ Habits, N.Y. Times, Nov. 14, 2004 (describing the tremendous amount of customer data Wal-Mart maintains, but claims it currently does not use to track individuals’ purchases)
Albrecht, CASPIAN, at 231
See Privacy Position Statement at 2
Mulligan, Samuelson Clinic, at 157 (asserting that such profiling may even be more “troublesome” where the tagged item is a book or other type of information good)
Albrecht, CASPIAN, at 239
Id. at 239-40
E.g., Hughes, Procter & Gamble (“P&G”), at 173 (asserting that P&G is “not doing item-level testing”); Wood, RILA, at 60 (“We see a little bit of testing going on in the item level. We do not see widespread item adoption . . . or use for at least ten years”)
Boone, IDC, at 222-23; see also Maxwell, International Public Policy Advisory Councils, Auto-ID Labs and EPCglobal, at 257-58 (noting the alignment between the interests of retailers and consumers in protecting data generated by RFID systems)
Waldo, Sun Microsystems (“Sun”), at 248 (explaining that if a reader is trying to “read[] from very far away, you’re not only going to get your stuff read, you’re going to get a tan,” because of the powerful amount of energy required)
Id. at 249-50
Stafford, Marks & Spencer, at 313 (advising the public to “[b]e clear, there isn’t a business case about gathering customer information through RFID”)
A number of technological proposals to resolve privacy issues are addressed in Section V.C., infra
As one commentator has observed: “RFID is one data-gathering technology among many. And people should be worried about how data related to them gets handled and regulated. That’s much more important than how it’s gathered, because it will be gathered one way or another.” Thomas Claburn, RFID Is Not The Real Issue, InformationWeek, September 13 (2004)
Hutchinson, EPCglobal US, at 26. However, outside of the EPC and supply chain context, privacy concerns center on the security of communication between tags and readers. For example, the proposed biometric passports, see supra note 70, have been criticized as having inadequate privacy protections. This lack of security could enable the rogue scanning of biometric data embedded on RFID chips in passports. Under these circumstances, access to a database would not be necessary to interpret that information
Hutchinson, EPCglobal US, at 38; see also The EPCglobal Network §7.1, supra note 11
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, X. (2009). RFID Applications of Consumer Perceptions and Privacy Concerns. In: Qi, L. (eds) Applied Computing, Computer Science, and Advanced Communication. FCC 2009. Communications in Computer and Information Science, vol 34. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02342-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-02342-2_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02341-5
Online ISBN: 978-3-642-02342-2
eBook Packages: Computer ScienceComputer Science (R0)