Radio Frequency Identification (RFID) and Data Protection Legal Issues

  • Zoi Talidou


Radio Frequency Identification (RFID) Technology uses radio waves to identify automatically, wirelessly, contact less and without visibility objects which, or people who have an RFID tag attached. It is being used in many sectors but raises data-protection concerns. The reasons for that are the worldwide unique identifier, the possibility of unnoticed remote reading, and the profiling through sporadic surveillance. For these reasons RFID-technology introduces new legal issues that have to be discussed: what is personal data, who is responsible for the data processing, whether the data-transmission is telecommunication, whether it presents a new way of direct marketing or if it constitutes an automatic decision.

In the early 1970s fears about loss of privacy and worries concerning data protection were focused on large, centrally held data-bases containing files about named or numbered individuals processed by huge computers situated in big rooms. As the Web, its attendant search engines and the inter-link ability of many databases in various networks have developed, the concept of “files” became trivial. Now the emerging RFID technology contributes to the realisation of the Ambient Intelligence Environment, where intelligent objects communicate with each other by exchanging information and taking decisions. That introduces us to the next step of the “Internet of the things”. Technology innovation and the impact of its usage stress a rethinking and re-examining of the traditional legal principles and legal instruments in the field of data protection.


Personal Data Data Protection Radio Frequency Identification Direct Marketing International Civil Aviation Organisation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Article 29 Data Protection Working Party, Results of the Public Consultation on Article 29 Working Document 105 on Data Protection Issues Related to RFID Technology, WP 111, 28 September, 2005, available at:
  2. Article 29 Data Protection Working Party, Working document on data protection issues related to RFID technology, WP 105, January 19, 2005, available at:
  3. Auto-ID Centre (2003): Technical report 86OMHz-93OMHz Class I Radio Frequency Identification Tag Radio Frequency & Logical Communication Interface Specification Candidate Recommendation, Version 1.0.1., MIT, USA, available at: _1_0_1.pdf
  4. Balch / Feldman / Wilson , Assessment of a RFID System for Animal Tracking, The BORG Lab, Georgia Institute of Technology, Atlanta, Oct. 1 2004, available at: Scholar
  5. Collins, Jonathan, Tag Encryption for Libraries, available at: http://www.rfidjournal.comlarticle/articleprint/1027/-1/1
  6. Council Regulation 2252/2004 on standards for security features and biometrics in passports and travel documents issued by Member States, OJ L 385, available at: 1229 en000l0006.pdf
  7. Council Regulation 644/20051EC of 27 April 2005 authorising a special identification system for bovine animals kept for cultural and historical purposes on approved premises as provided for in Regulation (EC) No 1760/2000 of the European Parliament and the Council, 2005, OJ 107, p. 18Google Scholar
  8. EPCglobal “Electronic Product Code” available at: http://www.epcglobalus.orgfNetworkiElectronic%2oproduct%2OCode.html
  9. Erdos, Marlena, RFID and authenticity of goods, p. 137, in: Simson Garfinke /, Beth, Rosenberg, RFID Applications, Security and Privacy, 2006Google Scholar
  10. Gaifinkel, Simson / Rosenberg, Beth, RFID Applications, Security and Privacy, 2006, p. 533Google Scholar
  11. German Association for the promotion of the public and not-public data traffic, (Verein zur Foerderung des oeffentlichen und nicht oeffentlichen Datenverkehrs e.V.) (FOEBUD), available at:
  12. German Federal Authority for Information Systems Security (Bundesamt für Sicherheit in der Informationstechnik), Security Aspects and Prospective Applications of RFID Systems, 2005, available at:
  13. Hennig / Ladkin /, Sieker , Privacy Enhancing Technology Concepts for RFID Technology Scrutinised, p.1Google Scholar
  14. International Conference of Data Protection & Privacy Commissioners, Resolution on Radio-Frequency Identification, (Nov. 20, 2003) p. 2, available at: http://www.privacyconference2003org/resolutions/res5.DOC
  15. Italian Data Protection Authority, Smast (RFID) Tags: Safeguards applying to their use, March 2005, available at: http://www.garanteprivacy.itlgarante/doc.jsp?ID=1121107
  16. Juels / Molnar / Wagner , Security and Privacy Issues in E-Passports, lEE SecureComm 2005, available at: http://www.cs.berkeley.edul.-dmolnar/papers/papers.html
  17. Juels / Rivest / Szydlo , The Blocker Tag: Selective blocking of RFID tags for consumer privacy, p. 1Google Scholar
  18. Keuleers, Ewout, Reconciling REID technology with data protection principles, Droit Nouvelles Technologies, April 2005, p. 2Google Scholar
  19. Lahner, Claus Mauricio, Anwendung des par. 6c BDSG auf RFID, in: DuD 2004, p. 723Google Scholar
  20. Langheinrich , Die Privatsphare im Ubiquitous Computing-Datenschutzaspekte der RFIDTechnologie, available at: http://www.vs.inf.ethz.chlpubllpapers/langhein2004rfid.pdf
  21. Langheinrich , Privacy by Design-Principles of Privacy-Aware Ubiquitous Computing, p. 7 available at: http://www.vs.inf.ethz.cli/publlpapers/privacy-principles.pdf
  22. Molnar I Wagner , Privacy and Security in Library RFID issues, practices and architectures, CCS’04, October 25-29 2004, Washington, DC, USA, p. 210, available at:
  23. Rieback, Crispo, Tanenbaum , Is your cat infected with a computer virus?, 2006, available at:
  24. Roberts, C. M ,. Radio Frequency Identification (RFID), Computer & Security, 2006, p. 18Google Scholar
  25. Schulzki / Haddouti , Neue Reisepässe: Mit Sicherheit teuer, available at:
  26. U.S. Food and Drug Administration, Combating counterfeit Drugs, A Report of the Food and Drug Administration, February 2004, available at:
  27. Yoshida , Euro Bank Notes to Embed RFID Chips by 2005, EETimes, 19.12.2001, available at: http://www.eetimes.comlstory/OEG20011219S0016

Copyright information

© Friedr. Vieweg & Sohn Verlag | GWV-Fachverlage GmbH, Wiesbaden 2006

Authors and Affiliations

  • Zoi Talidou
    • 1
  1. 1.Hellenic Data Protection AuthorityAthens

Personalised recommendations