This session had two initial presentations and a panel discussion.
Kathryn Ratté from the US Federal Trade Commission (FTC) was invited to make a presentation of the US approach to security and privacy in RFID, as the FTC is responsible for consumer protection and law enforcement in the private uses of data. They have an internal RFID group since June 2004. They try to prevent consumer harm by helping consumers help themselves through information and education, but also make sure businesses keep their promises to customers and support industry self-regulation initiatives to create meaningful accountability mechanisms. They recognize there isn't a single solution suitable for all cases, so they do a company assessment and risk analysis for each case.
Reinhard Posch from the ENISA (European Network and Information Security Agency) presented his view on the subject. He identified security, supply chain and asset tracking as the main RFID applications. He regards tag cloning as the main security threat for RFID applications and mentioned signature-generating tags as a possible solution. Other technical challenges for RFID are system scalability (billions of tags) and the management of access rights to data. He also briefly mentioned other challenges for RFID: environmental and health issues.
Next started the panel discussion moderated by the journalist Vasco Trigo. The participants were David Hoffman from Intel, Peter Hustinx from EDPS, Michael Donohue from OECD, Emilie Barrau from BEUC, Kathryn Ratté from the US FTC and Reinhard Posch from ENISA.
After attending the hour-long discussion, my notes are the following:
- Surveys show that consumers have privacy and security concerns. Privacy trade-offs for consumers require information, but we have to find a clear way to state the issues. Opting out of RFID won't be a real option in many cases, as some applications will be mandatory (e.g. passport) and others won't have alternatives;
- Privacy doesn't mean the same accross the world, but there are some shared principles;
- Another inconvenient truth (reference to Al Gore's global warming alert movie) is that RFID is the infrastructure for worldwide surveillance;
- However, RFID is a suite of technologies and not all of them affect privacy. At this moment, it is important to avoid creating generic rules that can hinder potentially useful applications (e.g. upfront consent vs unconscious patient in hospital);
- Change is unavoidable in 5 year time frame. Technology misuse will happen but it won't stop technology adoption. We need reasonable solutions proportional to risk, so we need to make privacy impact assessment and to leverage PET (privacy enhancing technologies);
- People would prefer to build the security in the technology from start, but this isn't completely possible because not all problems can be anticipated;
- Regulation can act now to require minimum tag capabities, like tag kill. Only later will the problems be truly assessed and then the existing mechanisms can be used to implement solutions;
- The main distinguishing feature of RFID compared to existing technologies is the invisibility of tags and the possibility of covert reading. This is what might make current legislation obsolete.
(to be continued)
No comments:
Post a Comment