The country's privacy watchdog – the Information Commissioner –
has also clarified data protection implications of using RFID.
Ofcom yesterday published draft regulations which exempt the use
of RFID equipment in the 865–868 MHz band from wireless telegraphy
licensing. The draft regulations are open for consultation until
12th September.
Ofcom is responsible for civil use of the radio spectrum. To
protect current users from interference, it authorises use of new
or reclaimed frequencies by granting licences under the Wireless
Telegraphy Act of 1949. Without such a licence it is illegal to use
or install transmission equipment unless such use is exempt from
the need to hold a wireless telegraphy licence.
The regulator has decided, however, that users of RFID
technology are unlikely to cause interference to other users of the
radio spectrum, and therefore they do not need a licence.
RFID is a generic term for technologies that use radio waves to
automatically identify objects.
An RFID chip comprises a microchip and a tiny antenna that
transmits the data from the chip to a reader. The reader is
activated whenever the antenna comes into range and the data can be
used to trigger an event – such as raising an alarm or signalling
that a pallet of goods has arrived in a warehouse. Usually the
range is no more than a few feet.
The chips can be incorporated into a range of products and have
an advantage over barcodes in not requiring a line of sight between
the chip and the reader. They offer a means of navigating complex
global supply chains, allowing companies to track their products
from factory to distribution centre, from warehouse to sales
floor.
In response to growing interest in RFID, the European Conference
of Communications and Postal Administrations (CEPT) recommended
that additional spectrum be made available at 865-868MHz. Ofcom’s
announcement yesterday implements this recommendation.
However, there are privacy implications relating to RFID
chips.
In general the chips are too small to be removed, and if they
are embedded in the product itself – clothes or shoes – rather than
the packaging, then they will remain in it. It is also possible for
them to remain trackable and this, say some privacy groups, is an
unacceptable breach of privacy. They worry that criminals,
governments or other agencies will be able to identify and track an
individual by the RFID tags on his or her person.
Many of the privacy fears are exaggerated, given the limitations
of the technology; but Ofcom acknowledges the concerns exist and
warns that they fall out with its remit.
The regulator consulted with both the Department of Trade and
Industry (DTI) and the Office of the Information Commissioner prior
to making its announcements yesterday. As a result, the DTI has
confirmed that it should be contacted in relation to any privacy
concerns over the Ofcom consultation.
The Information Commissioner also issued a statement, clarifying
his position on the use of RFID tags. This says:
“RFID tags may be used in circumstances
where the Data Protection Act 1998 is unlikely to apply at all –
for example, in monitoring distribution of pallets of goods from
warehouse to stores. Even where personal information is involved it
is perfectly possible to comply with the Act.
“Where the use of such tags involves the
collection, generation or disclosure of personal information then
the Act will apply. In particular, this means that individuals
should be aware when information about them is being collected and
what it will be used for.”
