Let’s now move over and analyze what are the basic building blocks to formulate a public policy on RFID. The first basic building block is technical aspect of RFID, its limitations and its potential. The policy makers must take into account how complex technicality of RFID would effect the policy decisions and criteria while framing public policy on RFID. The second is self regulation by industry which can be mandatory or voluntary depending on the context which we will see later. The third would be bringing some fundamental ethical codes for all the parties concerned to follow. The fourth is bringing legislation mandated by law Fifth and sixth is Branding RFID and educating consumers. There had been negative connotations attached to RFID, exaggerated by print and film media. The consumers must be educated what exactly RFID is about and full scope of potentialities and limitations of the same.
There are three major building blocks for framing and public policy , first of them is technical. To make a comprehensive framework the policy makers must try to understand what kind of technical expertise does industry have which would constrain or help in framing the policy satisfying both customers and marketers. The existing technical solutions offered with each pros and cons are : kill tag, faraday cage, active jamming, smart RFID and selective disclosure of information.
The second building block is regulation, under regulation we have self regulation which again is bifurcated in two categories depending upon the public concern about privacy and their trust in institutions. High trust and low concern calls for Pure economic approach. Under a pure market approach, it is assumed that consumers prefer to do business with firms that have implemented strong privacy protections and avoid firms that have breached privacy. Since concern for RFID privacy is quite high its difficult to go for this approach. When concern for privacy is quire high and trust is quite low, then it calls for legislation . Legislation refers to the question of defining the appropriate rules, enforcement to when the rules are broken, and adjudication to whether or not a company has violated the privacy rules (Swire 1997). There are good and bad examples of everything from self-regulation to international legislation, and there are no magic bullets. And legislation needn’t mean new legislation – existing laws may provide adequate protection. In the US, the Federal Trade Commission has legal powers to enforce any policies companies publish to consumers, and FTC has used these powers against companies that breach their own privacy policies. In June, FTC took such action against a Californian retailer. This approach is sometimes called ‘co-regulation’: industry agrees it own rules, which are then enforced by government agencies. There are lots of regulatory options, therefore policy makers must go for the one that maximizes the use and benefits of the technology, minimizes the risk of abuse, and looks for the outcome that is in the best interests of the public and the nation. Legislative and Regulatory Solutions - laws should set up independent body capable of continually updating regulations. Constitutional Protection of Data Privacy - Constitutional right of due process protects an individual's liberty interest in privacy to control personal information
" Deployed naïvely, embedding of RFID tags in consumer items presents a serious danger to privacy." (Ari Juels)
RFID tags will be everywhere … 500 Euros in wallet Serial numbers: 597387,389473… Wig model #4456 (cheap polyester) 30 items of lingerie Das Kapital and Communist-party handbook Replacement hip medical part #459382
Simple approaches to consumer privacy Method 1: Place RFID-tags in protective mesh or foil Problem: makes locomotion difficult… perhaps useful for wallets
Simple approaches to consumer privacy Method 2: “ Kill” RFID tags Problem: RFID tags are much too useful…
“ The problem with radio frequency ID is that it’s clear how retailers and manufacturers might benefit from attaching smart tags to their products, but it’s utterly unclear how this helps consumers.” (Technology review, 3 Nov 2003)
Look at scenarios which provide post-purchase direct benefit to consumers