rfid and privacy rfid security: theory and practice lorentz center, 26-28 march 2008

RFID and privacy

RFID Security: theory and practice

Lorentz Center, 26-28 March 2008

Introduction

• College Bescherming Persoonsgegevens (the Dutch data protection authority)

• Rina Steenkamp (rst@cbpweb.nl)

Understanding privacy implications of new technologies

A data protectionperspective

A technical perspective

An ‘application’perspective

A technical perspective (1)

Tag interpretation

Immediate response

RFID technology

A technical perspective (2)

Tag interpretation

Data accumulation

Delayed response

Database technology

Data mining / data sharing

A technical perspective (3)

Tag interpretation

Data accumulation

Shared databases

Response may be out of context

A data protection perspective (1)

Tag interpretation

Doesn’t necessarily involve personal

data…

… though it may trigger the creation of personal data…

… and there might be other privacy

implications as well.

A data protection perspective (2)

Tag interpretation

Data accumulation

Identifier

Personal data

A privacy perspective (3)

Tag interpretation

Data accumulation

Data mining / data sharing

Identifier

Personal data

An ‘application’ perspective (1)

Tag interpretation

An ‘application’ perspective (2)

Tag interpretation

An ‘application’ perspective (3)

Tag interpretation

…card-carrying communist…

…works at animal testing lab…

…expensive watch…

…’gold’ credit card…

Profiling based on combination of tags… … combination of tags

may identify the individual…

… and some tags might say the darndest things.

… and some tags might say the darndest things.

…combination of tags may the individual…

Profiling based on combination of tags…

An ‘application’ perspective (4)

Tag interpretation

…card-carrying communist…

…works at animal testing lab…

…expensive watch…

…’gold’ credit card…For this scenario to become a reality, we

need…

…tiny tags that can be read at fairly long

distances……embedded in objects

that people have on their person…

…with understandable tag content…

…that is being read and interpreted.

An ‘application’ perspective (5)

Tag interpretation

Data accumulationIdentifier

Digital identity

An ‘application’ perspective (6)

Tag interpretation

Identifier

Unique product identifier

Data accumulation

An ‘application’ perspective (7)

Tag interpretation

Data accumulation

Data mining / data sharing

Will

Ability

Sense of urgency

Legal obligation

Expectation of profit

StandardsInteroperability

Funding

Risks

Tag interpretation

Data accumulation

Data mining / data sharing

Hidden / unwanted tags

Hidden / unwanted reading

Excessive collection and processing of personal data

Scope creep

Unfair treatment

Risk mitigation

Tag interpretation

Data accumulation

Data mining / data sharing

Keep it in proportion – and beware of scope creep

Show and tell

Allow to delete, disable, destroy

Think before you tag

Think before you link

Legal safeguards (1)

Keep it in proportion

Show and tell

Allow to delete, disable, destroy

Think before you tag

Think before you link

Individual participation

Collection limitation

Use limitation Purpose specification

Openness

Legal safeguards (2)

Individual participation

Collection limitation

Use limitation Purpose specification

Openness AccountabilityData qualitySecurity

RFID and privacy on the WWW

http://ec.europa.eu/information_society/policy/rfid/index_en.htm

http://www.dutchdpa.nl/

http://www.cbpweb.nl/

http://www.nvvir.nl/ http://www.ecp.nl

http://www.rathenau.nl

Questions? Concerns? Etc.