- What are the potential privacy issues that may arise in a RFID implementation?
RFID is the exchange of data between an item and a reader which then hands off that data to another system for processing. That data may be used to identify an individual person directly (e.g. an employee badge) or to indirectly derive a person’s identity (e.g. a credit card number which leads to the person). Such data needs to be carefully managed in order to comply with any regulatory requirements and also to respect the individual’s right to privacy.
RFID equipment uses electric current to operate and radiates energy when seeking tags of exchanging data, so it is important that all RFID equipment is operated safely, in line with health and safety regulations and without any adverse impact on the surrounding environment.
To ensure that your installed system is safe, make sure that:
There are many regulations and standards related to operation of electric and wireless technologies, below are the main ones:
The exchange of RFID data by radio transmission could be subject to unauthorized interception of the transmission and capture of the data being exchanged. While this would require sophisticated equipment and techniques, it must still be guarded against. Even encrypted data can be intercepted. Whether this encrypted data can be decrypted and misused, would depend on the encryption difficulty and hacker’s sophistication.