From: Bern Grush [email@example.com]
To: MARKT PRIVACY-CONSULTATIONS
Subject: ARTICLE 29 Data Protection Working Party: WP 105
This is in regard to:
ARTICLE 29 Data Protection Working Party
Working document on data protection issues related to RFID technology
January 19 2005
This may be misaddressed, as the article at
http://www.theregister.co.uk/2005/02/23/eu_rfid_consultation/ which discussed RFID data protection
led me (in error?) to WP 104 and an invitation to comment on that, rather than to WP 105, which is
the subject of this email. If misaddressed, could you please forward to the right person, and
could the correct recipient please acknowledge receipt. And if this is posted, can you please forward
me the link.
To Working Party 29
While I fully recognize the concern for privacy related to RFID, a cheap and soon to be pervasive
technology, the privacy concerns you are correct to address should not be constrained to RFID.
In particular, there is technology being developed that is intended to be used to wirelessly toll
motorists for road-use, parking-use and pay as you drive insurance. (I am an innovator in this area.)
Although in some such system designs, RFID and its correlate, DSRC, may be incorporated and hence
covered by your work, there are workable designs that do not incorporate RFID (or DSRC). These
systems collect and process vehicle position information and may forward data to a processing center
by other wireless means (e.g. digital cellular network).
Please consider explicitly expanding the coverage of your work AT LEAST to data
collected by any form of location technology that may track then transmit a person's (or a
vehicle's) position. If abused, such information can clearly be used in a number of
invasive ways. Indeed, since under some circumstances we may be able infer the
location of a person, we can even risk criminal activity. Although the systems I
design respect privacy, and do not even enable such inferences, I wish to be able to
test my designs against policy benchmarks so that users of my system(s) can know
their privacy is adequately protected, which they deserve and which these systems
require to gain acceptance. Hence, I am recommending not only privacy protection
but an elevated guardianship of personal safety and the perception of that
There are also numerous tracking applications with devices that may be directly worn
by a person (patient, child, parolee, emergency services worker, etc). The data from
these devices, however transmitted, processed, and retained need to be protected to
at least the same standard of practice.
Bernard (Bern) Grush
Toronto 416 575 9638
Applied Location Corporation
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.8.6 - Release Date: 05.03.30