[LINK] RFID & Privacy

Adam Todd link at todd.inoz.com
Sat Oct 21 20:07:03 AEST 2006 

At 12:29 PM 21/10/2006, Geoffrey Ramadan wrote:
>Hi Linkers
>
>As you may have read on my previous post, I understand that our industry 
>association needs to take a pro-active approach in addressing privacy concerns.

Geoffrey, I don't think it's the "industry association" that needs to take 
a pro-active approach.  It's the Users of the technology that need to 
understand what they are doing and how it can infringe.

There is no point those very implimenters complaining ten years down the 
track that the technology they deployed leaves them no privacy!

Don't we see that every few years!

Creators and Inventors of technology only ever generally have some "Bright 
Eyed" purpose for their creation.  It's USERS who have the evil intent.

Often leaving the inventors to wish they'd shot themselves in the head 
rather than create the technology.


>We will probably put together some industry whitepapers and guidelines, 
>which may eventually lead to a "code of conduct" for our industry.

Code of Conduct means nothing, when Government is the leading implimentor 
of privacy invasion.

Shops using RFID to track stock from receipt to customer purchase isn't 
really an issue.  Unless the shop records the RFID ID against some Customer 
Profile record.

It's when RFID is used without the "carriers" knowledge and without the 
intent of the carrier giving information that the issue arises and the 
Industry can't and won't prevent that.

>I would like to asked your assistance.
>
>I would like to start with trying to come to some understanding of privacy 
>principles:
>
>a) can these be summarised into several points?

For the present some may be, however in two years time the range of issues 
will be different, perhaps some new ones, and with application in the field 
new things are discovered.

What sadly happens, given human history (Bush invading Iraq on the pretence 
of Weapons of Mas Destruction and 4 years later still none found, but no 
one is saying anything this month about WMD, it's about insurgents and 
Terrorists) what is relevant today and policies created, don't allow for 
changes in the future, because when changes are called for, it's often too 
late to ensure past action relating to those new protocols are reacted, and 
of course it takes years for the changes to be considered.

What needs to be included in the Code Of Conduct is a term for instanter 
reaction to any "new" consequence of a past deployment to remedy that 
deployment and make it work.

But no one will ever do that!  Because in a way, it's an open admission of 
liability to an oversight!


>b) which ones of these are based in law? (or what is the basis of these)

Well none.  We don't have a law of privacy in Australia.  We have a Privacy 
Act that is unenforceable except by the Privacy Commissioner, and the Act 
itself doesn't relate to private parties exchanging or releasing information.

We have no Tort for Privacy in civil law anyway.

More information about the Link mailing list