FTC Releases Radio Frequency Identification Workshop Report

The staff of the Federal Trade Commission today released a report summarizing the issues and drawing some conclusions from its June 2004 workshop, “Radio Frequency Identification: Applications and Implications for Consumers.” The report, a transcript of the day-long session, a list of participants and their presentations, and comments filed with the Commission can be found at http://www.ftc.gov/bcp/workshops/rfid/index.htm.

The report and workshop continue the Commission’s work on consumer privacy and technology issues, exploring how RFID works, its various applications, and its anticipated uses. RFID involves tiny tags embedded with computer chips that communicate with devices called readers, which are capable of scanning information stored on multiple tags from a distance. A tag can contain information that uniquely identifies the item to which it is attached, such as an electronic product code. As the report describes, RFID technology has important implications for businesses, consumers, and policymakers. Companies are turning to RFID to manage warehouse inventory and to stock retail shelves. Consumers are using RFID tags when they travel on highways, purchase gas and groceries, and protect their pets. RFID also has significant potential for government use as a public safety and anti-counterfeiting tool.

The Workshop addressed several topics: (1) an overview of RFID’s key components and how the technology works; (2) the range of current and anticipated applications for RFID, especially where consumers may encounter it; (3) the implications for consumers, including privacy and security issues, of these different uses; and (4) existing and proposed approaches to addressing these issues.

The report summarizes the issues raised at the Workshop, and, based on those discussions, comments, and other available information, offers a number of recommendations. The staff concludes that industry initiatives can play an important role in addressing privacy concerns raised by certain RFID applications and that any industry self-regulatory program should include meaningful accountability provisions to help ensure compliance. The staff also notes that many of the potential privacy issues associated with RFID are inextricably linked to database security. As in other contexts in which personal information is collected from consumers, a company that uses RFID to collect such information must implement reasonable and appropriate measures to protect that data. In addition, in light of the important role consumer education plays in protecting consumer privacy, the staff recommends that RFID users, privacy advocates, and government develop education tools that inform consumers about RFID technology, how they can expect to encounter it, and what choices they have with respect to its usage in particular situations.

The Commission vote to release the report was 5-0.

Copies of the staff report and other information are available from the FTC’s Web site at http://www.ftc.gov and also from the FTC’s Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint in English or Spanish (bilingual counselors are available to take complaints), or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

(FTC File No. Po49106)