RFID Privacy Legislation Misses the Mark, Again
New Hampshire State Rep. Neal Kurk has again introduced HB478, “Regulation of Remotely Readable Devices,” which is intended to restrict RFID in the name of protecting privacy. The bill passed the New Hampshire house 186-170 on January 6, 2010. This marks the third consecutive year that the bill has been introduced, and while some changes have occurred, the theme remains the same with respect to requiring consumer notification of “readable devices,” prohibiting implants in an individual without their consent, and prohibiting tracking of individuals within certain norms. The bill would also require removal or permanent deactivation of a device upon request of the consumer. Last year, the bill was tabled in March following hearings. The adjustment to the bill has to do with altering “…the definition of payment card and re-encoding for purposes of the crime of using a scanning device or re-encoder for fraudulent purposes.”
The New Hampshire Senate will take up the bill next and hopefully will throw it out and start over. Consider this, cell phones can track the individual associated with that phone, every desktop printer sold contains unique identifiers that would allow specific documents to be traced back to an individual printer, digital cameras mark photos which can be traced back to the individual camera. If they are so concerned privacy, why is New Hampshire not writing legislation that requests these features be removed upon request? That is easy to answer, because they would have a consumer revolt. With respect to post-purchase tracking, RFID is no different than these technologies, so why the need to specifically inform consumers about RFID only?
Our objective is not to undermine the argument of privacy, but to illustrate the poor thought process of this legislation. New Hampshire continues to receive input from a wide variety of sources, yet continues to offer-up essentially the same bill each year. We recommend starting over, listening to a wide variety of interested parties, including the RFID industry, privacy advocates, end users, technologists/security experts, legal experts and so on. Review the security that has been put in place. Then, work out a piece of legislation that fits with the current status of the technology, view process more than regulating technology and creates a significant penalty for bad behavior. But let’s not stifle the technology that could provide meaningful benefits to the citizens of New Hampshire, the United States and the World just to gain some political points from showing “concern” over privacy.
Liked this post?
Subscribe to our RSS feed
Follow us on Twitter at twitter.com/RFIDMonthly
Having attended one of the hearings on this issue in NH, I was really surprised by how a group of people with such little knowledge of RFID and traceability in general can be involved in this kind of legislation (OK, maybe I should have expected this)
It is actually quite amusing that these people use the Katherine Albrecht SpyChips book as their point of reference and quote from it as though it is accepted information. It is really hard not to laugh at some of the things they believe are facts.
The bill does contain some sensible ideas – I certainly don’t want any random people implanting tracking devices into me without my knowledge – but it is something that needs to be worked out at the national level, not by each state. Crazy to think that every state could have its own set of RFID rules.
Complete waste of time and taxpayer’s money.