RFID is not bad? But, the intention matters?

I read this article between the lines.

There were several observations that popped out. First, the writer's position in RFID deployment is linked towards the political landscape of his home country. Second, maybe, the writer should be able to understand the brief taxonomy of RFID applications in-depthly. Third, the writer maybe, could also extract whether the nationals of his home country regard RFID as a threat or a bad innovation? I think, on this point, intention matters. Oh, by looking into his profile religiously, I sense that he is running for an important post in his home country. If elected, maybe brainy technology, legal abd public policy advisers should educate him on RFID and other related issues against the country's backdrop.

Image source: Google (illustration: an RFID Car Key)

Identity Theft Test - a gateway to profiling

I am so impressed with the designed online Identity Theft Self-Assessment Test that was devised by the Norwegian Data Inspectorate. Do attempt the test HERE. Identity theft could happen everywhere, whether online and offline. It's a gateway to profiling the authencity of a person/user/pseudonym and any parties who are deemed to be an under cover person. Zooming into the lens of an RFID environment, I am unsure whether the test would provide the necessary controls in view of the Privacy Enhancing Technologies (PeTs). Maybe it is a different element altogether. Nevertheless, it is best to recommend this test to consumers and customers of all industries (via their websites), especially service-based and consumer-based businesses. Then, it would provide added value, useful diffusion and dissemination so that the message will reach them ideally well.

RFID in McDonald's (Japan)

This YouTube video features how a customer could utilise his/her Mobile-RFID in a McDonald's restaurant. What constitutes the capability? They are:-

i) Mobile-RFID (some Japanese models have embedded RFID chip inside their mobile phones)
ii) Subscription with the Internet Service Provider (via the line subscriber) - Wifi/3G/4G/5G enabled - only in Japan; and
iii) Reader (normally, attached in front of the cashier).

And the customer will get his/her order without queuing during the peak hours!

Pondering: What are the data protection and privacy issues that could be anticipated here?

Image source: Google Images.

South Korea & RFID

I have been keeping in touch with the South Korea RFID progress for the past five (5) months of my research. Today, by accident, I have stumbled upon the translated version of their Articles / Provisions in relation to RFID Privacy Protection Guideline (Republic of Korea). It is interesting to note that the guideline's coverage is quite concise. If one is to dissect the Articles, I wonder whether it achieves the adequacy protection terms under the Directive 95/46/EC. In the interim, it may not reach the adequacy level of protection, arguendo, taking into account the detailed analysis of compliance checklist by the Directive.

(Image Source: Google Images) - A marketing campaign (integrating RFID capability) via credit card at a Petrol Station somewhere in Korea. 

Mobile-RFID Cloud Computing in East Asia

This blog aptly mentioned the Mobile Cloud Computing environment that will be tested and trialled in South Korea by 2014. In my research, I have also looked into Mobile-RFID and Near Field Communications (NFC) that is known as pairing technology. Mobile-RFID environment is quite new in certain countries. But, Japan and South Korea are already on track. Now, South Korea, or maybe, Japan too, are looking into the possibility to extend it to cloud computing. I anticipate that should such plan takes place, security and data privacy issues will be more sophisticated. On one hand, these countries are too advanced (comparably to others). On the other hand, in my humble opinion, the EU and US need to collectively agree on a certain reformation within their states' or federal's legislation and how to respond to the South Korea and Japan's progress. A trilateral data protection initiative between US-Europe-Asia maybe a good start? So much so, public policy lobbying is much needed.

In the meantime, I am sharing an image (imported from Google images) - copyright by Gartner on what's holding cloud computing back. Maybe another point that should be stressed upon in that image is on - data privacy, security and retention - or in a trendy way - Information Governance on the cloud!

Cloud Computing and RFID - Data privacy at stake?

In the midst of refining my research, I have stumbled upon this interesting write up that generally narrates about cloud computing. Most of the issues discussed were on data privacy, security and less on liability. The regime was largely focusing on the United States. There are also several interesting discussions that have taken place. One of them, lately, is Microsoft's proposal towards potential legislative reform on cloud computing. The proposal seems to be intuitive, yet, needs added substance. Especially, how, the third (3rd) countries and other continents / regimes response towards the reform. It would be very much interesting to witness what shall be the legal impact of a service provider based in the US, which is outsourced by a company in a country (within South East Asia contour) where both countries have had not reached the adequate data protection under the EU data protection standards (EC 95/46 Directive). In corresponding to that, the company manages RFID deployment for its client / customer (which is a governmental agency). Question: How cloud computing liabilities respond? And how the data protection laws apply? And when to draw the technical compliance, information security and risks between these? It needs some brainstorming and rethink.

Maybe, as a start. Johnathan Zittrain of Harvard Law School's article on: "Lost In The Cloud" is a recommended casual reading.

Image source: Google. Copyright belongs to the owner. The illustration is for informational purpose only.