More on the EU Privacy Mandate to Standards Bodies

Following yesterday’s request from EDITeur Paul Chartier posted the following helpful explanation of the exact status and import of this action on the US RFID list. .

“EU INITIATIVE ON RFID PRIVACY & SECURITY

A bit of background first.  I have been working in the standards world for too long and can go back to the days when we made the ISBN machine readable – and even a bit before that with the ISBN.  I have been working on RFID standardisation for quite a few years, and because of this been a member of the European Commission’s expert group on RFID, where I made the case for RFID for libraries and other key applications.  A formal EU Recommendation was published May 2009 instructing Member States to take some action to ensure that privacy and security considerations were in place for all RFID implementations in Europe.  Later the Commission issued a mandate to the European standards bodies (the pan-European  – not national  – equivalents of ANSI and FCC) to look at the current standards position and identify gaps that needed to be addressed to tighten privacy and security.  The consultation document is the result of Phase1 of that mandate process.  The Commission is also funding work to look positively at the RFID.

The consultation document itself has a strong bias towards adding privacy and security features.  It is not a well presented document – and I can say that as one of the people contributing to the work.  It was too rushed and there was not enough understanding of the technology by some of the privacy experts and lawyers.  What is now needed is a robust response from the library community and I hope that this is under way.

So we are far from the end of RFID for libraries.  There are a few technical issues that I assess will need to be addressed.  There will be procedures to follow that add RFID to the types of issues that are already addressed for privacy of data.  When it reaches Phase 2 – the standards making stage possibly early 2011 – this initiative will probably provide a roadmap for future developments for RFID for libraries. Handled the right way it should provide stepping stones to better systems.

I expect that the take-up of ISO 28560 and this EU initiative could result in an increase in the growth of the number of libraries adopting RFID.  So it is good timing that all of this is coming together now.  But the first step is to get a reasoned response to the consultation document and not let the lobbyist run amok with views that RFID tags can be read from space!

It also means that the stakeholders in RFID library systems (libraries, RFID vendors and ILS vendors) might need to get their act together a bit more.”

From past experience I know there’s a temptation to assume that “someone will be dealing with this” but this IS a serious matter, even if, as Paul has pointed out, it appears to be not quite as potentially terminal as it appeared when I received the request yesterday. Sometimes we need the experts to tell us more about what they’re doing on our behalf rather than us trying to read the runes at a distance – thanks Paul for doing just that.

So please follow the link and read the mandate http://www.editeur.org/57/RFID-in-Libraries/

Have a view? Please share!