New bill takes a “common sense” approach to RFID vs. Privacy issue
By Marisa Torrieri, Contributing Writer
A new “common sense” RFID bill that encourages the use of RFID technology in state government IDs, while addressing privacy concerns of citizens and organizations such as the American Civil Liberties Union, is gaining traction in California.
The bill, AB 2561, co-sponsored by Silicon Valley State Assemblyman Alberto Torrico,
Represents a more sensible approach to privacy and remotely readable identification cards than previously proposed bill, says the American Electronics Association (AeA), a technology advocacy membership organization, and co-sponsor of the legislation. AB 2561 calls for a board of experts to ensure RFID technology is used with security safeguards that protect the privacy of Californians, “while safeguarding the flexibility of technologists to seek investment capital for new privacy innovations,” according to the AeA.
AB 2561 directs the California Research Bureau to analyze the use of this technology while seeking guidance from an advisory panel that includes government, technology and consumer representatives. This, according to the AeA, is in an effort to develop best practices that will ensure that adequate and appropriate protections directly correlate with the level of sensitivity of data on the RFID-enabled identification credential.”
First proposed on Feb. 23, the bill passed with bipartisan support in two
California legislative committees, says Roxanne Gould, AeA’s senior vice president of California government and public affairs. It was reviewed by the state’s appropriations committee, unanimously approved by the Assembly (House), and sent to the Senate in the closing days of May.
The new Torrico bill is intended as an alternative to RFID legislation proposed by Sen. Joe Simitian [D-Palo Alto]. The Simitian bill called for a three-year moratorium for chip-based wireless technology to be studied more carefully before they can be put into government-issued state ID cards (such as driver’s licenses). It was considered reactionary and unfair by many in the technology industry, in that, according to opponents, the bill basically banned the technology rather than legislated against potential improper use.
In creating AB 2561, the AeA approached Mr. Torrico for support, says Ms. Gould. The outcome is a bill supported by organizations on both sides of the privacy issue, Ms. Gould notes.
The hope, from the AeA’s perspective, is that the new Torrico bill will help foster consumer acceptance of RFID technology, says Ms. Gould. So far, more than one-dozen states have attempted to pass legislation either limiting or prohibiting the use of RFID. Much of the legislation – and consumer support for such legislation – is based on false or exaggerated propaganda, members of the AeA contend.
While privacy is a serious issue, many consumers are unaware of the power of RFID to actually protect privacy – not thwart it, says Ms. Gould.
“The protections that can be used (to enhance privacy) are numerous and can be quite comprehensive. It should be more about what data is on the credential that determines the various levels of protection that should be employed. An ID card with a random number does not warrant the same level of protection that the U.S. Passport level of data deserves. One size does not fit all and is not in the best interest of consumers.” Ms. Gould says.
“Just because it’s a radio tag in a credential doesn’t mean it can be read by unauthorized people. We’re trying to educate people – there’s great benefit in something that’s virtually un-hackable … so much more difficult to forge than a magnetic strip that’s used on a driver’s license today,” says Ms. Gould. “The spectrum of technologies provides that each have their appropriate niche. Banning any one of them across the board isn’t in anyone’s best interest and stops the evolution of what could be an incredible tool in so many venues.”
To learn more about the bill, click here.