Interview • 04.12.2013

"In my opinion, data protection is the smaller obstacle pertaining to a comprehensive use of RFID"

Interview with Frithjof Walk, Member of the Board at Feig Electronic

'There are rightfully similar high safety requirements that apply for contactless payment', explains Frithjof Walk.

Source: FEIG ELECTRONIC GmbH

Why the protection of private data is a rather small hurdle on the way to a widespread use of RFID in retailing and how personal data is best protected, explains Frithjof Walk, Member of the Board at Feig Electronic.

Theoretically, RFID use does not just permit close monitoring of products, but also of buyers. How can it be ensured that no personal or transaction data of customers is actually being stored?

Regardless of whether products or people are being monitored with RFID tags, an extensive and consistent RFID infrastructure is a prerequisite. A comprehensive distribution system is currently not available as such. There is a legal foundation for the continued development of RFID safety systems. Against this backdrop, the European Commission has already addressed data protection requirements and released recommendations for its use and issued a corresponding PIA (Privacy Impact Assessment).

RFID equipment operators are required to adhere to these guidelines, which flow into a corresponding legislation. In addition, standards that pertain to this topic are currently being defined on a European level. To protect personal data, first the basic principle of handling personal information as sparingly as possible always applies. Compared to digital footprints we leave on the Internet with mobile and desktop computers however, the data that is being collected via RFID tags is currently almost negligible.

Contactless payment is also a potential RFID application. How can the safety of customer data be ensured in this case?

There are rightfully similar high and in parts, even significantly higher safety requirements that apply for contactless payment compared with other cashless payment systems. When they use the corresponding payment products, users should always ask themselves how high their own trust is in the service provider. We recommend choosing European service providers. This increases the level of security significantly due to the stringent European data protection requirements, which are much higher than in countries outside of Europe.

The data protection problems still stand in the way of a truly comprehensive use of RFID in retail. What is the status quo here and is an increased consumer acceptance of this technology on the horizon?

In my opinion, data protection is the smaller obstacle pertaining to a comprehensive use of RFID. The corresponding recommendations by the European Commission are available; GS1 and AIM Germany have also provided further resources to implement the PIA. This is why the data protection requirements can already be implemented to everyone’s satisfaction today. However, the fact is that RFID use in retail is unfortunately still very limited, though conversely this does not apply to the use and distribution of RFID in general. Two of the most popular established applications are Germany’s new electronic ID card (nPA) or its use in the healthcare system.

channels: mobile payment, RFID cards, RFID printer