Consumer Perceptions and Privacy Concerns A. Consumer Survey Results In addition to addressing how RFID works and can be used, Workshop participants discussed the implications of this technology for consumers. The Workshop included a presentation about the results of a study concerning consumer perceptions of RFID. According to a survey of more than 1,000 U.S. consumers conducted in October 2003, the majority of those polled were unfamiliar with RFID. Over three-quarters of the sample – 77% – had not heard of RFID. Confirming the general lack of knowledge about this technology, nearly half of the group aware of RFID had "no opinion" about it. Consumers who did have an opinion about RFID expressed a variety of views about whether or how this technology would affect them. When asked to rank a set of potential benefits of RFID, 70% identified recovery of stolen goods and improved food and drug safety high on the list. The majority (66%) also placed cost savings toward the top of the list of benefits, although some consumers were also concerned that RFID use would instead raise prices. Consumers placed access to marketing-related benefits, like in-aisle companion product suggestions, at the bottom of the list. The most significant concerns expressed by consumers familiar with RFID related to privacy. In response to both open-ended and prompted questions (with pre-programmed answers to select or rank), privacy emerged as a leading concern. For example, approximately two-thirds of consumers identified as top concerns the likelihood that RFID would lead to their data being shared with third parties, more targeted marketing, or the tracking of consumers via their product purchases. These findings are consistent with the views of consumers who submitted comments to the Commission about RFID. Many of those consumers voiced strong opposition to having RFID devices track their purchases and movements, with some citing as reasons for their position the potential for increased marketing or government surveillance. A more recent consumer survey, conducted by two market research companies, revealed similar results. Of more than 8,000 individuals surveyed, fewer than 30% of consumers were aware of RFID technology. Further, nearly two-thirds of all consumers surveyed expressed concerns about potential privacy abuses. Their primary concerns centered around RFID's ability to facilitate the tracking of consumers' shopping habits and the sharing of that information among businesses and with the government. Like the study discussed at the Workshop, this survey also demonstrated that the great majority of consumers remain unfamiliar with RFID. Additionally, consumers who fell into the "RFID non-aware" category were more likely to be concerned about RFID's implications for their privacy than were consumers who were familiar with the technology. B. RFID and Consumer Privacy Against the backdrop of survey data about consumer perceptions of RFID, Workshop participants discussed the nature of privacy concerns associated with some of the emerging uses of this technology. While there was some consensus among Workshop panelists that certain uses of RFID today – such as in the supply chain – may not jeopardize consumer privacy, a number of consumer advocates voiced concerns about the potential impact of other RFID applications on consumer privacy. According to these panelists, such concerns may arise when consumers interact more directly with tags and readers, particularly in the context of item-level tagging of retail goods. The concerns articulated by these Workshop participants implicated issues specific to RFID technology as well as more general privacy issues. Some panelists discussed how RFID's unique or distinguishing characteristics may jeopardize consumer privacy. First, these participants cited as a key concern the “bit capacity” of Electronic Product Codes ("EPCs"), which enable the assignment of individual identifiers to tagged objects. They argued that RFID's potential to identify items uniquely facilitates the collection of more – and more accurate – data. Other features of RFID that troubled these Workshop participants related to the devices' physical attributes. According to these panelists, the small size of tags and readers enables them to be hidden from consumers. One Workshop participant explained that if a long read-range is not required, scanners can be smaller than a U.S. quarter. Another Workshop participant focused on the privacy implications of the small size of RFID chips and how their shrinking dimensions facilitate their unobtrusive integration into consumer goods. Some panelists highlighted the ability of RFID devices to communicate with one another through materials, without line-of-sight, and at some distance. These technical characteristics, they argued, distinguish RFID from bar codes, which in order to be read must be visible on the outside of product packaging. Some commenters pointed to these characteristics as evidence that RFID would allow surreptitious scanning to gather information about the products consumers wear or carry. Participants also raised concerns about what they termed the "promiscuity" of RFID devices – when tags can be accessed by multiple readers, it raises the specter of unfettered third-party surveillance. The combination of these factors, some Workshop participants asserted, will weaken consumers' ability to protect themselves from in-store tracking and surreptitious monitoring in public places, at work, and even at home. Certain panelists were especially concerned about RFID's potential to facilitate consumer tracking, by linking personally identifiable information in databases to the unique numbers on RFID tags. One participant described how a retailer could associate purchaser data with the uniquely identified product an individual buys. According to the participant, this practice would be similar to what retailers can currently do with customer loyalty cards or credit cards. However, a number of Workshop panelists maintained that RFID poses greater threats to consumer privacy because of the enhanced level of information it provides about each tagged item. They suggested that a tagged item carried by a consumer out of a store could be read covertly, and what it communicates could be more than just the presence of a particular item. If linked to purchase data, the identification of a particular product could also identify the individual who bought that item. Privacy advocates at the Workshop cited this latter potential as the basis for another privacy concern: consumer profiling. By tracking the movement of tagged goods and the people associated with them, more information can be gathered about the activities of those individuals. That in turn could make it easier to predict the behavior of others who buy the same items, even without monitoring them. Another concern raised at the Workshop relates to RFID's facilitation of "customer relationship management," whereby retailers customize pricing and service based on a consumer's potential profitability. According to one Workshop participant, if RFID tags were embedded in customer loyalty cards, consumers could be identified as soon as they entered the store that issued the card. This could result in targeted marketing or customer service directed at the consumer, depending on his or her purchase history or other information linked to the loyalty card. Many of these fears are associated with item-level tagging. As noted in Section III.D., however, a number of Workshop participants representing retailers and other RFID users maintained that RFID was not being used in this manner on a widespread basis now and would not be in the near future. Some panelists also argued that no real business case exists for the adoption of a network accessible to multiple users that contains information about these users' RFID-tagged goods. As one participant stated, "Wal-Mart doesn’t want its competitors to read tags that are from Wal-Mart stores. Wal-Mart probably also doesn’t want its suppliers to read information about its other suppliers. They want to control that information for competitive reasons." Even if and when item-level tagging is adopted on a widespread basis, some Workshop participants disputed that consumer privacy would be jeopardized as a result. They asserted that RFID’s technological limitations will prevent its surreptitious use. For example, reading an RFID tag from a significant distance currently requires use of a sizable antenna ("about the size of a plate," according to one panelist) and significant energy. Another argument advanced at the Workshop focused on how cost factors will continue to slow retailers’ adoption of RFID, limiting the sophistication and proliferation of readers on the store floor. One participant representing a retail chain argued that no business case exists for linking data collected via RFID to personally identifiable information about consumers, so fears about this potential are misplaced. In addition, many panelists addressed the emergence of a variety of technological protocols and products, such as encryption and blocker tags, that may offer a means to address privacy concerns associated with these devices. C. Database Security Issues Regardless of panelists' views regarding the existence or extent of many privacy concerns, many participants agreed that database security was an important issue, especially in the manufacturing and retail environment. Rather than concentrating on how information may be collected via RFID devices, these participants discussed security issues that focus on how such data is stored and whether it is adequately protected. According to one panelist, database security is a critical aspect of any analysis of privacy concerns associated with RFID use, because the tags themselves may contain only limited data, such as a number in the case of EPC chips. The panelist further explained that the information associated with that number will be stored on a server of the product manufacturer or other authorized user, where it can be linked to additional data. Although Workshop panelists did not analyze the specific database security concerns linked to RFID use, one commenter provided a detailed discussion of these issues. According to this commenter, security concerns are likely to arise in connection with interoperable tags, which can be read by different enterprises sharing information associated with those tags. The commenter explained that the security of any database in which that information is stored depends on traditional information technology protections – not RFID-specific practices. Further, the commenter asserted that these concerns are exacerbated when databases are maintained by third parties, outside of the RFID user's direct control. Thus, the commenter argued, security measures will be that much more critical if databases contain information from RFID tags linked to personally identifiable information about the purchasers of tagged items. Workshop participants representing a range of interests generally acknowledged the need to address these issues. One speaker emphasized that the EPCglobal Network will maintain the security of data associated with EPC tags, which will be stored on servers "beyond the firewalls of corporations, logistics providers and retailers all around the globe." However, others felt that insufficient attention has been devoted to database security and maintained that RFID use will exacerbate existing concerns, since information collected via RFID will be that much more detailed and accurate. Another Workshop participant argued that the focus on privacy concerns presented by RFID devices (i.e., tags and readers) are obfuscating the more important concerns related to general database security. << Previous: RFID Today and Tomorrow Next: Addressing Consumer Privacy Challenges: Best Practices and Principles >> Back to Pat's Planet.net