The Internet of People? Reflections on the Future Regulation of Human-Implantable Radio Frequency Identification in Privacy, Identity, and Anonymity

Privacy and Security, Internet, Cloud Computing and Networks, the Internet, and Cloud Computing

Article Snapshot

Author(s)

Ian Kerr

Source

Chapter 19, Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society (Ian Kerr, Carole Lucock, and Valerie Steeves, eds.), Oxford University Press, pp. 335-357, 2009

Summary

RFID tags can be implanted in humans as well as everyday objects, making people part of the “Internet of Things.” RFID tags collect data automatically. Current privacy laws depend on individual consent to authorize data collection.

Policy Relevance

RFID data collection conflicts with the idea that data should only be collected with awareness and consent.

Main Points

  • RFID tags use radio signals to identify and track physical objects; a small tag embedded in the object sends radio signals to a scanner, which relays information to a database.
     
  • RFID tags will enable the “Internet of Things,” which processes information from RFID tags in everything from groceries to shower stalls, allowing machines to fulfill needs automatically.
     
  • Hospitals use human-implantable RFID chips to provide unique identifiers for patients.
     
    • Implants can be GPS-enabled to allow people to be tracked wherever they go.
       
    • Implants could collect biometric data to monitor at-risk patients.
       
  • Laws and regulations that cover RFID chips include communications regulations, rules concerning electronic waste, health and safety, and privacy.
     
  • RFID chips have crucial implications for privacy, especially in the area of employment law.
     
    • A few states have banned involuntary RFID chipping.
       
    • A European Union Working Group notes that chips should be installed only with unambiguous consent.
       
  • In a world where the “Internet of Things” responds to an individual’s needs and desires automatically, without the need for him to act, the “notice and consent” model of privacy is undermined.
     
  • Individuals would give blanket consent up front, anticipating that it would cover many transactions and data uses.
     
  • We should think carefully about whether the benefits of RFID and the Internet of Things are worth giving up the ideal of meaningful consent.
     

 

Get The Article

Find the full article online

Search for Full Article

Share