Posted by Barry Silverstein on August 9, 2010 12:00 PM
Our recent post on Wal-Mart's use of RFID tags for inventory control drew an interesting response from a privacy expert.
Richard Raysman, privacy and IP attorney for law firm Holland & Knight in New York, tells us that the tags, while initially applied to inventory control, could become "a legitimate privacy concern" when they become commonly used.
His reasoning: "the tags can be matched to personal information. Once the RFID technology is generally available, new applications will be developed which could extend to personal information."
Raysman adds that RFID technology can ultimately be used to track customers' purchases via shopper loyalty/rewards programs.
"This tracking could raise serious privacy concerns since many purchases are very private to the consumer. For example, prescription medicines can reveal the existence of certain embarrassing diseases — this is the type of information that is considered highly private under the HIPAA laws."
Raysman adds, "With respect to RFID, there are instances of nursing homes being able to track their patients with RFID technology, which seems like a noble cause for Alzheimer's patients. However, some of these institutions can then expand this use in the future so that their employees can also be tracked as well as patients. This would then be a very intrusive application for employees who can be tracked, even if they go to the bathroom."
The same privacy concerns hold true of online shopping, says Raysman. "Personal preferences, which are very private, can be identified. Much personal information outside financial and health information is not covered by any privacy laws. To an extent that is good, because overwhelming privacy laws would affect the ability to easily conduct business on the Internet. But the issue is, when does disclosure of private information cross over the line?"
We're interested in hearing what you think on the subject — post a comment below.