Global standards organization GS1 has released a software application intended to help European companies assess any privacy risks that might result from their use of radio frequency identification, as well as guide them in eliminating those risks. The Microsoft Excel-based tool is designed to help firms comply with European Commission (EC) recommendations for safeguarding the privacy of consumers and others who may be in contact with RFID technology. The GS1 EPC/RFID Privacy Impact Assessment (PIA) Tool can be downloaded free of charge from GS1's Web site.
Elizabeth Board, GS1's global public policy executive director, explains that companies can use the PIA Tool to conduct self-assessments of privacy risks resulting from their use of RFID technology and the data related to that usage. The tool poses a series of questions enabling companies to determine their privacy risks, and thus where they may need to make improvements to address them. The EC RFID privacy recommendations, as well as the PIA Tool, are directed primarily at retailers and suppliers of consumer goods, because in this industry, the technology may directly impact consumers (for example, customers may see RFID tags on products they intend to buy), but the PIA Tool and EC recommendations are applicable to any company that may be employing RFID within their operations.
