iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
CEN

CEN/TR 16684:2014

(Main)

Information technology - Notification of RFID - Additional information to be provided by operators

Information technology - Notification of RFID - Additional information to be provided by operators

This Technical Report is to assist operators of applications in areas where radio frequency interrogators are deployed, to identify the types of information that are called for in the recommendation.
The Technical Report provides all the current information to assist operators to develop and publish a concise accurate and easy to understand information policy for each of their applications.
The policy should at least include:
—   the identity and address of the operators;
—   the purpose of the application;
—   what data are to be processed by the application, in particular if personal data will be processed, and whether the location of tags will be monitored;
—   a summary of the privacy and data protection impact assessment;
—   the likely privacy risks, if any, relating to the use of tags in the application and the measures that individuals can take to mitigate these risks.

Informationstechnik - Notifizierung von RFID: Zusätzliche vom Betreiber zur Verfügung zu stellende Information

Technologies de l’information - Notification d'identification par radiofréquence (RFID) - Informations complémentaires à fournir par les opérateurs

Informacijska tehnologija - Priglasitev uporabe radiofrekvenčne prepoznave (RFID) - Dodatne informacije, ki jih morajo zagotoviti izvajalci

To tehnično poročilo je namenjeno pomoči izvajalcem aplikacij na področjih, kjer se uporabljajo bralniki radijskih frekvenc, za določanje tipa informacij, ki so zahtevane v priporočilu. Tehnično poročilo zagotavlja vse trenutne informacije za pomoč izvajalcem pri razvoju in objavi jedrnate, točne in jasne informacijske politike za vsako od uporab//aplikacij???//. Politika naj bi vsebovala najmanj: - ime in naslov izvajalca; - namen uporabe; - kateri podatki se pri uporabi obdelajo, zlasti če bodo obdelani osebni podatki in če bo nadzorovana lokacija oznak; - povzetek ocene vpliva na zasebnost in varnost podatkov; - možna tveganja za zasebnost, povezana z uporabo oznak pri aplikaciji, in ukrepe, ki jih lahko izvedejo posamezniki, da omilijo ta tveganja.

General Information

Status
Published
Publication Date
03-Jun-2014
ICS
35.240.60 - IT applications in transport
Technical Committee
CEN/TC 225 - AIDC technologies
Drafting Committee
CEN/TC 225 - AIDC technologies
Current Stage
6060 - Definitive text made available (DAV) - Publishing
Start Date
04-Jun-2014
Due Date
25-Feb-2014
Completion Date
04-Jun-2014
Mandate
M/436 - Standardisation mandate to the European Standardisation Organisation CEN, CENELEC and ETSI in the field of information and communication technologies applied to Radio Frequency Identification (RFID) and systems
Ref Project
SIST-TP CEN/TR 16684:2014 - Information technology - Notification of RFID - Additional information to be provided by operators

Buy Standard

TP CEN/TR 16684:2014 - BARVETP CEN/TR 16684:2014 - BARVE
PreviousNext
Technical report
TP CEN/TR 16684:2014 - BARVE
English language
34 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
TP CEN/TR 16684:2014 - BARVE na PDF-strani 10,11,12,30,31,33,34,35TP CEN/TR 16684:2014 - BARVE na PDF-strani 10,11,12,30,31,33,34,35
PreviousNext
Technical report
TP CEN/TR 16684:2014 - BARVE na PDF-strani 10,11,12,30,31,33,34,35
English language
34 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-september-2014
Informacijska tehnologija - Priglasitev uporabe radiofrekvenčne prepoznave (RFID)
- Dodatne informacije, ki jih morajo zagotoviti izvajalci
Information technology - Notification of RFID - Additional information to be provided by
operators
Notifizierung von RFID: Zusätzliche vom Betreiber zur Verfügung zu stellende
Information
Technologies de l’information - Notification d'identification par radiofréquence (RFID) -
Informations complémentaires à fournir par les opérateurs
Ta slovenski standard je istoveten z: CEN/TR 16684:2014
ICS:
03.080.99 Druge storitve Other services
35.040.50 Tehnike za samodejno Automatic identification and
razpoznavanje in zajem data capture techniques
podatkov
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

TECHNICAL REPORT
CEN/TR 16684
RAPPORT TECHNIQUE
TECHNISCHER BERICHT
June 2014
ICS 35.240.60
English Version
Information technology - Notification of RFID - Additional
information to be provided by operators
Technologies de l'information - Notification d'identification Informationstechnik - Notifizierung von RFID: Zusätzliche
par radiofréquence (RFID) - Informations complémentaires vom Betreiber zur Verfügung zu stellende Information
à fournir par les opérateurs
This Technical Report was approved by CEN on 8 March 2014. It has been drawn up by the Technical Committee CEN/TC 225.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2014 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TR 16684:2014 E
worldwide for CEN national Members.

Contents Page
Foreword .3
0 Introduction .4
0.1 General .4
0.2 Overview .4
1 Scope .7
2 Terms and definitions .7
3 CCTV as an Exemplar .7
4 The RFID European Emblem . 10
4.1 General . 10
4.2 Guidelines on the use of the Common European RFID emblem . 11
4.3 Definition of the Common European RFID Notification Sign . 11
4.4 Placement of signs . 12
4.4.1 General . 12
4.4.2 Presence of Readers . 12
4.4.3 Placement of signs notifying the presence of readers . 12
4.4.4 Presence of tags . 12
4.5 Who should place signage on tagged items . 13
4.6 Size of emblem . 14
5 Guidelines on additional information . 14
5.1 General . 14
5.2 Name of the operator of the application . 15
5.2.1 Name . 15
5.2.2 Contact point . 15
5.3 Purpose of the application . 15
5.4 Data processed . 16
5.5 Summary of the privacy impact assessment . 16
5.5.1 PIA report date . 16
5.5.2 RFID application operator . 16
5.5.3 RFID application overview . 16
5.5.4 Data on the RFID tag . 17
5.6 Likely privacy risks . 17
5.7 Measures to mitigate the risks . 17
5.8 Privacy information policy for RFID. 18
5.8.1 General . 18
5.8.2 Consumer and members of the public choice information – promotional material . 18
5.8.3 Consumer and members of the public choice information – sales material and pre-
contract information . 19
5.8.4 Consumer and members of the public choice information – means of conveying the
information . 19
5.8.5 Consumer and members of the public privacy information accessibility . 19
5.8.6 Privacy related contractual and privacy policy information . 20
5.8.7 Consumer and members of the public post sale user privacy information . 20
5.8.8 Consumer and members of the public information – means of conveying the post sale
user privacy information . 21
5.9 Consumer and public information – non application operator RFID privacy information . 21
Annex A (informative) RFID applications in retail . 22
Annex B (informative) RFID applications in library . 25
Annex C (informative) RFID applications in transportation . 26
Annex D (informative) RFID applications in banking . 31
Bibliography . 34

Foreword
This document (CEN/TR 16684:2014) has been prepared by Technical Committee CEN/TC 225 “AIDC
technologies”, the secretariat of which is held by NEN.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights.
This Technical Report is one of a series of related deliverables, which comprise mandate 436 Phase 2.
The other deliverables are:
— EN 16570, Information technology — Notification of RFID — The information sign and additional
information to be provided by operators of RFID application systems
— EN 16571, Information technology — RFID privacy impact assessment process
— EN 16656, Information technology — Radio frequency identification for item management - RFID Emblem
(ISO/IEC 29160:2012, modified)
— CEN/TS 16685, Information technology — Notification of RFID — The information sign to be displayed in
areas where RFID interrogators are deployed
— CEN/TR 16669, Information technology — Device interface to support ISO/IEC 18000-3 Mode 1
— CEN/TR 16670, Information technology — RFID threat and vulnerability analysis
— CEN/TR 16671, Information technology — Authorisation of mobile phones when used as RFID
interrogators
— CEN/TR 16672, Information technology — Privacy capability features of current RFID technologies
— CEN/TR 16673, Information technology — RFID privacy impact assessment analysis for specific sectors
— CEN/TR 16674, Information technology — Analysis of privacy impact assessment methodologies relevant
to RFID
0 Introduction
0.1 General
In response to the growing deployment of RFID systems in Europe, the European Commission published in
2007 the Communication COM(2007) 96 ‘RFID in Europe: steps towards a policy framework’. This
Communication proposed steps which needed to be taken to reduce barriers to adoption of RFID whilst
respecting the basic legal framework safeguarding fundamental values such as health, environment, data
protection, privacy and security.
In December 2008, the European Commission addressed Mandate M/436 to CEN, CENELEC and ETSI in the
field of ICT as applied to RFID systems. The Mandate M/436 was accepted by the ESOs in the first months of
2009. The Mandate addresses the data protection, privacy and information aspects of RFID, and is being
executed in two phases. Phase 1, completed in May 2011, identified the work needed to produce a complete
framework of future RFID standards. The Phase 1 results are contained in the ETSI Technical Report TR 187
020, which was published in May 2011.
Phase 2 is concerned with the execution of the standardization work programme identified in the first phase.
This document will provide the additional information of the RFID application that will need to be provided to a
citizen by accessing the source identified on the sign where the RFID application is operating. This information
will be aligned with the details set out in the Recommendation, but some of this might not be available at the
outset, a TR is the preferred form of initial delivery to establish basic requirements.
0.2 Overview
th
On March 15 2007, the European Commission presented to the European Parliament a communication
about the steps towards a Policy Framework for Radio Frequency Identification in Europe. Here below is an
extract:
"COMMISSION RECOMMENDATION of 2009/05/12 on the implementation of privacy and data protection
principles in applications supported by radio-frequency identification {SEC (2009) 585}{SEC (2009) 586}.
Radio frequency identification (RFID) is a technology that allows automatic identification and data capture by
using radio frequencies. The salient features of this technology are that they permit the attachment of a unique
identifier and other information – using a microchip – to any object, animal or even a person, and to read this
information through a wireless device. RFID is not just "electronic tags" or "electronic barcodes". When linked
to databases and communications networks, such as the Internet, this technology provides a very powerful
way of delivering new services and applications, in potentially any environment.
RFID technology is indeed seen as the gateway to a new phase of development of the Information Society,
often referred to as the "internet of things" in which the internet does not only link computers and
communications terminals, but potentially any of our daily surrounding objects – be they clothes, consumer
goods, etc. It is this prospect that provoked the European Council of December 2006 to ask the European
Commission to review the challenges of the next generation of Internet and networks at the 2008 Spring
Council.
RFID is of policy concern because of its potential to become a new motor of growth and jobs, and thus a
powerful contributor to the Lisbon Strategy, if the barriers to innovation can be overcome. The production price
of RFID tags is now approaching a level that permits wide commercial and public
...


SLOVENSKI STANDARD
01-september-2014
,QIRUPDFLMVNDWHKQRORJLMD3ULJODVLWHYXSRUDEHUDGLRIUHNYHQþQHSUHSR]QDYH 5),'
'RGDWQHLQIRUPDFLMHNLMLKPRUDMR]DJRWRYLWLL]YDMDOFL
Information technology - Notification of RFID - Additional information to be provided by
operators
Notifizierung von RFID: Zusätzliche vom Betreiber zur Verfügung zu stellende
Information
Technologies de l’information - Notification d'identification par radiofréquence (RFID) -
Informations complémentaires à fournir par les opérateurs
Ta slovenski standard je istoveten z: CEN/TR 16684:2014
ICS:
03.080.99 Druge storitve Other services
35.020 Informacijska tehnika in Information technology (IT) in
tehnologija na splošno general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

TECHNICAL REPORT
CEN/TR 16684
RAPPORT TECHNIQUE
TECHNISCHER BERICHT
June 2014
ICS 35.240.60
English Version
Information technology - Notification of RFID - Additional
information to be provided by operators
Technologies de l'information - Notification d'identification Informationstechnik - Notifizierung von RFID: Zusätzliche
par radiofréquence (RFID) - Informations complémentaires vom Betreiber zur Verfügung zu stellende Information
à fournir par les opérateurs
This Technical Report was approved by CEN on 8 March 2014. It has been drawn up by the Technical Committee CEN/TC 225.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2014 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TR 16684:2014 E
worldwide for CEN national Members.

Contents Page
Foreword .3
0 Introduction .4
0.1 General .4
0.2 Overview .4
1 Scope .7
2 Terms and definitions .7
3 CCTV as an Exemplar .7
4 The RFID European Emblem . 10
4.1 General . 10
4.2 Guidelines on the use of the Common European RFID emblem . 11
4.3 Definition of the Common European RFID Notification Sign . 11
4.4 Placement of signs . 12
4.4.1 General . 12
4.4.2 Presence of Readers . 12
4.4.3 Placement of signs notifying the presence of readers . 12
4.4.4 Presence of tags . 12
4.5 Who should place signage on tagged items . 13
4.6 Size of emblem . 14
5 Guidelines on additional information . 14
5.1 General . 14
5.2 Name of the operator of the application . 15
5.2.1 Name . 15
5.2.2 Contact point . 15
5.3 Purpose of the application . 15
5.4 Data processed . 16
5.5 Summary of the privacy impact assessment . 16
5.5.1 PIA report date . 16
5.5.2 RFID application operator . 16
5.5.3 RFID application overview . 16
5.5.4 Data on the RFID tag . 17
5.6 Likely privacy risks . 17
5.7 Measures to mitigate the risks . 17
5.8 Privacy information policy for RFID. 18
5.8.1 General . 18
5.8.2 Consumer and members of the public choice information – promotional material . 18
5.8.3 Consumer and members of the public choice information – sales material and pre-
contract information . 19
5.8.4 Consumer and members of the public choice information – means of conveying the
information . 19
5.8.5 Consumer and members of the public privacy information accessibility . 19
5.8.6 Privacy related contractual and privacy policy information . 20
5.8.7 Consumer and members of the public post sale user privacy information . 20
5.8.8 Consumer and members of the public information – means of conveying the post sale
user privacy information . 21
5.9 Consumer and public information – non application operator RFID privacy information . 21
Annex A (informative) RFID applications in retail . 22
Annex B (informative) RFID applications in library . 25
Annex C (informative) RFID applications in transportation . 26
Annex D (informative) RFID applications in banking . 31
Bibliography . 34

Foreword
This document (CEN/TR 16684:2014) has been prepared by Technical Committee CEN/TC 225 “AIDC
technologies”, the secretariat of which is held by NEN.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights.
This Technical Report is one of a series of related deliverables, which comprise mandate 436 Phase 2.
The other deliverables are:
— EN 16570, Information technology — Notification of RFID — The information sign and additional
information to be provided by operators of RFID application systems
— EN 16571, Information technology — RFID privacy impact assessment process
— EN 16656, Information technology — Radio frequency identification for item management - RFID Emblem
(ISO/IEC 29160:2012, modified)
— CEN/TS 16685, Information technology — Notification of RFID — The information sign to be displayed in
areas where RFID interrogators are deployed
— CEN/TR 16669, Information technology — Device interface to support ISO/IEC 18000-3 Mode 1
— CEN/TR 16670, Information technology — RFID threat and vulnerability analysis
— CEN/TR 16671, Information technology — Authorisation of mobile phones when used as RFID
interrogators
— CEN/TR 16672, Information technology — Privacy capability features of current RFID technologies
— CEN/TR 16673, Information technology — RFID privacy impact assessment analysis for specific sectors
— CEN/TR 16674, Information technology — Analysis of privacy impact assessment methodologies relevant
to RFID
0 Introduction
0.1 General
In response to the growing deployment of RFID systems in Europe, the European Commission published in
2007 the Communication COM(2007) 96 ‘RFID in Europe: steps towards a policy framework’. This
Communication proposed steps which needed to be taken to reduce barriers to adoption of RFID whilst
respecting the basic legal framework safeguarding fundamental values such as health, environment, data
protection, privacy and security.
In December 2008, the European Commission addressed Mandate M/436 to CEN, CENELEC and ETSI in the
field of ICT as applied to RFID systems. The Mandate M/436 was accepted by the ESOs in the first months of
2009. The Mandate addresses the data protection, privacy and information aspects of RFID, and is being
executed in two phases. Phase 1, completed in May 2011, identified the work needed to produce a complete
framework of future RFID standards. The Phase 1 results are contained in the ETSI Technical Report TR 187
020, which was published in May 2011.
Phase 2 is concerned with the execution of the standardization work programme identified in the first phase.
This document will provide the additional information of the RFID application that will need to be provided to a
citizen by accessing the source identified on the sign where the RFID application is operating. This information
will be aligned with the details set out in the Recommendation, but some of this might not be available at the
outset, a TR is the preferred form of initial delivery to establish basic requirements.
0.2 Overview
th
On March 15 2007, the European Commission presented to the European Parliament a communication
about the steps towards a Policy Framework for Radio Frequency Identification in Europe. Here below is an
extract:
"COMMISSION RECOMMENDATION of 2009/05/12 on the implementation of privacy and data protection
principles in applications supported by radio-frequency identification {SEC (2009) 585}{SEC (2009) 586}.
Radio frequency identification (RFID) is a technology that allows automatic identification and data capture by
using radio frequencies. The salient features of this technology are that they permit the attachment of a unique
identifier and other information – using a microchip – to any object, animal or even a person, and to read this
information through a wireless device. RFID is not just "electronic tags" or "electronic barcodes". When linked
to databases and communications networks, such as the Internet, this technology provides a very powerful
way of delivering new services and applications, in potentially any environment.
RFID technology is indeed seen as the gateway to a new phase of development of the Information Society,
often referred to as the "internet of things" in which the internet does not only link computers and
communications terminals, but potentially any of our daily surrounding objects – be they clothes, consumer
goods, etc. It is this prospect that provoked the European Council of December 2006 to ask the European
Commission to review the challenges of the next generation of Internet and networks at the 2008 Spring
Council.
RFID is of policy concern because of its potential to become a new motor of growth and jobs, and thus a
powerful contributor to the Lisbon Strategy, if the barriers to innovation can be overcome. The production price
of RFID tags is now approaching a level that permits wide commercial and public sector deploy
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
EN 17230:2020(Main)
Information technology - RFID in rail
SIST EN 17230:2021

The RFID tag location, tag data content and functional requirements have been developed for application on the main line railway networks. Other networks (such as metro) could apply to this document but are outside of its scope.
This document contains:
-   description of the RFID tag installation location;
-   description of the RFID tag data content;
-   description of the functional requirements in relation to the RFID tag track side reading performance.

  • Standard
    37 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 16570:2014(Main)
Information technology - Notification of RFID - The information sign and additional information to be provided by operators of RFID application systems
SIST EN 16570:2014

1.1   General
The scope of this EN is to define the requirements for a Common European Notification Signage system to be used by operators of RFID application systems deployed within the EU Member States.
1.2   Objective
The objective of this EN is to provide enterprises, both large and small, with a common and accessible framework for the design and display of RFID notification signs.
In addition to the information placed on the sign, the framework includes the information policy - needed to answer enquiries received from individuals accessing the contact point noted on the sign itself. This minimizes the volume of information written on the sign.
This European Standard defines:
a)   the details of data and graphics that shall be included on the signage;
b)   the presentational requirements for the signage, taking account of the need;
1)   to provide a practical solution given constraints on print technique and print area;
2)   for a consistent common and recognisable signage;
c)   means to support accessibility;
d)   the structure and content of an information policy to meet the informational needs of individuals with respect to RFID privacy.
1.3   Applicability
This EN provides an application-agnostic framework which may be used by all enterprises operating RFID applications in the European Union.

  • Standard
    15 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    15 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 16571:2014(Main)
Information technology - RFID privacy impact assessment process
SIST EN 16571:2014

This European Standard has been prepared as part of the EU RFID Mandate M/436. It is based on the Privacy and Data Protection Impact Assessment Framework for RFID Applications, which was developed by industry, in collaboration with the civil society, endorsed by Article 29, Data Protection Working Party, and signed by all key stakeholders, including the European Commission, in 2011.
It defines aspects of that framework as normative or informative procedures to enable a common European method for undertaking an RFID PIA.
It provides a standardized set of procedures for developing PIA templates, including tools compatible with the RFID PIA methodology.
In addition, it identifies the conditions that require an existing PIA to be revised, amended, or replaced by a new assessment process.

  • Standard
    103 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    103 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 16656:2014(Main)
Information technology - Radio frequency identification for item management - RFID Emblem (ISO/IEC 29160:2012, modified)
SIST EN 16656:2014

This European Standard specifies the design and use of the RFID Emblem: an easily identified visual guide that indicates the presence of radio frequency identification (RFID). It does not address location of the RFID Emblem on a label. Specific placement requirements are left to application standards developers.
It also specifies an RFID Index, which can be included in the RFID Emblem and which addresses the complication added by the wide range of RFID tags (frequency, protocol and data structure). The RFID Index is a two-character code that provides specific information about compliant tags and interrogators. Successful reading of RFID tags requires knowledge of the frequency, protocol and data structure information provided by the RFID Index.

  • Standard
    28 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    28 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 16673:2014(Main)
Information technology - RFID privacy impact assessment analysis for specific sectors
SIST-TP CEN/TR 16673:2014

The scope of this Technical Report is to use the RFID PIA Framework as the basis for exploring issues with four major sectors involved with RFID:
—   libraries;
—   retail;
—   e-Ticketing, toll roads, fee collection, events management;
—   banking and financial services.
After specific sector research and consolidation of the results of industry workshops and seminars that take place in several EU Member States, this Technical Report will identify the characteristics that need to be taken into consideration by operators of RFID systems in the example sectors. In addition it will provide advice to operators in the sector on significant variants both in terms of technology and application data. This will enable the appropriate risk factors to be taken into account.
Based on the synthesis of the applications in the chosen sectors, this Technical Report will also identify a set of factors relevant to specific RFID technologies and features that will need to be taken into account in preparing a Privacy and Data Protection Impact Assessment for many RFID applications.

  • Technical report
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical report
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TS 16685:2014(Main)
Information technology - Notification of RFID - The information sign to be displayed in areas where RFID interrogators are deployed
SIST-TS CEN/TS 16685:2014

This Technical Specification defines:
—   the details of data and graphics that shall be included on the signage;
—   the presentational requirements for the signage, taking account of the need:
—   to provide a practical solution given constraints on print technique and print area;
—   for a consistent common and recognizable signage;
—   means to support accessibility;
—   the structure and content of an information policy to meet the informational needs of individuals with respect to RFID privacy.

  • Technical specification
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical specification
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 16674:2014(Main)
Information technology - Analysis of privacy impact assessment methodologies relevant to RFID
SIST-TP CEN/TR 16674:2014

The scope of this Technical Report (TR) is to identify methodologies that are used for, or have been considered applicable to, wireless technologies. These methodologies are analyzed to identify features that are applicable to RFID.
Based on the Industry RFID PIA Framework endorsed by the Article 29 Data Protection Working Party, the Technical Report focuses on proposing risk analysis methodologies suitable for the data capture area of an RFID system. This includes the RFID tag, the interrogator, the air interface protocol used for communication between them, and the communication from the interrogator to the application.
The Technical Report also proposes risk management features based on the inherent capabilities of a number of RFID technologies that conform to standardized RFID air interface protocols. This should provide enough information to enable the proposed privacy control features to be applied to other RFID technologies including those with proprietary air interface protocols and tag architectures. The risk management features exclude fundamental privacy by design features because these should be the subject of revisions and enhancements to technology standards. The risk management features defined in this Technical Report are considered applicable to current and future implementations of RFID based on existing technology. As such, this Technical Report is considered as input into a standard procedure for undertaking an RFID Privacy Impact Assessment.

  • Technical report
    49 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical report
    49 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 16671:2014(Main)
Information technology - Authorization of mobile phones when used as RFID interrogators
SIST-TP CEN/TR 16671:2014

The scope of this Technical Report is to explore developments in the use of mobile phones as RFID interrogators. It uses as a datum the communication protocols developed for near field communication, which have a defined level of security. This Technical Report will explore known developments in the use of mobile phones as RFID interrogators including (but not limited to):
—   extending NFC phone capabilities to read RFID tags compliant with ISO/IEC 15693 and ISO/IEC 18000-3 Mode 1;
—   using mobile phones as interrogators for UHF tags based on ISO/IEC 18000-6 Type C;
—   the development of multi-protocol readers capable of switching between high frequency and UHF.
The objective of the Technical Report is to identify specific characteristics associated with mobile phones being used as interrogators with tags that are primarily intended for other purposes. It will identify some potential threats associated with the technology. It will also identify gaps in the standardization process that might need to be addressed to mitigate against such threats.
To counterbalance any negative implications, the Technical Report also identifies real and potential applications that could lead to an accelerated take-up of RFID and the Internet of Things through mobile phones being used as RFID interrogators by individual citizens and organizations.

  • Technical report
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical report
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 16669:2014(Main)
Information technology - Device interface to support ISO/IEC 18000-3
SIST-TP CEN/TR 16669:2014

The scope of this Technical Report is to assess the need to develop a Technical Specification to define an interface that provides RFID system control components with low-level access to RFID interrogators for the purpose of optimising RFID data access and control operations.

  • Technical report
    20 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
CEN/TR 16672:2014(Main)
Information technology - Privacy capability features of current RFID technologies
SIST-TP CEN/TR 16672:2014

The scope of the Technical Report is to identify technical characteristics of particular RFID air interface protocols that need to be taken into consideration by operators of RFID systems in undertaking their privacy impact assessment. It also provides information for those operators who provide RFID-tagged items that are likely to be read by customers or other organisations.
This Technical Report provides detailed privacy and security characteristics that apply to products that are compliant with specific air interface protocols, and also to variant models that comply with such standards.
The Technical Report also identifies proprietary privacy and security features which have been added to tags, which are problematic of being implemented in open systems which depend on interoperability between different devices. Such proprietary solutions, whilst being technically sound, in fact impede interoperability. The gap analysis thus identified can be used to encourage greater standardization.

  • Technical report
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical report
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day