Information technology - Notification of RFID - The information sign and additional information to be provided by operators of RFID application systems

1.1   General
The scope of this European Standard is to define the requirements for a Common European Notification Signage system to be displayed by operators of RFID application systems in areas where radio frequency interrogators are deployed.
Additionally this European Standard shall define the notification procedures where RFID devices are attached to, or embedded in, items that may be purchased or used within the EU Member States.
In general, the requirement to display Common European RFID notification signs will be a consequence of a RFID Privacy Impact Assessment (PIA) undertaken by the operator to evaluate potential risks to personal privacy. Notification signage is a basic tool for mitigating identifiable risk.  
1.2   Objective
The objective of this European Standard is to provide enterprises, both large and small, with a common and accessible framework for the design and display of signs on a voluntary basis to meet Clauses 7 and 8 of EC Recommendation C (2009) 3200.
Specifically this European Standard defines:
-  which technologies shall require the signage to be displayed;
-  what type of application, including data types and association with type of person (e.g. citizen, customer, employee, etc) shall require the signage to be displayed;
-  who shall be defined as the application operator;
-  the details of data and graphics that shall be included on the signage;
-  the presentational requirements for the signage, taking account of the need
-  to balance some options for design choice;
-  for a consistent common and recognisable signage.
-  means to support accessibility.
1.3   Applicability  
This European Standard applies to all enterprises operating RFID applications in the European Union irrespective of the domicile of the operator.

Informationstechnik - Notifizierung von RFID - Das Informationszeichen und zusätzliche Informationen, die bei der Datenerfassung mittels RFID von den Betreibern entsprechender Anwendungen bereitgestellt werden müssen

1.1   Allgemeines
In der vorliegenden Europäischen Norm werden die Anforderungen an ein Beschilderungssystem für eine europaweit einheitliche Notifizierung zur vorgeschriebenen Nutzung durch Betreiber von RFID-Anwendungssystemen in Bereichen, in denen Funkfrequenz-Lesegeräte eingesetzt werden, festgelegt.
Darüber hinaus definiert diese Europäische Norm Notifizierungsverfahren für Fälle, in denen RFID-Einheiten (wie z. B. Transponder) an Artikeln, die innerhalb von EU-Mitgliedsstaaten gekauft werden können oder dort verwendet werden, ange¬bracht oder in diese eingebettet werden.
Im Allgemeinen ergibt sich die Forderung nach der Anzeige von europaweit einheitlichen RFID-Notifizierungs-kennzeichen aus einer Bewertung des Einflusses von RFID auf die Privatsphäre (PIA), die der Betreiber zur Bewertung möglicher Risiken für den Schutz der Privatsphäre durchführt. Die Notifizierungskennzeichen sind ein Grundwerkzeug für die Minderung eines erkennbaren Risikos.
1.2   Zweck
Der Zweck der vorliegenden Europäischen Norm ist die Bereitstellung von einheitlichen und verfügbaren Rahmbedingungen für die Entwicklung und Anzeige von Kennzeichen auf freiwilliger Basis durch große und kleine Unternehmen, um die Abschnitte 7 und 8 der Empfehlung C (2009) 3200 der Europäischen Kommis¬sion zu erfüllen.
Diese Europäische Norm definiert im Einzelnen:
   welchen Technologien eine Beschilderung erfordern;
   welche Art der Anwendung einschließlich Datentypen und Zuordnung der Art der Person (z. B. Bürger, Kunden, Angestellter usw.) eine Beschilderung erfordert;
   wer als der Betreiber der Anwendung festgelegt werden muss;
   die Einzelheiten der Daten und Grafiken, die in der Beschilderung enthalten sein müssen;
   die Darstellungsanforderungen für die Beschilderung unter Berücksichtigung der Notwendigkeit
   bestimmte Möglichkeiten für die Auswahl der Ausführung abzuwägen;
   einer widerspruchsfreien, einheitlichen und erkennbaren Beschilderung;
   Mittel, um die Zugänglichkeit zu unterstützen.
1.3   Geltungsbereich
Die vorliegende Europäische Norm gilt für alle Unternehmen, die RFID-Anwendungen in der Europäischen Union betreiben, unabhängig vom Wohnsitz des Betreibers.

Technologies de l'information - Notification d'identification par radiofréquence (RFID) - Signe informationnel et informations complémentaires devant être délivrées par les exploitants de systèmes d'application d'identification RFID

1.1   Généralités
Le domaine d’application de la présente Norme européenne vise à définir les exigences applicables au système européen commun de signalétique de notification, auxquelles doivent satisfaire les exploitants de système d’application RFID dans les zones où des interrogateurs par radiofréquence sont déployés.
En outre, la présente Norme européenne doit définir les procédures de notification lorsque des dispositifs d'identification RFID sont placés sur des produits ou sont intégrés à des produits, susceptibles d’être achetés ou utilisés dans les Etats membres de l’Union européenne.
En général, l’exigence imposant d’afficher le signe européen commun de notification d’identification RFID découlera de l’Evaluation d’Impact sur le respect de la Vie Privée (ou évaluation EIPV) menée par l’exploitant pour évaluer les éventuels risques eu égard au respect de la vie privée. La signalétique de notification constitue un outil fondamental permettant de réduire les risques susceptibles d’avoir été identifiés.
1.2   Objectif
La présente Norme européenne vise à fournir aux petites et grandes entreprises un cadre de conception et d’affichage de signes commun, accessible et non imposé, permettant de satisfaire aux Articles 7 et 8 de la Recommandation de la Commission européenne C (2009) 3200.
La présente Norme européenne définit en particulier :
   les technologies devant afficher la signalétique ;
   les types d’application – y compris types de données et type de personnes associées au type de données (par exemple, consommateur ou usager, client, employé, etc.) – qui doivent afficher la signalétique ;
   celui devant être défini comme exploitant d’application ;
   les éléments de données et les représentations graphiques qui doivent figurer sur la signalétique ;
   les exigences de présentation applicables à la signalétique, en prenant en considération le besoin :
   de mettre en balance certaines options pour le choix de conception ;
   d’une signalétique commune, cohérente et reconnaissable.
   les moyens de prendre en charge l’accessibilité.
1.3   Applicabilité
La présente Norme européenne s’applique à toutes les entreprises mettant en œuvre des applications RFID au sein de l'Union européenne, quelle que soit la domiciliation de l’exploitant.

Informacijska tehnologija - Priglasitev RFID - Informacijski znak in dodatne informacije, ki jih zagotovijo operaterji sistemov aplikacij RFID

1.1 Splošno
Področje uporabe tega evropskega standarda je določiti zahteve za skupni evropski priglasitveni znakovni sistem, ki ga prikazujejo operaterji sistemov aplikacij RFID na področjih, kjer se uporabljajo bralniki radijskih frekvenc.
Poleg tega ta evropski standard določa priglasitvene postopke, kadar so naprave RFID pritrjene na ali vgrajene v elemente, ki jih je mogoče kupiti ali uporabljati v državah članicah EU.
Na splošno bo zahteva za prikazovanje skupnih evropskih priglasitvenih znakov RFID posledica ocene vpliva RFID na zasebnost, ki jo izvede operater za ovrednotenje potencialnih tveganj za zasebnost. Priglasitveni znaki so osnovno orodje za omejevanje opredeljivih tveganj.  
1.2 Cilj
Cilj tega evropskega standarda je velikim in malim podjetjem zagotoviti skupen in dostopen okvir za zasnovo ter prikazovanje znakov na prostovoljni podlagi v skladu s točkama 7 in 8 Priporočila EK C(2009) 3200.
Ta evropski standard določa zlasti:
– v okviru katerih tehnologij je treba prikazovati znake;
– za katero vrsto aplikacije, vključno z vrstami podatkov in povezavo z vrsto osebe (npr. državljan, stranka, uslužbenec itd.), je potrebno prikazovanje podatkov;
– kdo bo določen za operaterja aplikacije;
– podrobnosti podatkov in grafik, ki bodo vključeni v znake;
– predstavnostne zahteve za znake, pri čemer se upošteva potreba
– po uravnovešanju možnosti za izbiro zasnove;
– po doslednih skupnih in prepoznavnih znakih.
– sredstva za podporo dostopnosti.
1.3 Uporabnost  
Ta evropski standard se uporablja za vsa podjetja, ki upravljajo aplikacije RFID v Evropski uniji, ne glede na stalno prebivališče operaterja.

General Information

Status
Published
Public Enquiry End Date
30-Jun-2013
Publication Date
09-Nov-2014
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
31-Jul-2014
Due Date
05-Oct-2014
Completion Date
10-Nov-2014

Buy Standard

Standard
EN 16570:2014
English language
15 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Standard
EN 16570:2014
English language
15 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 16570:2014
01-december-2014
Informacijska tehnologija - Priglasitev RFID - Informacijski znak in dodatne
informacije, ki jih zagotovijo operaterji sistemov aplikacij RFID
Information technology - Notification of RFID - The information sign and additional
information to be provided by operators of RFID application systems
Informationstechnik - Notifizierung von RFID - Das Informationszeichen und zusätzliche
Informationen, die bei der Datenerfassung mittels RFID von den Betreibern
entsprechender Anwendungen bereitgestellt werden müssen
Technologies de l'information - Notification d'identification par radiofréquence (RFID) -
Signe informationnel et informations complémentaires devant être délivrées par les
exploitants de systèmes d'application d'identification RFID
Ta slovenski standard je istoveten z: EN 16570:2014
ICS:
03.080.99 Druge storitve Other services
35.040.50 Tehnike za samodejno Automatic identification and
razpoznavanje in zajem data capture techniques
podatkov
SIST EN 16570:2014 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 16570:2014

---------------------- Page: 2 ----------------------
SIST EN 16570:2014

EUROPEAN STANDARD
EN 16570

NORME EUROPÉENNE

EUROPÄISCHE NORM
July 2014
ICS 35.240.60
English Version
Information technology - Notification of RFID - The information
sign and additional information to be provided by operators of
RFID application systems
Technologies de l'information - Notification d'identification Informationstechnik - Notifizierung von RFID - Das
par radiofréquence (RFID) - Signe informationnel et Informationszeichen und zusätzliche Informationen, die von
informations complémentaires devant être délivrées par les den Betreibern von RFID-Anwendungssystemen
exploitants de systèmes d'application d'identification RFID bereitgestellt werden müssen
This European Standard was approved by CEN on 14 May 2014.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European
Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national
standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same
status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.





EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2014 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 16570:2014 E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------
SIST EN 16570:2014
EN 16570:2014 (E)
Contents Page
Foreword .3
Introduction .4
1 Scope .5
1.1 General .5
1.2 Objective .5
1.3 Applicability .5
2 Normative references .5
3 Terms and definitions .5
4 The Common European RFID Notification Signage System .7
4.1 Introduction .7
4.2 Definition of the Common European Notification Signage System .8
4.3 The common European RFID notification sign .8
4.4 The Common RFID emblem .8
4.5 Contact Point .9
4.5.1 General .9
4.5.2 Name of the operator of the application .9
4.6 Purpose of the application(s) .9
5 Placement of RFID Signs notifying the presence of RFID interrogators . 10
5.1 General . 10
5.2 Notification of multiple applications in an area . 10
6 Notification of the presence of tags on or in items . 10
6.1 Common RFID Emblem . 10
6.2 Contact Point . 11
6.3 Scope and purpose. 11
7 Additional information: the Information Policy . 11
7.1 Summary PIA . 11
7.2 Information policy requirements with respect to RFID privacy . 11
7.3 RFID privacy information and notification within promotional material . 11
7.3.1 General . 11
7.3.2 RFID privacy information and notification within sales material and pre-contract
information . 12
7.3.3 RFID privacy relevant contractual clauses . 12
7.3.4 Post sale user RFID privacy information including end of use of an item . 13
7.3.5 RFID privacy information and notification to be obtained from manufacturers and other
RFID technology suppliers . 14
8 Legibility/Accessibility . 14
Bibliography . 15

2

---------------------- Page: 4 ----------------------
SIST EN 16570:2014
EN 16570:2014 (E)
Foreword
This document (EN 16570:2014) has been prepared by Technical Committee CEN/TC 225 “AIDC
technologies”, the secretariat of which is held by NEN.
This European Standard shall be given the status of a national standard, either by publication of an identical
text or by endorsement, at the latest by January 2015, and conflicting national standards shall be withdrawn at
the latest by January 2015.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights.
This document has been prepared under a mandate given to CEN by the European Commission and the
European Free Trade Association.
This European Standard is one of a series of related deliverables, which together comprise M/436 Phase 2.
The other deliverables are:
— EN 16571, Information technology — RFID privacy impact assessment process;
— EN 16656, Information technology — Radio frequency identification for item management — RFID
Emblem (ISO/IEC 29160:2012, modified);
— CEN/TR 16669, Information technology — Device interface to support ISO/IEC 18000-3,
— CEN/TR 16670, Information technology — RFID threat and vulnerability analysis;
— CEN/TR 16671, Information technology — Authorisation of mobile phones when used as RFID
interrogators;
— CEN/TR 16672, Information technology — Privacy capability features of current RFID technologies;
)
1
, Information technology — RFID privacy impact assessment analysis for specific
— CEN/TR 16673
sectors;
— CEN/TR 16674, Information technology — Analysis of privacy impact assessment methodologies
relevant to RFID;
)
2
— CEN/TR 16684 , Information technology — Notification of RFID — Additional information to be provided
by operators;
— CEN/TS 16685, Information technology — Notification of RFID — The information sign to be displayed in
areas where RFID interrogators are deployed.
According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following
countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech
Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece,
Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal,
Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.

1) CEN/TR 16673 contains practical examples of PIA systems.
2) CEN/TR 16684 contains practical examples of notification signage systems.
3

---------------------- Page: 5 ----------------------
SIST EN 16570:2014
EN 16570:2014 (E)
Introduction
In response to the growing deployment of RFID systems in Europe, the European Commission published in
2007 the Communication COM(2007) 96 ‘RFID in Europe: steps towards a policy framework’. This
Communication proposed actions to overcome barriers to wider take-up of RFID to benefit society and the
economy whilst incorporating appropriate privacy, health and environmental safeguards.
In December 2008, the European Commission addressed Mandate M/436 to CEN, CENELEC and ETSI in the
field of ICT as applied to RFID systems.
The Mandate addresses the data protection, privacy and information policy aspects of RFID, and has been
executed in two phases.
Phase 1, completed in May 2011, identified the work needed to produce a complete framework of future RFID
standards. The Phase 1 results are contained in the ETSI Technical Report TR 187 020, which was published
in May 2011.
Phase 2 delivered the execution of the standardization work programme identified in the first phase.
This European Norm is one of 11 deliverables of EC Mandate M/436 RFID Phase 2. It builds on the research
undertaken in the related Technical Report CEN/TR 16684:2014, Information technology — Notification of
RFID — Additional information to be provided by operators.
It is intended that the procedures defined in this EN shall be used by individual RFID operators - or by entire
sectors - for notification of the presence of RFID applications.
4

---------------------- Page: 6 ----------------------
SIST EN 16570:2014
EN 16570:2014 (E)
1 Scope
1.1 General
The scope of this EN is to define the requirements for a Common European Notification Signage system to be
used by operators of RFID application systems deployed within the EU Member States.
1.2 Objective
The objective of this EN is to provide enterprises, both large and small, with a common and accessible
framework for the design and display of RFID notification signs.
In addition to the information placed on the sign, the framework includes the information policy - needed to
answer enquiries received from individuals accessing the contact point noted on the sign itself. This minimizes
the volume of information written on the sign.
This European Standard defines:
a) the details of data and graphics that shall be included on the signage;
b) the presentational requirements for the signage, taking account of the need;
1) to provide a practical solution given constraints on print technique and print area;
2) for a consistent common and recognisable signage;
c) means to support accessibility;
d) the structure and content of an information policy to meet the informational needs of individuals with
respect to RFID privacy.
1.3 Applicability
This EN provides an application-agnostic framework which may be used by all enterprises operating RFID
applications in the European Union.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
EN 16571, Information technology — RFID privacy impact assessment process
EN 16656:2014, Information technology — Radio frequency identification for item management — RFID
Emblem (ISO/IEC 29160:2012, modified)
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1
common European RFID notification emblem
graphic design which notifies the presence of radio frequency identification (RFID) systems
5

---------------------- Page: 7 ----------------------
SIST EN 16570:2014
EN 16570:2014 (E)
Note 1 to entry: This emblem is defined in EN 16656 as the filled general-purpose emblem (Figure B.3). Users of this
European Norm should use EN 16656 rather than ISO/IEC 29160:2012. The EN version contains specific advice
regarding the use of the RFID Emblem in an EU environment, especially in relation to minimum sizing of the emblem.
Note 2 to entry: The term “emblem” is used to signify that the Common European Emblem is non-commercial and
does not make any statement of interoperability.
3.2
common European RFID notification sign
physical expression of the RFID notification signage system
Note 1 to entry: It has three elements:
1) the common European RFID Notification Emblem,
2) the scope and purpose of the RFID application,
3) the contact point where further information about the application may be obtained.
3.3
controller or data controller
natural or legal person, public authority or agency, or any other body which alone or jointly with others
determines the purpose and means of the processing of personal data
Note 1 to entry: Where the purpose and means of the processing are determined by national or Community laws or
regulations the controller or the specific criteria for his nomination may be designated by national or Community Law.
3.4
common European notification emblem
emblem which is used to signify that the Common European Emblem is non-commercial and does not make
any statement of interoperability
3.5
logo
symbol, graphic design or other small design that indicates branding, trademark, or interoperability capability
3.6
operator
RFID application operator
natural or legal person, public authority, agency, or any other body, which, alone or jointly with others,
determines the purposes and means of operating an application, including controllers of personal data using
an RFID application
Note 1 to entry: At the application level, the identity of the operator is context related.
3.7
personal data
information on a person’s characteristics apart from identity data (name, birth date and place, address,
governmental identification card number, etc.)
Note 1 to entry: These data include: religious or philosophical beliefs, race, political opinions, health, sexual
orientation, membership of a trade union, personal data connected with a person’s criminal behaviour, personal data
connected with unlawful or objectionable conduct for which a ban has been imposed (a street ban, for example).
3.8
personal data processing
operation or any set of operations upon personal data
6

---------------------- Page: 8 ----------------------
SIST EN 16570:2014
EN 16570:2014 (E)
Note 1 to entry: These encompass data such as: collecting, recording, organization, storage, adaptation or alteration,
retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or
combination, blocking, erasure or destruction.
3.9
RFID (Radio Frequency Identification)
electro-magnetic radiating waves or reactive field coupling in the radio frequency portion of the spectrum to
communicate to or from a tag through a variety of modulation and encoding schemes to uniquely read the
identity of a radio frequency tag or other data stored on it
3.10
RFID application or application
application that processes data through the use of tags and interrogators, and which is supported by a back-
end system and a networked communication infrastructure
3.11
RFID interrogator
fixed or mobile data capture and identification device using a radio frequency electromagnetic wave or
reactive field coupling to stimulate and effect a modulated data response from a tag or group of tags
3.12
RFID tag or ‘Tag’ (including contactless cards)
device having the ability to produce a radio signal or a RFID device that re-couples, back- scatters or reflects
(depending on the type of device) and modulates a carrier signal received from an interrogator
Note 1 to entry: For the purposes of this EN, an RF tag applies to any transponder that is capable of communicating
using the radio frequency portion of the spectrum for communication purposes. As such it applies to any form factor
including cards, phones, etc., that contain a transponder: RF tag, Tag, Transponder, Electronic label, Transponder plus
the information storage mechanism attached to the object.
Note 2 to entry: Although ‘transponder’ is technically the most accurate term,
...

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Informacijska tehnologija - Priglasitev RFID - Informacijski znak in dodatne informacije, ki jih zagotovijo operaterji sistemov aplikacij RFIDInformationstechnik - Notifizierung von RFID - Das Informationszeichen und zusätzliche Informationen, die bei der Datenerfassung mittels RFID von den Betreibern entsprechender Anwendungen bereitgestellt werden müssenTechnologies de l'information - Notification d'identification par radiofréquence (RFID) - Signe informationnel et informations complémentaires devant être délivrées par les exploitants de systèmes d'application d'identification RFIDInformation technology - Notification of RFID - The information sign and additional information to be provided by operators of RFID application systems35.020Informacijska tehnika in tehnologija na splošnoInformation technology (IT) in general03.080.99Druge storitveOther servicesICS:Ta slovenski standard je istoveten z:EN 16570:2014SIST EN 16570:2014en,fr,de01-december-2014SIST EN 16570:2014SLOVENSKI
STANDARD



SIST EN 16570:2014



EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 16570
July 2014 ICS 35.240.60 English Version
Information technology - Notification of RFID - The information sign and additional information to be provided by operators of RFID application systems
Technologies de l'information - Notification d'identification par radiofréquence (RFID) - Signe informationnel et informations complémentaires devant être délivrées par les exploitants de systèmes d'application d'identification RFID Informationstechnik - Notifizierung von RFID - Das Informationszeichen und zusätzliche Informationen, die von den Betreibern von RFID-Anwendungssystemen bereitgestellt werden müssen This European Standard was approved by CEN on 14 May 2014.
CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre:
Avenue Marnix 17,
B-1000 Brussels © 2014 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN 16570:2014 ESIST EN 16570:2014



EN 16570:2014 (E) 2 Contents Page Foreword .3 Introduction .4 1 Scope .5 1.1 General .5 1.2 Objective .5 1.3 Applicability .5 2 Normative references .5 3 Terms and definitions .5 4 The Common European RFID Notification Signage System .7 4.1 Introduction .7 4.2 Definition of the Common European Notification Signage System .8 4.3 The common European RFID notification sign .8 4.4 The Common RFID emblem .8 4.5 Contact Point .9 4.5.1 General .9 4.5.2 Name of the operator of the application .9 4.6 Purpose of the application(s) .9 5 Placement of RFID Signs notifying the presence of RFID interrogators . 10 5.1 General . 10 5.2 Notification of multiple applications in an area . 10 6 Notification of the presence of tags on or in items . 10 6.1 Common RFID Emblem . 10 6.2 Contact Point . 11 6.3 Scope and purpose. 11 7 Additional information: the Information Policy . 11 7.1 Summary PIA . 11 7.2 Information policy requirements with respect to RFID privacy . 11 7.3 RFID privacy information and notification within promotional material . 11 7.3.1 General . 11 7.3.2 RFID privacy information and notification within sales material and pre-contract information . 12 7.3.3 RFID privacy relevant contractual clauses . 12 7.3.4 Post sale user RFID privacy information including end of use of an item . 13 7.3.5 RFID privacy information and notification to be obtained from manufacturers and other RFID technology suppliers . 14 8 Legibility/Accessibility . 14 Bibliography . 15
SIST EN 16570:2014



EN 16570:2014 (E) 3 Foreword This document (EN 16570:2014) has been prepared by Technical Committee CEN/TC 225 “AIDC technologies”, the secretariat of which is held by NEN. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by January 2015, and conflicting national standards shall be withdrawn at the latest by January 2015. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights. This document has been prepared under a mandate given to CEN by the European Commission and the European Free Trade Association. This European Standard is one of a series of related deliverables, which together comprise M/436 Phase 2. The other deliverables are: — EN 16571, Information technology — RFID privacy impact assessment process; — EN 16656, Information technology — Radio frequency identification for item management — RFID Emblem (ISO/IEC 29160:2012, modified); — CEN/TR 16669, Information technology — Device interface to support ISO/IEC 18000-3, — CEN/TR 16670, Information technology — RFID threat and vulnerability analysis; — CEN/TR 16671, Information technology — Authorisation of mobile phones when used as RFID interrogators; — CEN/TR 16672, Information technology — Privacy capability features of current RFID technologies; — CEN/TR 166731), Information technology — RFID privacy impact assessment analysis for specific sectors; — CEN/TR 16674, Information technology — Analysis of privacy impact assessment methodologies relevant to RFID; — CEN/TR 166842), Information technology — Notification of RFID — Additional information to be provided by operators; — CEN/TS 16685, Information technology — Notification of RFID — The information sign to be displayed in areas where RFID interrogators are deployed. According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.
1) CEN/TR 16673 contains practical examples of PIA systems. 2) CEN/TR 16684 contains practical examples of notification signage systems. SIST EN 16570:2014



EN 16570:2014 (E) 4 Introduction In response to the growing deployment of RFID systems in Europe, the European Commission published in 2007 the Communication COM(2007) 96 ‘RFID in Europe: steps towards a policy framework’. This Communication proposed actions to overcome barriers to wider take-up of RFID to benefit society and the economy whilst incorporating appropriate privacy, health and environmental safeguards. In December 2008, the European Commission addressed Mandate M/436 to CEN, CENELEC and ETSI in the field of ICT as applied to RFID systems. The Mandate addresses the data protection, privacy and information policy aspects of RFID, and has been executed in two phases. Phase 1, completed in May 2011, identified the work needed to produce a complete framework of future RFID standards. The Phase 1 results are contained in the ETSI Technical Report TR 187 020, which was published in May 2011. Phase 2 delivered the execution of the standardization work programme identified in the first phase. This European Norm is one of 11 deliverables of EC Mandate M/436 RFID Phase 2. It builds on the research undertaken in the related Technical Report CEN/TR 16684:2014, Information technology — Notification of RFID — Additional information to be provided by operators. It is intended that the procedures defined in this EN shall be used by individual RFID operators - or by entire sectors - for notification of the presence of RFID applications. SIST EN 16570:2014



EN 16570:2014 (E) 5 1 Scope 1.1 General The scope of this EN is to define the requirements for a Common European Notification Signage system to be used by operators of RFID application systems deployed within the EU Member States. 1.2 Objective The objective of this EN is to provide enterprises, both large and small, with a common and accessible framework for the design and display of RFID notification signs. In addition to the information placed on the sign, the framework includes the information policy - needed to answer enquiries received from individuals accessing the contact point noted on the sign itself. This minimizes the volume of information written on the sign. This European Standard defines: a) the details of data and graphics that shall be included on the signage; b) the presentational requirements for the signage, taking account of the need; 1) to provide a practical solution given constraints on print technique and print area; 2) for a consistent common and recognisable signage; c) means to support accessibility; d) the structure and content of an information policy to meet the informational needs of individuals with respect to RFID privacy. 1.3 Applicability This EN provides an application-agnostic framework which may be used by all enterprises operating RFID applications in the European Union. 2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. EN 16571, Information technology — RFID privacy impact assessment process EN 16656:2014, Information technology — Radio frequency identification for item management — RFID Emblem (ISO/IEC 29160:2012, modified) 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. 3.1 common European RFID notification emblem graphic design which notifies the presence of radio frequency identification (RFID) systems SIST EN 16570:2014



EN 16570:2014 (E) 6 Note 1 to entry: This emblem is defined in EN 16656 as the filled general-purpose emblem (Figure B.3). Users of this European Norm should use EN 16656 rather than ISO/IEC 29160:2012. The EN version contains specific advice regarding the use of the RFID Emblem in an EU environment, especially in relation to minimum sizing of the emblem. Note 2 to entry: The term “emblem” is used to signify that the Common European Emblem is non-commercial and does not make any statement of interoperability. 3.2 common European RFID notification sign physical expression of the RFID notification signage system Note 1 to entry: It has three elements: 1)
the common European RFID Notification Emblem, 2)
the scope and purpose of the RFID application, 3)
the contact point where further information about the application may be obtained. 3.3 controller or data controller natural or legal person, public authority or agency, or any other body which alone or jointly with others determines the purpose and means of the processing of personal data Note 1 to entry: Where the purpose and means of the processing are determined by national or Community laws or regulations the controller or the specific criteria for his nomination may be designated by national or Community Law. 3.4 common European notification emblem emblem which is used to signify that the Common European Emblem is non-commercial and does not make any statement of interoperability 3.5 logo symbol, graphic design or other small design that indicates branding, trademark, or interoperability capability 3.6 operator RFID application operator natural or legal person, public authority, agency, or any other body, which, alone or jointly with others, determines the purposes and means of operating an application, including controllers of personal data using an RFID application Note 1 to entry:
At the application level, the identity of the operator is context related. 3.7 personal data information on a person’s characteristics apart from identity data (name, birth date and place, address, governmental identification card number, etc.) Note 1 to entry:
These data include: religious or philosophical beliefs, race, political opinions, health, sexual orientation, membership of a trade union, personal data connected with a person’s criminal behaviour, personal data connected with unlawful or objectionable conduct for which a ban has been imposed (a street ban, for example). 3.8 personal data processing operation or any set of operations upon personal data SIST EN 16570:2014



EN 16570:2014 (E) 7 Note 1 to entry:
These encompass data such as: collecting, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction. 3.9 RFID (Radio Frequency Identification) electro-magnetic radiating waves or reactive field coupling in the radio frequency portion of the spectrum to communicate to or from a tag through a variety of modulation and encoding schemes to uniquely read the identity of a radio frequency tag or other data stored on it 3.10 RFID application or application application that processes data through the use of tags and interrogators, and which is supported by a back-end system and a networked communication infrastructure 3.11 RFID interrogator fixed or mobile data capture and identification device using a radio frequency electromagnetic wave or reactive field coupling to stimulate and effect a modulated data response from a tag or group of tags 3.12 RFID tag or ‘Tag’ (including contactless cards) device having the ability to produce a radio signal or a RFID device that re-couples, back- scatters or reflects (depending on the type of device) and modulates a carrier signal received from an interrogator Note 1 to entry:
For the purposes of this EN, an RF tag applies to any transponder that is capable of communicating using the radio frequency portion of the spectrum for communication purposes. As such it applies to any form factor including cards, phones, etc., that contain a transponder: RF tag, Tag, Transponder, Electronic label, Transponder plus the information storage mechanism attached to the object. Note 2 to entry:
Although ‘transponder’ is technically the most accurate term, the most common and preferred term is
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.