The International Herald Tribune
March 3, 2008
by Doreen Carvajal
Paris, France - Thousands of garments in the sprawling men’s department at the Galeria Kaufhof are equipped with tiny wireless chips that can forestall fashion disaster by relaying information from the garment to a dressing-room screen.
The garments in the department store, in Essen, Germany, contain radio frequency identification chips, small circuits that communicate by radio waves through portable readers and more than 200 antennas that can not only recommend a brown belt for those tweed slacks but also track garments from the racks, shelves and dressing rooms on the store’s third floor.
This pioneering pilot project of the Metro Group, a retail chain in Germany, heralds a shopping experience of the future in which dress shirts can wirelessly offer accessorizing tips to shoppers. But the rapid development of RFID technology is also being regarded cautiously by the authorities in the European Union, who are moving quickly to establish privacy guidelines because the chips - and the information being collected - are not always visible.
Their goal is to raise awareness among consumers that the data-gathering chips are becoming embedded in their lives - in items like credit cards, public transportation passes, work access badges, borrowed library books and supermarket loyalty cards.
There are also policy concerns regarding whether retailers could link a customer’s credit card data to an RFID tag in a product, allowing clients to be identified when they return to a store.
In late February, the European Commission issued privacy protection proposals to establish a code of conduct for companies using RFID technology, fueling a debate among privacy advocates who seek more openness and trade groups of manufacturers and retailers who want practical guidelines that will allow the developing technology to flourish.
The guidelines will be open to public comment and debate through late April. They will stop short of becoming part of actual legislation, instead offering direction to members of the European Union for developing privacy protections.
The chips, whose use dates back to radar experiments during World War II by the Germans and the British - are gaining wider acceptance among manufacturers, the transport industry and the retail trade, according to Chad Eschinger, a research director at Gartner, an information technology research company based in Stamford, Connecticut. He forecast $1.28 billion in global revenues for RFID technology in 2008, a 31 percent increase from the year before, and revenue of $3.5 billion in 2012.
Against that backdrop, regulators in Brussels are proposing a new standard that would require stores to deactivate chips at the check-out counter unless customers specifically chose to keep the tags functioning.
Privacy advocates have hailed what is known as the opt-in principle as a pioneering step by European regulators to establish clear privacy protections in connection with the technology. In February, lawmakers in the U.S. state of Washington also sought to carve out a privacy bill of rights, passing legislation in the state’s House of Representatives to make it a felony for businesses to keep personal information gathered from RFID chips without consent from customers.
“For us, consumers have to be protected,” said Emilie Berrau, a legal officer for the BEUC, the European Consumers Organization in Brussels. “They haven’t asked for the technology, so why should they have the burden of protecting themselves?”
But some trade groups, and Metro, say they are concerned that strict guidelines will prevent retailers from adopting the technology.
EPCglobal, an international trade group formed in 2003 to pursue a common set of RFID standards, supports privacy protections, said Marisa Jimenez, public policy director for the group, based in Brussels. But the group opposes the approach being recommended.
“How can you make an assumption that consumers will want their tags deactivated at the point of sales?” she said. “How can we justify that? So far we haven’t heard from consumers with day-to-day concerns. There is a distance there. This technology is developing very quickly. And if there is an opt-in approach, that will probably deter many retailers from adopting the technology.”
Retailers have tended to use the chips for logistical purposes like tracking deliveries, but companies are starting to get more inventive. A British uniform supplier, Trutex, said it was developing clothing with chips to track schoolchildren, in part because of surveys that showed parents were favorable to the idea.
McDonald’s has been testing an RFID ordering system in Seoul on special tables equipped with touch-pad menus and fitted with readers that allow customers to link their mobile phones and order hamburgers. The tab goes on the mobile.
When the Metro Group opened its state-of-the-chip menswear department in September, it adopted the favored industry approach - leaving it to customers to request to deactivate the tags on their purchases. The chips are now contained in a larger hanging paper tag that can easily be cut off by cashiers or customers. But in the future the chips could be housed within the garment, making it less visible.
Metro, headquartered in Düsseldorf, has placed posters and brochures in the store and each tag hanging on a garment contains a notice about the chips.
“If we have to deactivate at the check-out, then the technology is going to stay within the logistics process - to say where is a box or where is the pallet in the distribution center,” said Antonia Voerste, a spokeswoman. “It won’t come on consumer items. They’re going to kill the technology with that.”
But even without that prodding, companies are looking for ways to demonstrate their respect for privacy standards. European authorities started financing a 1.2 million, or $1.8 million, pilot project in the summer to create a trans-European “privacy seal of approval” that could be marked on products that meet independent evaluations of privacy standards and could be applied to products using RFID chips. Called the EuroPriSe Project, the program has already accepted 20 companies seeking the seal, according to the project manager, Kirsten Bock. The Independent Center for Privacy Protection in the German state of Schleswig-Holstein is coordinating the project with partners in eight other countries, taking on the lead role because the center had already developed its own regional privacy seal. Bock said it was clear there was a demand for the logos - something akin to popular seals certifying organic products or fair-trade items. The new EuroPriSe program, she said, has had to turn away more than 80 companies during its test phase. And even Schleswig-Holstein, with its regional privacy seal, managed to attract a giant from across the Atlantic seeking a seal for its software, Bock said. At a ceremony last year in Berlin, Schleswig-Holstein officials awarded the privacy seal to Microsoft for its Update 6.0 and Windows Services 2.0.