I&S Meeting 26 September 2011 Draft PIA Tool
© 2011 GS1 Agenda Introduction PIA Requirements Background RFID PIA Tool demonstration Next steps for PIA communications and implementation
© 2011 GS1 GS1 Guidelines on EPC for Consumer Products 3 --Adopted 2003, January 2005 implementation Provide Consumer Notice “Consumers will be given clear notice of the presence of EPC on products or their packaging and will be informed of the use of EPC technology” Provide Consumer Choice “Consumers will be informed of the choices that are available to discard or remove or in the future disable EPC tags…” Provide Consumer Education Follow all laws on record use, retention and security Guidelines will evolve as technology evolves
© 2011 GS1 Background – The Recommendation on Privacy & Data Protection for RFID Applications European Commission RFID Recommendation issued May ents/recommendationonrfid2009.pdfhttp://ec.europa.eu/information_society/policy/rfid/docum ents/recommendationonrfid2009.pdf All RFID Application Operators should conduct a PIA of their RFID Application Industry in collaboration with stakeholders should develop a framework for Privacy Impact Assessments (PIAs) endorsed by Article 29 Data Protection Working Party
© 2011 GS1 Background - RFID PIA Framework Serves as a common approach to conducting Privacy Impact Assessments on RFID Applications PIA Framework identifies objectives of RFID Application PIAs components of RFID Applications to be considered during PIAs process for conducting a PIA and the common structure and content of RFID Application PIA Reports Based on a privacy and data protection risk management approach
© 2011 GS1 Process of adoption 2009 – Recommendation published. Stakeholders group set up to draft PIA Framework 2010 – Drafting of PIA Framework and feedback from Article 29 WP. Final draft submitted end of 2010 February 2011 – Formal endorsement of the Article 29 WP. April Endorsement of the European Commission PIA Framework on EC website: ndex_en.htm ndex_en.htm Next step: Industry PIA Templates or Tools to promote PIA adoption
© 2011 GS1 Initial Analysis: Decision Tree on PIA levels
PIA Tool DEMO Bill Schaumann, Ernst & Young 8
© 2011 GS1 Group Discussion 9 Next steps for PIA communications and implementation Best ways to communicate to users the need to complete PIAs? What support will Member Organizations need? Additional feedback?
Contact Details Massimiliano Minisci Director, Public Policy Europe Elizabeth Board Executive Director, GS1 Global Public Policy