Inter­pel­la­ti­on Pia Hol­len­stein (05.3067): Does the use of Radio Fre­quen­cy Iden­ti­fi­ca­ti­on (RFID) threa­ten data protection?

Sta­tus: writ­ten off on 23.3.2007.

Sub­mit­ted text:

RFID tech­no­lo­gy is expec­ted to beco­me ubi­qui­tous. Fears about nega­ti­ve con­se­quen­ces for the infor­ma­tio­nal self-deter­mi­na­ti­on of resi­dents are wide­spread and will increa­se. I the­r­e­fo­re ask the Fede­ral Coun­cil to ans­wer the fol­lo­wing questions:

1. What thre­ats to data pro­tec­tion does he see with regard to the poten­ti­al appli­ca­ti­ons of RFID tech­no­lo­gy in the con­su­mer sector?
2. Does he see a need for action in the data pro­tec­tion law with regard to the pos­si­ble future appli­ca­ti­on of RFID technology?
3. Will the mass use of RFID tags have an impact on recy­cling and disposal?
4. How does he esti­ma­te the addi­tio­nal expo­sure to elec­tro­ma­gne­tic fields from the ubi­qui­tous use of RFID readers?
5. What does it intend to do to iden­ti­fy pos­si­ble risks at an ear­ly stage and to be able to initia­te any pre­cau­tio­na­ry measures?

State­ment of the Fede­ral Council:

1. when using RFID tech­no­lo­gy, it beco­mes pos­si­ble to pro­cess data using radio waves over a cer­tain distance wit­hout the need for a direct (visu­al) con­nec­tion with the chip or for the per­son con­cer­ned to actively inter­ve­ne in a pro­cess. Unless tho­se affec­ted know in which objects trans­pon­ders are imple­men­ted, they also can­not reco­gnize which data is being pro­ce­s­sed. From RFID trans­pon­ders that have not been destroy­ed or dele­ted, the stored infor­ma­ti­on can be read with the help of (invi­si­ble) rea­ders. Data obtai­ned in this way can in turn be lin­ked to one ano­ther. The­re is thus, for exam­p­le, the risk of crea­ting shop­ping or move­ment pro­files (trans­pa­rent citi­zens). If per­so­nal data is pro­ce­s­sed by RFID systems, the data sub­jects must be infor­med trans­par­ent­ly and com­pre­hen­si­ve­ly about the data pro­ce­s­sing, the pur­po­se of the pro­ce­s­sing and the right to infor­ma­ti­on and correction.

2 The Data Pro­tec­tion Act (DPA) is a tech­no­lo­gy-neu­tral law that sets requi­re­ments for data pro­ce­s­sing and thus also for the use of RFID tech­no­lo­gy. This means that the ope­ra­tors of RFID systems must take the legal requi­re­ments of the DPA into account. The­re is no need for action in terms of data pro­tec­tion legislation.

3 In order to esti­ma­te the envi­ron­men­tal impact of dis­card­ed RFID chips, various para­me­ters such as their com­po­si­ti­on, size and ener­gy con­sump­ti­on must be taken into account. The impact on the envi­ron­ment of dis­po­sing of the chips tog­e­ther with muni­ci­pal waste in gar­ba­ge bags can be clas­si­fi­ed as unpro­ble­ma­tic over­all. In con­trast, cer­tain pro­blems may ari­se when recy­cling items fit­ted with RFID chips (e.g. glass recy­cling: dis­co­lo­ra­ti­on, mate­ri­al defects), unless pre­cau­tio­na­ry mea­su­res are taken. Based on Artic­le 30a of the Envi­ron­men­tal Pro­tec­tion Act, the Fede­ral Coun­cil can pro­hi­bit the use of sub­stances that make dis­po­sal con­sider­a­b­ly more dif­fi­cult. Howe­ver, the­re is curr­ent­ly no cor­re­spon­ding need for action. Sepa­ra­te coll­ec­tion of the chips would requi­re an enorm­ous logi­sti­cal and tech­ni­cal effort. Recy­cling the chips is hard­ly wort­hwhile due to minia­tu­rizati­on and is addi­tio­nal­ly made con­sider­a­b­ly more dif­fi­cult by the varie­ty of substances.

If the RFID rea­ders are instal­led and ope­ra­ted pro­per­ly in accordance with the spe­ci­fi­ca­ti­ons and ins­truc­tions, it should be pos­si­ble to com­ply with the limit values of the rele­vant stan­dards. The manu­fac­tu­r­ers of the equip­ment are respon­si­ble for ensu­ring that the design con­forms to the stan­dards. It is dif­fi­cult to esti­ma­te how high the expo­sure actual­ly is, sin­ce the appli­ca­ti­ons are very dif­fe­rent (on the one hand, e.g., shop­lif­ting secu­ri­ty devices with per­ma­nent trans­mis­si­on ope­ra­ti­on, on the other hand, e.g., inter­ro­ga­ti­on of lug­ga­ge iden­ti­fi­ca­ti­on or dog chips with very short trans­mis­si­on times). The expo­sure of the popu­la­ti­on to elec­tro­ma­gne­tic fields from RFID rea­ders has not yet been recor­ded, eit­her at inter­na­tio­nal or natio­nal level. The­r­e­fo­re, the Fede­ral Coun­cil does not yet have a basis for a risk assess­ment. The Fede­ral Office of Public Health, in coope­ra­ti­on with other offices invol­ved, plans to record and ana­ly­ze expo­sures and pos­si­ble health risks of the RFID rea­ders. Howe­ver, due to a lack of human resour­ces, this inve­sti­ga­ti­on will be car­ri­ed out at the ear­liest after the report “Risk poten­ti­al of wire­less net­works” (report in ful­fill­ment of the postu­la­te Alle­mann 04.3594) has been prepared.

5 The Fede­ral Coun­cil is awa­re that in view of the deve­lo­p­ment of new tech­no­lo­gies and the asso­cia­ted uncer­tain­ties about risks, the adop­ti­on of pre­cau­tio­na­ry mea­su­res must be exami­ned. It will base this pri­ma­ri­ly on the results of the report men­tio­ned in que­sti­on 4. Fur­ther bases should be pro­vi­ded by the report “Health pro­tec­tion against NIR in Switz­er­land” (report in ful­fill­ment of the postu­la­te Som­ma­ru­ga 00.3565). Based on the­se reports, the Fede­ral Coun­cil will make an assess­ment of the situation.