1 / 10

I&S Meeting 26 September 2011 Draft PIA Tool

I&S Meeting 26 September 2011 Draft PIA Tool . Agenda. Introduction PIA Requirements Background RFID PIA Tool demonstration Next steps for PIA communications and implementation. GS1 Guidelines on EPC for Consumer Products . --Adopted 2003, January 2005 implementation

bonnie
Download Presentation

I&S Meeting 26 September 2011 Draft PIA Tool

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. I&S Meeting 26 September 2011 Draft PIA Tool

  2. Agenda • Introduction • PIA Requirements Background • RFIDPIA Tool demonstration • Next steps for PIA communications and implementation

  3. GS1 Guidelines on EPC for Consumer Products • --Adopted 2003, January 2005 implementation • Provide Consumer Notice • “Consumers will be given clear notice of the presence of EPC on products or their packaging and will be informed of the use of EPC technology” • Provide Consumer Choice • “Consumers will be informed of the choices that are available to discard or remove or in the future disable EPC tags…” • Provide Consumer Education • Follow all laws on record use, retention and security • Guidelines will evolve as technology evolves

  4. Background – The Recommendation on Privacy & Data Protection for RFID Applications • European Commission RFID Recommendation issued May 2009 • http://ec.europa.eu/information_society/policy/rfid/documents/recommendationonrfid2009.pdf • All RFID Application Operators should conduct a PIA of their RFID Application • Industry in collaboration with stakeholders should develop a framework for Privacy Impact Assessments (PIAs) endorsed by Article 29 Data Protection Working Party

  5. Background - RFID PIA Framework • Serves as a common approach to conducting Privacy Impact Assessments on RFID Applications • PIA Framework identifies • objectives of RFID Application PIAs • components of RFID Applications to be considered during PIAs • process for conducting a PIA and the common structure and content of RFID Application PIA Reports • Based on a privacy and data protection risk management approach

  6. Process of adoption • 2009 – Recommendation published. Stakeholders group set up to draft PIA Framework • 2010 – Drafting of PIA Framework and feedback from Article 29 WP. Final draft submitted end of 2010 • February 2011 – Formal endorsement of the Article 29 WP. • April 2011- Endorsement of the European Commission • PIA Framework on EC website: http://ec.europa.eu/information_society/policy/rfid/index_en.htm • Next step: Industry PIA Templates or Tools to promote PIA adoption

  7. Initial Analysis: DecisionTree on PIA levels

  8. PIA Tool DEMOBill Schaumann, Ernst & Young

  9. Group Discussion • Next steps for PIA communications and implementation • Best ways to communicate to users the need to complete PIAs? • What support will Member Organizations need? • Additional feedback?

  10. Contact Details MassimilianoMinisci Director, Public Policy Europe massimiliano.minisci@gs1.org Elizabeth Board Executive Director, GS1 Global Public Policy elizabeth.board@gs1.org

More Related