CEN/TR 16674:2014
Current
The latest, up-to-date edition.
Information technology - Analysis of privacy impact assessment methodologies relevant to RFID
04-06-2014
Foreword
Introduction
1 Scope
2 Terms and definitions
3 Symbols and abbreviations
4 Risk analysis for wireless RFID communications
and RFID devices
5 The relationship of the RFID PIA process and methodologies
standards to the privacy law
6 RFID and personal information
7 Standards organizations and risk management standards
8 Legal supported PIA methodology
9 Proposed methodologies for RFID PIA process
10 The reasoning for addressing the privacy assessment at
the periphery for RFID
11 The case for a cost-effective PIA process
12 Conclusions
Bibliography
The scope of this Technical Report (TR) is to identify methodologies that are used for, or have been considered applicable to, wireless technologies. These methodologies are analyzed to identify features that are applicable to RFID.Based on the Industry RFID PIA Framework endorsed by the Article 29 Data Protection Working Party, the Technical Report focuses on proposing risk analysis methodologies suitable for the data capture area of an RFID system. This includes the RFID tag, the interrogator, the air interface protocol used for communication between them, and the communication from the interrogator to the application.The Technical Report also proposes risk management features based on the inherent capabilities of a number of RFID technologies that conform to standardized RFID air interface protocols. This should provide enough information to enable the proposed privacy control features to be applied to other RFID technologies including those with proprietary air interface protocols and tag architectures. The risk management features exclude fundamental privacy by design features because these should be the subject of revisions and enhancements to technology standards. The risk management features defined in this Technical Report are considered applicable to current and future implementations of RFID based on existing technology. As such, this Technical Report is considered as input into a standard procedure for undertaking an RFID Privacy Impact Assessment.
| Committee |
CEN/TC 225
|
| DocumentType |
Technical Report
|
| PublisherName |
Comite Europeen de Normalisation
|
| Status |
Current
|
| Standards | Relationship |
| PD CEN/TR 16674:2014 | Identical |
| S.R. CEN/TR 16674:2014 | Identical |
| NEN NPR CEN/TR 16674 : 2014 | Identical |
| DIN EN 16571:2014-10 | INFORMATION TECHNOLOGY - RFID PRIVACY IMPACT ASSESSMENT PROCESS |
| BS EN 16571:2014 | Information technology. RFID privacy impact assessment process |
| UNI EN 16571 : 2014 | INFORMATION TECHNOLOGY - RFID PRIVACY IMPACT ASSESSMENT PROCESS |
| I.S. EN 16571:2014 | INFORMATION TECHNOLOGY - RFID PRIVACY IMPACT ASSESSMENT PROCESS |
| EN 16571:2014 | Information technology - RFID privacy impact assessment process |
| DIN EN 16571 E : 2014 | INFORMATION TECHNOLOGY - RFID PRIVACY IMPACT ASSESSMENT PROCESS |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.