RFID in Libraries

4/5/2004

More Info on CA RFID Privacy Bill

Filed under: — Laura @ 10:20 am

I promised to investigate the status of California’s proposed RFID privacy bill. SB 1834 was introduced by state Sen. Debra Bowen on 2/20/2004. The bill was amended and read a second time on 4/1/2004. It is currently with committee.

The original bill covered retail applications and was appended to the Business and Professional Code. In essence it labelled businesses that didn’t comply with the privacy guidelines “unfair competition” and subjected them penalties. The 4/1 amendment would “authorize a library to use RFID tags attached to circulating materials to
collect information that could be used to identify a borrower under specified conditions.”

Those conditions are:

22651. A library may use an electronic product code system that
uses radio frequency identification (RFID) tags attached to
circulating materials only to collect, store, use, or share
information that could be used to identify a borrower if all of the
following conditions are met:
(a) The information is collected only to the extent permitted by
law.
(b) The information has been provided by the borrower for the
purpose of borrowing an item containing an RFID tag at the library.
© The information is not collected at any time before the
borrower actually attempts to borrow the item or at any time after
the customer completes the transaction to borrow the item containing
the RFID tag.
(d) The information is collected with regards only to a borrower
who actually attempts to borrow the item and is in regard only to
that item.

I think these conditions are a good start. But they don’t do far enough. There should be an explicit statement governing the linking of borrowing information with patron information. In most RFID systems, the link between the two is within the integrated library system not programmed on the tag. That link should only be used when the patron is checking out material and when the patron returns the item. That patron information should already be governed by a library’s privacy policy. For example, at my library only staff with a direct need-to-know would be authorized to view that patron info. And the borrowing information is removed as soon as the item is returned. It could be on the back-up tape for the ILS, but the information would have to be subpeoned. And it would only be on those back-ups for three months anyway.

Comments »

No comments yet.

RSS feed for comments on this post.

Leave a comment

Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

(required)

(required)


Powered by WordPress