Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
In this section, we will provide guidelines for which cases legal privacy provisions as discussed in the next section have to be taken into consideration. In order to decide upon the application of the data protection legislation, it is crucial to define whether personal data are involved in the RFID application or in the RFID system in question. As it is illustrated in scheme Figure 4 below, when the information does not relate to an individual, then the information does not qualify as personal data. In the opposite case, when the information related to an individual, the following options shall take place: (a) when the information relates to an identified natural person, e.g. via an RFID implant, then it is personal data; (b) when the information is anonymous and it can not be linked with a natural person, then it is not personal data; (c) when the information relates to an identifiable natural person, the following distinction has to be made, as already discussed under Chapter : (c.1) when the information can be linked to an individual with means reasonably to be used, such as via an RFID tagged access card, it is considered as personal data; (c.2) when the means to be used in order to finally link some information to a natural person, are excessive, then the information does not qualify as personal data.
Figure 4: The process of defining whether there is personal data involved in an RFID application
28 / 38 |