Table of Contents

 1     Scope        
 2     References             
 3     Definitions
        3.1     Terms defined elsewhere      
        3.2     Terms defined in this Recommendation          
 4     Abbreviations and acronyms           
 5     Conventions           
 6     Privacy principles  
 7     Threats and infringements of PII in RFID      
        7.1     Invisibility of data collection  
        7.2     Profiling       
        7.3     Tracking       
 8     RFID applications   
        8.1     Supply-chain management    
        8.2     Transportation and logistics  
        8.3     Healthcare and medical application   
        8.4     e-government           
        8.5     Information service  
 9     Guidelines on protection for personally identifiable information       
        9.1     Policies and procedures         
        9.2     Restriction on recording PII   
        9.3     Information, consent, right of access, rectification, right to oppose      
        9.4     Restriction on collecting and linking PII           
        9.5     Deactivation of the RFID tag once the purpose is fulfilled         
        9.6     Information about service providers and data controllers        
        9.7     Organizational and technical measures for protecting PII        
        9.8     Assessment of the privacy impact of the RFID system  
        9.9     Appointment of a data protection official       
Appendix I – Characteristics and restrictions of RFID tag    
        I.1               Classification and characteristics of RFID tags     
        I.2               Restrictions of passive tags        
Appendix II – Technical measures for protecting PII in the RFID system    
       II.1     Kill tag using password           
       II.2     Privacy protection using physical technology   
       II.3     Privacy protection using cryptographic technology