The widespread deployment of identification tags (including RFID tags) can give rise to concerns of privacy infringement because of the abilities of RFID technology to automatically collect (and process) data, with the possible disclosure of such data to the public (deliberately or accidentally). For applications using tag-based identification and relying on a personalized identification tag in personalized after-sale management applications, healthcare-related applications, etc., the privacy issue is becoming an increasingly serious problem. This Recommendation describes a number of Personally Identifiable Information (PII) infringements for applications using tag-based identification, and requirements for PII protection. In addition, this Recommendation provides a basic structure of PII protection based on PII policy profile.

Further progressed under TAP with a new title: Threats and requirements for protection of personally identifiable information in applications using tag-based identification