Since GS1’s founding over forty years ago, we have advocated for the responsible use of any and all technology implemented in connection with our standards. We are committed to addressing consumers’ privacy concerns and government interest in the various technologies behind our standards. All of our standards are open and voluntary, and none contain personally identifiable information (PII).
Similar to our standards setting programs, our privacy protection policies incorporate the viewpoints of a wide variety of interested stakeholders from industry implementers, to technical and consumer experts. Contributors work to discuss, vet, and validate the acceptable use of the various technologies used to implement our open and voluntary standards to move industry forward in a way that protects its most valued constituent; the consumer.
We have been active participants in the European Commission RFID and Internet of Things (IOT) Experts Group, the US state of New Hampshire RFID Study Group, the Transatlantic Business Dialogue on RFID, the development of the APEC Privacy Guidelines, several US Federal Trade Commission RFID Forums, and have partnered with governments in every region on demonstrating GS1 standards and related technology. Members of GS1 have participated in countless privacy forums in the United States and Europe.
GS1 is, and has always been, committed to an open dialogue with all parties interested in any technology related to the use of our standards. GS1 and its members are committed to the responsible use of all GS1 standards and related technology. We appreciate opportunities to inform about GS1 identifiers, data carriers and data exchange.
EPC-RFID Privacy Related Guidelines
In 2003, when the GS1 community started work on standards for the Electronic Product Code (EPC – a product identifier) and Radio Frequency Identification (RFID – a data carrier technology), a critical first step was the development of privacy guidelines for the use of EPC RFID on consumer products.
These Guidelines provide a responsible basis for the use of the technology and are based on the global privacy fundamentals of providing notice and choice. The Guidelines’ Frequently Asked Questions give more information about implementing the Guidelines.
Consumer notice and awareness materials, along with staff training information, is available to assist retailers and manufacturers implementing the Privacy Guidelines.
Privacy Impact Assessment Tool
We actively engaged in the European Commission work with industry that led to the 2009 Recommendation on privacy for RFID and the ensuing PIA Framework. On this basis, we developed a Privacy Impact Assessment Tool. Understanding that no organization can fully control the use of its product in the marketplace regardless of intent and because we recognize that some specialty applications might bump up against potential PII implications, we actively work with our community to help govern the responsible use of technology and associated data. The PIA process provides a practical and simple framework for anyone to assess the privacy risks and identify the measures to address them before a new RFID application is introduced on the market.
We can help you work with GS1