The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
Please note that I am only able to provide legal advice to clients. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser cannot be considered to be solicitor-client privileged.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Saturday, April 02, 2005
RAND has released an interesting report on the use of RFID in the workplace. While the future and potential uses of RFID has gotten a lot of press lately, not much discussion has taken place about the thousands of companies that are currently using the technology for controlling access to buildings. Few companies have policies about how the information collected will be used and how long it will be maintained. In short, companies need to give this matter some thought, document their practices and let their employees know about it.
RAND | Privacy in the Workplace: Case Studies on the Use of Radio Frequency Identification in Access Cards:"Companies use RFID workplace access cards to do more than just open doors (e.g., for enforcing rules governing workplace conduct). Explicit, written policies about how such cards are used generally do not exist, and employees are not told about whatever policies are being followed. Using such systems has modified the traditional balance of personal convenience, workplace safety and security, and individual privacy, leading to the loss of "practical obscurity." Such systems also raise challenges for the meaning and implementation of fair information practices."
Thanks to the Surpriv blog for the link: Surpriv: RFID Surveillance and Privacy: RAND Study of RFID Access Badge Data Policies and Practices.
Labels: information breaches, rfid, surveillance
The Canadian Privacy Law Blog is licensed under a
Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.