Can Pharma Lead the Debate over RFID and Privacy?

June 15, 2006
RFID can be used to empower drug buyers, not invade their privacy.

With plummeting prices, increased capabilities, and widespread adoption, RFID is quickly living up to its hype as the next major disruptive technology. Unfortunately, the RFID community is taking an “ostrich” approach to one of the most serious social issues presented by RFID, and when RFID and pharmaceuticals start to mix (and they already are), the gravity of the issue multiplies.

I’m talking about privacy, of course. In the consumer packaged goods (CPG) world, RFID has made deep inroads, and issues around privacy are no longer theoretical. In a country full of surveillance cameras, shopper loyalty cards, phone taps, credit cards, and facial recognition software, maybe we don’t really have any privacy. RFID is only one more potential way of tracking people. Privacy advocates, one could claim, are merely using RFID as the latest platform to stage an age-old debate.

But the RFID industry is losing a golden opportunity, and exposing itself to ethical dilemmas and liability that are avoidable. It’s one thing that someone could find out how much I paid for a pair of shoes. It’s an entirely different thing if my employer learns that I’m taking medication for a rare heart disease. That’s why RFID in pharma is profoundly different than RFID in CPG.

What if privacy could be incorporated into RFID-enabled products after sale? That way the consumer, and only the consumer, could view data stored on RFID tags. I, for one, would love to explore what kind of world we could create with if literally everything I owned could be immediately and automatically identified, located, and tracked — but only by me.

RFID raises serious privacy protection issues; some consumers are concerned about how information about the medications they purchase might be used. However, the author contends that RFID can be used to empower drug buyers, not invade their privacy. Image courtesy of

RFID-enabled goods would bring tremendous value to the public. Imagine a consumer who is concerned about a drug’s effectiveness. With the RFID tag still enabled long after the sale, the consumer scans the ID and looks up the complete history of the product and where it was at different stages of the distribution system. Manufacturers concerned about quality would watch their product go through the supply chain, identify risky behavior, and perform random tests on products right off the pharmacy shelves to ensure high-quality product. The ability to precisely track pharmaceuticals in this manner drastically increases the chances of catching counterfeiters. For peace of mind, many consumers might even demand RFID-enabled products and be happy to pay for the added value that RFID brings. In my opinion, privacy in RFID is a problem that is quite solvable, if industry or government research programs put forth the effort to look for answers.

Unfortunately, industry is not taking this issue seriously at all. Typically, companies are struggling to survive, post profits for the quarter, and define their market niche, and they tend to leave the long-term social planning to someone else. Who is that someone else? Technology advocates seem to dismiss any privacy concerns as paranoia and ignorance. Worse, one well-known research organization had internal documentation leaked that described their strategy to address privacy concerns: “Annihilate the opposition.”

Wisdom would indicate that if the industry did address the privacy issue, it would create new markets and accelerate the ubiquitous adoption of RFID. RFID can do so much more than help protect against counterfeiting and tracking pedigree. It is a bridge between the physical world and the “virtual” information world, and could change the way that people interact with physical objects in the same way that the Internet changed the way we interact with computers. The RFID industry has an enormous value proposition to society — if it can protect people’s privacy.

Who is going to show leadership?

About the Author

Daniel Deavours is an Assistant Professor at the University of Kansas and Director of Research of the RFID Alliance Lab ( He can be reached by email at [email protected].

About the Author

Daniel Deavours | Director of Research