IoT Security Blog

Articles and Posts on IoT Security, Embedded Systems, and the Internet of Things

RFID Bill Passes in California

Contributed by Joanne C. Kelleher

After 22 months of effort, California’s governor, Arnold Schwarzenegger, signed SB 31 into law on Tuesday. This bill was originally part of a larger effort to limit RFID by CA Senator Simitian.

This bill would provide that a person or entity that intentionally remotely reads or attempts to remotely read a person’s identification document using radio frequency identification (RFID) without his or her knowledge and prior consent, as described, shall be punished by imprisonment in a county jail for up to one year, a fine of not more than $1,500, or both that fine and imprisonment, except as specified.

Exemptions allow health care workers and law enforcement to scan RFID tags in certain situations.

View the bill details at http://www.leginfo.ca.gov/cgi-bin/postquery?bill_number=sb_31&sess=CUR&house=S&author=simitian

As I commented in my first entry on this topic – California Senate Approves Bill To Outlaw Skimming RFID Tags – I’m not sure how this is going to be enforced.

I suspect that anyone who goes to the effort to read an identification document without consent, whether with RFID or not, and is planning to do something with that information that is already illegal won’t be deterred by this new law.

Too bad that all of the energy to get this bill passed couldn’t have been applied to making RFID enabled identification documents more secure.