Modality mix of RFID regulation

Abstract

This paper provides a general reflection on how law must manage the evolution of technology. By the example of radio frequency identification (RFID), it analyses the necessity of RFID regulation based on Lessig's four modalities law, norms, market and architecture. This paper suggests that a trade-off between or complementing of the four modalities is necessary for a holistic regulation of RFID. To support this claim, various topics of the draft recommendation on the implementation of privacy, data protection and information security principles in RFID applications by the European Commission of February 2008 are cross-examined with and attributed to one of the four modalities. This paper concludes that the draft recommendation does not provide precise supplementing legislation to justify its implementation. Many law-related issues of the draft recommendation can be traded off against or complemented by the other three modalities norms, market and architecture.