alt.uk.law

"Tom Reason" <@> wrote in message
news:$@...
> Evening all,
>
> A quick intro: I go to Peterborough Regional College as a degree student
> (wish I hadn't now but hindsight is a wonderful thing etc.) The college
> introduced London underground style access barriers at the end of October
> 07.
> At the start of the year (September 07) all 15,000 students plus Staff
> were given an ID card. The card has our name, student number and
> photograph on the front. It now transpires that the cards are RFID cards.
> We were not told this at any point and interestingly the college has still
> not formally told me this. The penny only dropped when we were told we had
> to wave the card around in front of a sensor to get the gates to open for
> us.
>
> In response to my enquiries I have been told that the following data is on
> the chip:
>
> First Name
> Surname
> Student ID
> Unit E ID
>
> Unit E is a computerised student tracking system that records attendance,
> grades, targets, etc.
> AFAIK the data is not encrypted on the chip although I am awaiting
> confirmation of this.
>
> As you may all know, RFID tags can be read from up to two meters away by
> commonly available hand held readers. Specialist readers with whacking
> great antenna on them can read data from several miles. The important
> point is that does putting personal data on the cards constitute a breach
> of the Data Protection Act as it can be read by anyone with a scanner in
> close proximity.
> I choose who I show the card too. If I don't want to show the information
> on it to someone I simply keep it in my pocket. The RFID tag robs me of
> that option.
>
> I'm in the process of composing a complaint and will mention that I think
> this is a breach of the act. However if anyone else has an opinion to
> offer I would be pleased to hear it.
>

Get a metal slip case for the card.