12.8.2011   

EN

Official Journal of the European Union

CE 236/24

A.

whereas the internet has developed rapidly in the last 25 years and this development is forecast to continue in terms of both distribution – with the expansion of broadband – and new applications,

B.

whereas the Internet of Things (IoT) is able to meet the expectations of society and of citizens, and whereas research is needed in order to understand what those expectations are and the areas in which sensitivities about, and concern for, personal privacy and information may block applications,

C.

whereas information and communication technologies (ICT) are important in that they promote social development and economic growth and encourage research, innovation and creativity among European public and private bodies,

D.

whereas the EU should devise a common framework of reference in order to frame and strengthen rules on system governance, confidentiality, information security, ethical management, privacy, the collection and storage of personal data and consumer information,

E.

whereas the term ‘Internet of Things’ refers to the general concept of objects (both electronic artefacts and objects in everyday use) that can be read, recognised, addressed, located and/or controlled remotely through the internet,

F.

whereas the Internet of Things is expected to develop rapidly in the years ahead and thus requires safe, transparent and multilateral governance,

G.

whereas the internet of the future will go beyond the present traditional boundaries of the virtual world by being linked to the world of physical objects,

H.

whereas radio frequency identification (RFID) and other IoT-related technologies have advantages over bar codes and magnetic strips, and have many more applications, which can be interfaced with other networks – such as mobile phone networks – and could be developed still further once interfaced with sensors measuring aspects such as geolocation (e.g. the Galileo satellite system), temperature, light, pressure and g-forces; whereas the widespread introduction of RFID chips should significantly reduce their unit price as well as the cost of the respective readers,

I.

whereas RFID technology may be regarded as a catalyst and accelerator for the economic development of the information and communication industry,

J.

whereas RFID technology and other IoT-related technologies are already being applied in the manufacturing, logistics and supply-chain sectors, offer benefits in terms of product identification and traceability and have promising potential for developments in many other areas, such as health care, transport and energy efficiency, environment, retail and the fight against counterfeiting,

K.

whereas, as with all e-Health systems, the design, development and implementation of RFID-enabled systems require the direct involvement of healthcare professionals, patients and relevant committees (on data protection and ethics, for example),

L.

whereas RFID can help to increase energy efficiency and reduce greenhouse gas emissions, and offer product-level carbon accounting,

M.

whereas RFID technology and other IoT-related technologies can benefit the public in terms of quality of life, safety,security and well-being, provided that facets relating to the protection of privacy and of personal data are properly managed,

N.

whereas there is a need for sustainable, energy-efficient communication standards that focus on security and privacy and use compatible or identical protocols at different frequencies,

O.

whereas all everyday objects (such as transport cards, clothes, mobile telephones and cars) could ultimately be fitted with RFID chips, which will quickly take on major economic importance owing to the wide range of applications for which they may be used,

P.

whereas the Internet of Things will permit the networking of billions of machines, which will be able to communicate and interact with one another via wireless technologies combined with logical and physical addressing protocols; whereas the Internet of Things should, through the use of electronic identification systems and wireless mobile devices, enable digital entities and physical objects to be identified directly and conclusively so as to allow the data they contain to be retrieved, stored, transferred and continuously processed,

Q.

whereas the miniaturisation of products used in the Internet of Things involves technological challenges, such as in incorporating electronics, sensors and the power supply and RFID transmission system into a chip measuring only a few millimetres,

R.

whereas, although RFID chips will be used in a still-wider range of applications in the future, this technology raises new data-protection issues, the most significant of which is the fact that the chips are totally or well-nigh invisible,

S.

whereas industry standards are very important, whereas RFID standardisation needs to mature and whereas the RFID standard mandate assigned jointly to the CEN and the ETSI (European Standard Organisations) in 2009 will therefore contribute to more innovative products and services using RFID,

T.

whereas it is important to raise European citizens’ awareness of new technologies and their applications, including their social and environmental impact, and to promote digital literacy and e-skills among consumers,

U.

whereas the development of the Internet of Things should be inclusive and accessible to all EU citizens, and be supported by effective policies aimed at closing the digital gap within the EU and empowering more citizens with e-skills and a knowledge of their digital surroundings,

V.

whereas the benefits of IoT-related technologies must be strengthened through effective security, which is an essential feature of any development at risk of jeopardising the security of personal data and the public’s trust in those who hold information about them,

W.

whereas that the social impact of the development of the Internet of Things is unknown, and may widen the current digital divide or create a new one,

1.

Welcomes the communication from the Commission and endorses in principle the broad outlines of the action plan to promote the Internet of Things;

2.

Takes the view that the expansion of the Internet of Things will enhance person-to-thing and thing-to-thing interaction, which can bring tremendous benefits for EU citizens if it respects security, data protection and privacy;

3.

Endorses the Commission’s focus on safety, security, the protection of personal data and privacy and governance of the Internet of Things, because respect for privacy and the protection of personal data, together with openness and interoperability, is the only way IoT will gain wider social acceptance; calls on the Commission to encourage all European and international stakeholders to tackle cyber security-related threats; calls on the Commission, in this connection, to encourage the Member States to implement all existing international cyber security provisions, including the Council of Europe Convention on Cybercrime;

4.

Firmly believes that protection of privacy constitutes a core value and that all users should have control over their personal data; calls therefore for the adaptation of the Data Protection Directive to the current digital environment;

5.

Appreciates the fact that the Commission is reacting in a timely way to the new developments in this sector, thereby enabling the political system to set rules at an early enough stage;

6.

Stresses that a precondition for promoting technology is the introduction of legal provisions to reinforce respect for fundamental values and for the protection of personal data and privacy;

7.

Stresses that security and privacy issues should be addressed in the forthcoming standards, which must define different security features ensuring confidentiality, integrity or the availability of services;

8.

Calls on the Commission to coordinate its work on the Internet of Things with its overall work on the digital agenda;

9.

Calls on the Commission to conduct an assessment of the impact of using the current ‘internet’ network infrastructure for IoT applications and hardware, in terms of network congestion and data security, in order to determine whether IoT applications and hardware are compatible and appropriate;

10.

Takes the view that the development of the Internet of Things and related applications will have a major impact on the daily lives of Europeans and their habits in the years ahead, leading to a broad range of economic and social changes;

11.

Believes that it is necessary to build an inclusive Internet of Things, avoiding from the outset the risk – at both Member State and regional level – of unequal development, spread and use of IoT technologies; notes that the Commission’s communication does not give enough consideration to these issues, which should ideally be dealt with before the Internet of Things is further developed;

12.

Calls on the Commission to take account of less developed regions of the Union in the context of ICT and Internet of Things planning; calls on the Member States to secure co-financing for the implementation of these technologies and other ICT projects in such regions, so as to ensure their participation and prevent them being excluded from common European ventures;

13.

Stresses that, while the use of RFID chips can be effective in combating counterfeiting, preventing the abduction of babies from maternity wards and identifying animals, as well as in a range of other areas, it can also be dangerous and create ethical problems for individuals and for society, against which appropriate safeguards will need to be found;

14.

Stresses the importance of studying the social, ethical and cultural implications of the Internet of Things, in the light of the potentially far-reaching transformation of civilisation that will be brought about by these technologies; takes the view, therefore, that it is important for socio-economic research and political debate on the Internet of Things to go hand in hand with technological research and its advancement, and calls on the Commission to set up a panel of experts to carry out an in-depth assessment of these aspects and propose an ethical framework for the development of related technologies and applications;

15.

Points out that RFID technology and other IoT-related technologies for the intelligent labelling of products and consumer goods, and for things-to-person communication systems, can be used anywhere and in practice are quiet and unobtrusive; calls, therefore, for such technology to be the subject of further, more detailed, assessments by the Commission, covering, in particular:

and for it to be the subject of a specific European regulation, if appropriate;

16.

Stresses that the consumer has the right to privacy by opt-in and/or privacy by design, notably through the use of automatic tag disablement at the point of sale, unless the consumer expressly agrees otherwise; notes in this regard the opinion issued by the European Data Protection Supervisor; points out that consideration must be given to privacy and security at the earliest possible stage in the development and deployment of any IOT technologies; underlines that RFID applications must be operated in accordance with the rules on privacy and data protection enshrined in Articles 7 and 8 of the Charter of Fundamental Rights of the European Union; calls on the Commission to reflect on citizens’ right to choose non IoT-equipped products or to disconnect from their networked environment at any time;

17.

Notes that, while passive RFID tags are limited in range, active RFID tags can transmit data at much greater distances; stresses, in this connection, that clear guidelines must be laid down for each individual type of RFID;

18.

Calls on the Commission to clarify the issue of who owns and controls data that is automatically collected and interpreted;

19.

Calls on manufacturers to secure the right to ‘chip silence’ by making RFID tags removable or otherwise easily disabled by the consumer after purchase; stresses that consumers must be informed about the presence of either passive or active RFID tags, the reading range, the kind of data shared – either received or transmitted – by the devices and the use of those data, and that this information must be clearly marked on any packaging and set out in more detail in any documentation;

20.

Calls for RFID application operators to take all reasonable steps to ensure that data does not relate to an identified or identifiable natural person through any means likely to be used by either the RFID application operator or any other person, unless such data is processed in compliance with the applicable principles and legal rules on data protection;

21.

Stresses that, given that the chips attached to retail products are not intended for use outside retail outlets, it should be possible for them to be factory-fitted with devices that will deactivate them and thus limit data retention;

22.

Believes that consumers should be given the opportunity to opt-in or opt-out of the Internet of Things, including the ability to opt-out of individual IoT technologies without disabling other applications or a device as a whole;

23.

Stresses the need for the highest possible level of device security and secure transmission systems to be included in all IoT technologies in order to prevent fraud and allow proper device identity authentication and authorisation; notes the potential for identification and product fraud through the cloning of IoT tags or the interception of shared data; calls on the Commission, therefore, to ensure the development of a transparent IoT system that takes into consideration the following aspects in particular:

24.

Considers it a priority to ensure a global regulatory framework and specific timescales at European level in order to encourage and facilitate public and private investment in the field of the Internet of Things and in smart networks needed to support the development of new technologies;

25.

Notes that, while RFIDs are important, other technologies also form part of the Internet of Things; stresses that research on funding and governance issues should also be directed to these technologies;

26.

Calls on the Commission to consider using IoT applications to advance several ongoing EU initiatives such as ‘ICT for energy efficiency’, ‘smart metering’, ‘energy labelling’, ‘energy performance of buildings’ and ‘protection form counterfeit medicinal and other products’;

27.

Calls on the Commission to monitor possible new threats presented by the vulnerability of highly interlinked systems;

28.

Calls on the Commission to make further efforts to ensure that IoT-related technologies include user requirements (e.g. a traceability de-activation option) and respect individual rights and freedoms; recalls in this context the key role played by the European Network and Information Security Agency (ENISA) in ensuring the security of networks and information and, consequently, of the Internet of Things, which will help to build acceptance and trust among consumers;

29.

Takes the view that the development of new applications and the actual functioning and business potential of the Internet of Things will be intrinsically linked to the trust European consumers have in the system, and points out that trust exists when doubts about potential threats to privacy and health are clarified;

30.

Stresses that this trust must be based on a clear legal framework, including rules governing the control, collection, processing and use of the data collected and transmitted by the Internet of Things and the types of consent needed from consumers;

31.

Believes that the IoT encompasses many benefits for people with disabilities and may be a way to meet the needs of an ageing population and provide assertive care services; emphasises in this context that with the assistance of this technology, blind and visually impaired persons can experience their environment more fully through the use of electronic aids; stresses, however, that measures need to be taken to ensure privacy protection, ease of installation and operation and the provision of information to consumers about such services;

32.

Stresses that follow-up costs – such as the electricity consumption of the application and the deployment of things – must be transparent to the consumer;

33.

Believes that the Internet of Things and ICT projects in general require broad information campaigns to explain to citizens the purpose of their implementation; stresses that informing and educating society about the potential uses and clear benefits of items such as RFID is crucial in order to prevent the project being misinterpreted and failing to attract citizens’ support; underlines that, in order to make full use of the Internet of Things, for both individual and common benefit, users need to be provided with the e-skills necessary to understand these new technologies, and must be motivated and able to make proper use of them;

34.

Notes that the Internet of Things will lead to the collection of truly massive amounts of data; calls on the Commission, in this connection, to submit a proposal for the adaptation of the European Data Protection Directive with a view to addressing the data collected and transmitted by the Internet of Things;

35.

Believes that a general principle should be adopted whereby IoT technologies should be designed to collect and use only the absolute minimum amount of data needed to perform their function, and should prevented from collecting any supplementary data;

36.

Calls for a significant amount of the data shared by the Internet of Things to be made anonymous before being transmitted, in order to secure privacy;

37.

Points out to the Commission that other parts of the world, in particular Asia, are developing faster in this sector, and that a proactive approach and close cooperation with the rest of the world will therefore be necessary when drawing up rules applicable to the political system and laying down technical standards for the Internet of Things;

38.

Stresses that, in order to revive the European economy, investment must be made in new information and communication technologies in order to facilitate economic growth by enabling ever-increasing numbers of European citizens and enterprises to gain access to new systems and new applications; emphasises that Europe should be at the cutting edge of the development of internet technologies; proposes that the EU’s ICT research budget be doubled and that the budget for ICT take-up be multiplied by four in the next Financial Perspective;

39.

Underlines that research will play a key role in creating competition between providers of the computing capacity that is required for IoT applications to function in real time;

40.

Calls on the Commission to continue and increase its funding for projects under the Seventh Framework Programme (FP) in the field of the Internet of Things in order to bolster the European ICT sector, and endorses the use of the Competitiveness and Innovation Framework Programme (CIP) to promote its expansion; calls, especially, for the development of pilot projects that may have an immediate positive effect on the everyday lives of European citizens in the areas of e-Health, e-Learning, e-Commerce, e-Accessibility and energy efficiency; is concerned, however, about the red tape associated with the FP and calls on the Commission to eliminate it by re-engineering FP processes and creating a users’ board;

41.

Believes that the Internet of Things has significant potential in terms of economic and productive development, better-quality services, the optimisation of corporate logistics and distribution chains, inventory management and the creation of new employment and business opportunities;

42.

Calls on the Commission to make an assessment of any impact that its proposed strategy might have on the productivity and competitiveness of European enterprises in the international market;

43.

Believes that the Internet of Things can contribute to the facilitation of trade flows between the EU and third countries through the expansion of markets and the securing of quality guarantees for the products traded;

44.

Stresses that RFID technologies will, on the one hand, enable European industries to control the volume of goods in circulation (i.e. by producing only when necessary, thereby protecting the environment) and, on the other hand, offer an effective means of combating piracy and counterfeiting, as it will be possible to trace the goods concerned;

45.

Believes that applying new technologies to production processes will increase the resource efficiency and market competitiveness of consumer goods;

46.

Stresses that intensive international dialogue and joint action plans are needed with respect to the Internet of Things; calls on the Commission to examine the effects of the Internet of Things on international trade;

47.

Endorses the Commission’s intention to continue to monitor and assess the need for additional harmonised spectrums for specific IoT purposes, taking into consideration the different characteristics and capabilities of various electromagnetic frequency bands, and calls therefore on the Commission, when setting the Union’s coordination and harmonisation objectives through the Multiannual Radio Spectrum Policy Programmes, to take into account the needs of the Internet of Things; stresses that such spectrums should remain publicly owned, and that their use should be regulated in such a way as to encourage and help fund more technological research and development in this field; believes that unlicensed spectrum should allow the use of new technologies and services (wireless networking) to emerge so as to foster innovation;

48.

Stresses the danger of legal uncertainty in the case of cloud computing;

49.

Takes the view that the involvement of all political levels (EU, national and regional) is an essential prerequisite for the effective development and take-up of the Internet of Things; emphasises the key role that regional and local authorities and cities will play in the development of the Internet of Things, moving it beyond the purely private sphere; points also to the extensive use that local authorities can make of the Internet of Things, for example in the organisation of public transport, waste collection, the calculation of pollution levels and traffic management; calls on the Commission to consult all political levels in its work on the Internet of Things, in a spirit of multi-level governance;

50.

Notes that the information provided by IoT technologies must be traceable, verifiable, and correctable in the event that a system based on it breaks down; stresses that, as these technologies are incorporated into safety systems, such as traffic control or temperature regulation, misinformation could put lives in danger;

51.

Stresses that new technologies are critical in order to simplify transportation chains, improve the quality and efficiency of transportation, support the development of intelligent transport systems and facilitate green corridors, and that RFID can offer innovative ways of conducting business operations while enhancing customer satisfaction;

52.

Takes the view that using the Internet of Things in connection with nature can help in the development of green technologies by increasing energy efficiency and hence also environmental protection, and enhance the relationship between ICTs and nature;

53.

Calls on the Commission to strive to establish common international norms for the standardisation of RFID and other IoT technologies and their applications, with a view to facilitating interoperability and an open, transparent and technologically neutral infrastructure; emphasises that, without clear and recognised standards such as the TCP5/IP6 in the internet world, the expansion of the Internet of Things beyond RFID solutions cannot reach a global scale;

54.

Supports the proposal to adopt as swiftly as possible the Internet Protocol version 6 (IPv6) as a basis for the future expansion and simplification of the internet;

55.

Welcomes the Commission’s intention to present, in 2010, a communication on security, privacy and trust in the information society; stresses the importance of that communication and of the proposed measures for strengthening the rules on aspects relating to information security, privacy and the protection of personal data; calls on the Commission actively to involve all relevant stakeholders, including the ENISA and the European Data Protection Supervisor;

56.

Believes in the importance of ensuring that all fundamental rights – not only privacy – are protected in the process of developing the Internet of Things;

57.

Believes that the Commission should make recommendations concerning the tasks and responsibilities of public administrative, legislative and law enforcement agencies with respect to the Internet of Things;

58.

Calls on the Commission to monitor closely the implementation of the European regulations already adopted in this area and to present, by the end of the year, a timetable for the guidelines it intends to propose at EU level for improving the safety of the Internet of Things and of RFID applications;

59.

Asks the Commission to initiate a social dialogue regarding the Internet of Things, and to provide information on the positive and negative effects of the new technologies on everyday life; calls on the Commission, therefore, to engage in proactive consultation with the European industry sector, and to encourage it to play a leading role in designing and proposing innovative, standardised and interoperable technologies;

60.

Calls on the Commission to involve small and medium-sized enterprises (SMEs) to an adequate extent in the Internet of Things action plan;

61.

Also calls on the Commission to keep it regularly updated on developments in the dialogue with operators in this field and with stakeholders, and on the initiatives it intends to take;

62.

Believes that the Commission should explore the possibility of further reducing data roaming costs;

63.

Stresses that the governance of the Internet of Things must keep ‘red tape’ to a minimum and involve all relevant stakeholders in the decision-making process, and calls therefore for proper and adequate regulation at EU level;

64.

Calls on the Commission to contribute actively to the definition and setting of principles and rules for the governance of the Internet of Things together with its trading partners in international forums such as the World Trade Organisation;

65.

Calls on the Commission to clarify which aspects of internet governance it feels need to be regulated at this time in relation to the Internet of Things, and which system will be able to safeguard the general public interest;

66.

Calls on the Commission, therefore, to analyse issues relevant to the governance of the Internet of Things with the help of operators in the sector; also considers it vital to analyse aspects relating to Wi-Fi security systems;

67.

Instructs its President to forward this resolution to the Council and the Commission, and to the governments and parliaments of the Member States.