Ubiquitous computing: An overview of technology ... - Semantic Scholar

45 downloads 77129 Views 221KB Size Report
and business, illustrating the findings by examples in retail, logistics and health care ... sive diffusion of fast, wireless networks and consumer-oriented services ... Besides economic policy targets, societal benefits such as, for instance, the main ...
Telematics and Informatics 28 (2011) 55–65

Contents lists available at ScienceDirect

Telematics and Informatics journal homepage: www.elsevier.com/locate/tele

Ubiquitous computing: An overview of technology impacts Michael Friedewald a,⇑, Oliver Raabe b a b

Fraunhofer Institute for Systems and Innovation Research, Breslauer Straße 48, 76139 Karlsruhe, Germany Karlsruhe Institute of Technology, Institute for Information and Economic Law, Am Fasanengarten 5, 76131 Karlsruhe, Germany

a r t i c l e

i n f o

Article history: Received 5 May 2010 Received in revised form 3 September 2010 Accepted 16 September 2010

Keywords: Ubiquitous computing RFID Technology assessment Business innovation Data protection

a b s t r a c t Ubiquitous computing is considered as a promising technological path of innovation. Intensive R&D activities and political strategies are addressing the objective to foster marketable technologies and applications. This article explores the state-of-the-art on the way towards the ‘‘Internet of things”. Which application fields have already proved their potential for realising the vision and promises related to the new technology? What are the technical, legal and social challenges that have to be addressed – and how can policy-makers contribute? We deal with these questions in the light of recent developments in research and business, illustrating the findings by examples in retail, logistics and health care. The article concludes that further efforts by all stakeholders from businesses, society and politics are necessary to make ubiquitous computing applications economically sustainable and socially compatible in order to tap its full potential. Ó 2010 Elsevier Ltd. All rights reserved.

Ubiquitous Computing has far-reaching impacts for citizens, businesses and society as a whole. To assess the impacts of the technology, the Office for Technology Assessment at the German federal parliament has recently finished a study (Friedewald et al., 2010) that will be presented hereafter. The analysis of the legal aspects and media coverage is focussed on the German context while the other aspects are generalisable. Moreover, this contribution seeks to address the impacts of ubiquitous computing rather than going into detail.

1. What is ubiquitous computing? Under the term ‘‘ubiquitous computing” (UbiComp) – coined by Xerox PARC Chief Scientist Mark Weiser (1991) – we understand the ubiquity of information technology and computer power, which in principle pervade all everyday objects. Computer power and information technology can thus be applied in many areas ranging from industrial production up to private, everyday life with a new quality. Ubiquitous computing suggests countless very small, wirelessly intercommunicating microprocessors, which can be more or less invisibly embedded into objects. Equipped with sensors, these computers can record the environment of the object in which they are embedded and provide it with information processing and communication capabilities. Such objects have a new, additional quality – they ‘‘know”, for example, where they are, which other things are in the vicinity and what happened to them in the past. In the long term, ubiquitous computing can pervade all spheres of life: it promises to increase comfort in the private home area and to improve energy efficiency; ‘‘intelligent” vehicles may make roads safer; adaptive personal assistance systems could raise work productivity in the office; and in the medical field, implantable sensors and micro-computers monitor the health of the user (Aarts and Encarnaçao, 2005). ⇑ Corresponding author. Tel.: +49 721 6809 146. E-mail addresses: [email protected] (M. Friedewald), [email protected] (O. Raabe). 0736-5853/$ - see front matter Ó 2010 Elsevier Ltd. All rights reserved. doi:10.1016/j.tele.2010.09.001

56

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

This ubiquity is reflected in a large number of almost identical concepts, such as ‘‘pervasive computing”, ‘‘ambient intelligence” and ‘‘the Internet of things ”. In practice, the differences between these terms is of rather an academic nature: common to all is the goal of assisting people as well as a continuous optimisation and promotion of economic and social processes by numerous microprocessors and sensors integrated into the environment. The following features characterize ubiquitous computing (Bizer et al., 2006; Gabriel et al., 2006):     

Decentralisation or modularity of the systems and their comprehensive networking, embedding of the computer hardware and software in other equipment and objects of daily use, mobile support for the user through information services anywhere and any time, context awareness and adaptation of the system to current information requirements, automatic recognition and autonomous processing of repetitive tasks without user intervention.

Typical devices include small mobile computers, further developments of today’s mobile telephones, so-called ‘‘wearables” like intelligent textiles or accessories as well as computerized implants.

2. Ubiquitous computing in an international comparison In the past, ubiquitous computing and related concepts have found their way into the research policy of most developed nations, which, however, pursue different models. The new technologies are used here as a means to realize very different objectives, which range from maintaining a scientific-technological position of excellence via ensuring and expanding economic competitiveness to transforming and modernising society. In the United States ubiquitous computing was already on the agenda of the most important civilian and military research promotion institutions in the late 1990s. Since 1999, issues of ubiquitous computing (universal networking, embedded systems) are represented in the list of the most significant trends in information technology of these institutions, although there was no comprehensive socio-political vision (Estrin, 2001). In Japan, the creation of the so-called Ubiquitous Network Society represented an important focus of the state and industrial research agenda, at least since 2003/04. The goal of this program, which was largely formulated by industry, was a massive diffusion of fast, wireless networks and consumer-oriented services – quite in the tradition of mobile communications in Japan. This vision is called ‘‘u-Japan”, whereby ‘‘u” stands not only for ubiquitous but also for universal, user-oriented and unique, which illustrates the individualistic character of the Japanese initiative (Srivastava and Kodate, 2005). Like Japan, South Korea also aimed to become one of the leading ubiquitous network societies. In recent years, Korea has especially accelerated the expansion of its broadband network and is one of the leaders in implementing innovative ICT in products. On the whole, Korea today is a pioneer in realising the information society and according to the estimates of the International Telecommunication Union, ‘‘is already swimming in information today”. Other than in Japan, Europe or the USA, the Korean plans have less an individual than a universal societal benefit in mind (Reynolds et al., 2005). Singapore is today already completely equipped with broadband and wireless networks and is regarded as an ideal testing bed for new applications. In addition to the network infrastructure, Singapore should develop into a ‘‘ubiquitous information society”, according to government plans. Besides economic policy targets, societal benefits such as, for instance, the maintenance of the cultural diversity of the multi-ethnic state of Singapore are specifically addressed (Lie, 2005). The European Union preferred the term ‘‘ambient intelligence” for a long time, in which the needs of people should be foremost with less emphasis on the technical possibilities. Not only the competitiveness of the European Economic Area should be encouraged, but also the transition to a dynamic knowledge society supported. In this context, societal needs have to be taken into account (IST Advisory Group, 2005). Although aspects of ubiquitous computing were already addressed in Germany at an early stage in the context of the Futur foresight process and the strategy debates of the large research organisations, the federal government only started paying real attention to the topic with the Innovation Initiative in the year 2005. In the High-tech Strategy, the ‘‘Internet of things” finally developed into a ‘‘lighthouse topic”, whereby the focus lies less on consumer-oriented than on business or industrial applications (BMBF, 2007; BMWi/BMBF, 2007).

3. Technical basis of ubiquitous computing Many factors are driving the progress of information technology at quite different levels: the increased performance of important components and production processes, better methods to create software, more efficient programming languages and operating systems, innovative concepts for man-machine interaction and still many more. As a typical crosscutting technology, ubiquitous computing utilizes the whole range of modern information and communication technologies (ICT), whereby the advances in communication technology, microelectronics, the energy supply, in user interfaces, information security, sensors and localisation technology are of particular significance. In the field of microelectronics, it can be assumed that, according to Moore’s Law, in the coming 10 to 15 years, logic and memory elements will become even smaller, more powerful and cheaper at the same time. New materials such as

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

57

semi-conducting polymers help to ensure that electronic systems will be embedded in almost all conceivable objects and require less energy to operate (Chalasani and Conrad, 2008; Alcañiz and Rey, 2005). Communication technology, in particular mobile communication, is considered the key technology in ubiquitous computing. Here it is to be expected that besides the ‘‘classical” technologies like the Ethernet or UMTS, increasingly self-organising ad hoc networks and a number of powerful, close-range technologies will occur. Among the important technologies of the personal area networks belong primarily near field communication (NFC) and ultra-wide band technology (UWB), which enable a secure broadband transmission, as will be common in the future in the data exchange between the end devices and between terminal devices and communication infrastructure (Lagasse and Moermann, 2005). In order to be able to interact with invisible, embedded information systems, innovative user interfaces are necessary which permit a ‘‘natural” interaction (e.g., by speech or physical interaction). The new type of interaction includes also the automatic capture of the context, which is not just about the registration of external parameters (e.g., location), but increasingly also to identify the user’s emotional states or his intended actions (e.g., the automatic recognition of critical situations in medical monitoring systems). Only with the most accurate knowledge of each context is it possible to offer services in response to individual locations and situations and to delegate certain tasks completely to technology (Wasinger and Wahlster, 2005). For context detection, powerful, light and cheap sensors are required, which are even today used in some pilot applications (e.g., in monitoring cold chains). Promising for the future are also so-called sensor networks, i.e., sensors with communication capabilities, which more or less autonomously monitor their surroundings and transmit the registered data regularly or on request to the operator/user Fuji, 2008, 2009. Radio frequency identification (RFID) is the most common technique for identifying and localising objects from a distance (Garfinkel and Rosenberg, 2006). This automatic identification (auto ID) is an important basis for many of today’s applications of ubiquitous computing. On the RFID chip, a unique identification number and further information can be saved or read and vice versa; up to several hundred bits of information can be stored wirelessly on the chip. This takes place in split seconds and at a distance of up to several meters. Today, RFID chips including a paper-thin antenna (together called RFID transponders) cost between a few cents and more than EUR 100, according to their performance. The RFID technology is being driven by possible applications in the field of logistics: if products can automatically reveal their identity on demand, then a continuous tracking and tracing of the flow of goods throughout the complete supply chain without manual interventions can be guaranteed. In addition to the identification number on the RFID chip, further information pertaining to an object can be saved in a remote database. Thus, after the identification number is read, this additional information can be retrieved via a mobile or fixed connection, so that any amount of detailed information can be ‘‘attached” to things or persons. This opens up application possibilities, which extend far beyond an automatic storage system and a monitoring of supply chains. Even if the basic principle of automatic identification by means of RFID is relatively simple, a large number of open questions and unresolved problems still prevent broad diffusion. The costs of the RFID transponders and system integration are still the greatest barriers to introducing RFID to the consumer goods market. Here, however, through the use of new materials and production processes (polymer electronics), cost reductions and greater cost efficiency are becoming apparent. The realization of economies of scale, however, depends to a considerable extent on the standardisation of RFID technology, which is currently one of the greatest international challenges. The point is that existing solutions and the different requirements of various applications must be taken into account in the definition of a (generic) standard (Want, 2006; Garfinkel and Holtzman, 2006). Questions of information security are of paramount importance for the users of RFID, because although RFID systems should be open in order to utilize network effects, they can also allow access to security-essential or competition-critical information. A further complication is that the RFID chips are normally not powerful enough to implement cryptographic procedures (Juels, 2007). Finally, the consequences for the environment of manufacturing and disposing of millions of disposable RFID chips are still unknown (Erdmann et al., 2009). From the technical point of view ubiquitous computing will be realized in two phases (Gabriel et al., 2006):  In the present first phase, the possibilities of auto-ID technologies will be utilized above all, in particular in RFID, which contribute towards equipping objects in the real world and persons with information technologies. Especially in the business environment, this enables a seamless communication, which is the basis for a great variety of (new) applications. These are primarily utilized to control processes and material flows more efficiently. For the private user, new information services emerge in this phase, through which mobile devices will be upgraded. The technical preconditions for the new functions and features are an increased performance of the devices, further miniaturisation and the possibility of ad hoc networking.  The second phase of ubiquitous computing is characterized by an increasing integration of previously separate solutions and individual end devices to a completely networked information system. This can lead to the replacement of conventional devices by specialized devices (e.g., wearables) or by ‘‘ambient interfaces” and ‘‘responsive environments” which will be jointly used by many users. The increased use of sensors will enable these systems to recognize their users and environment and thus to process recognized tasks autonomously to a certain extent.

58

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

From a methodological point of view, it is necessary to differentiate between technologies and applications already in use (RFID and its applications) where impacts have been investigated empirically and visions that may or may not become true. For the latter, a kind of scenario approach was chosen to do a vision assessment that tries to grasp the impact of not yet existing technologies and applications (Grunwald, 2004)

4. Applications of ubiquitous computing Due to its cross-cutting character, many applications of ubiquitous computing are possible in the business, public and private fields. This study concentrates on the economically or societally significant and pioneering applications in trade, logistics, industry (especially in automobile production), transport and healthcare, as well as personal identification. 4.1. Retail Applications in retailing are currently based on the use of cheap RFID transponders, which (as a supplement or replacement for barcodes) are attached to product packaging or larger containers. In this way, it becomes possible to identify goods at any time and at any point along the supply chain. Based on this information, it is possible to predict supply and demand for certain products more quickly and accurately and to organize procurement, picking, packing and distribution more efficiently (Chopra and Sodhi, 2007; Lapide, 2004). Among the multiple possibilities for utilising RFID in retail are the automatic registration and identification of goods deliveries, a more efficient inventory management and the automatic recording of the inventory as well as of goods in the customer’s shopping basket, the possibility to trace products using an electronic ‘‘family tree” and, last but not least, improved protection against theft. Preconditions for a broad and successful introduction of these applications in trade are uniform standards, which make an exchange of information along the supply chain possible. Additionally, it is imperative that as many stakeholders as possible participate in the systems. Due to the dominance of a few large commercial chains that can dictate conditions to their suppliers, the conditions are looking good. On the other hand, trade with consumer goods is very competitive and the price pressure correspondingly high. Consequently, the leeway for investing in new IT infrastructures and equipping products with RFID transponders is very restricted. Thus, RFID labels are still too expensive for many lowpriced goods or those with a very small profit margin. On the other hand, the costs and expected benefits are unequally distributed among the actors. Before ubiquitous computing can become a success story in retail, further technical advances, but also a general agreement of the companies about the distribution of costs and benefits is absolutely necessary. An increase in profits as a result of UbiComp can initially be achieved only by further rationalisation and process optimisation (Fleisch, 2004, 2006). Losers in this development are likely to be, above all, smaller specialist shops and retailers as well as employees with low qualifications. Economic profit as a result of ubiquitous computing can be expected in the mid term at best and only if the suppliers succeed in developing new additional functions and services for which the customer feels a real need and for which he is willing to pay. These will not only make use of RFID technology but of the broader spectrum of sensors and communications technologies that will become available. In such integrated and individualized shopping worlds, all products will be accompanied by extensive supplementary information which permit more rationalisation via the automatic recording and accounting of the goods purchased, and will also create new offers to clients. These range from customized advertising, which mainly benefit the seller, to information about ingredients or best-by dates, which provide greater transparency for the client. Finally, one can expect to see innovative services ranging from customized delivery to customer service offers from which both sides should equally benefit (METRO Group, 2008; Spiekermann, 2009). In view of the high investment costs for a ‘‘networked shopping world”, it is still unclear whether such offers can be operated economically. Mixed financing is conceivable here, in which user fees, advertising revenue and marketing customer data could be considered, although it is unclear how this would affect the acceptance of such services. 4.2. Industrial production and material management The automobile industry, one of the pillars of Germany industry, has for years been a pioneer in the use of RFID, where the technology has been utilized primarily in in-house processes. It can be regarded as representative for applications of ubiquitous computing in industrial production and material management. The main tasks are the monitoring of raw materials, goods and intermediates as well as the utilization of intelligent transport containers. As in retail and logistics, the optimisation of existing processes and increasing efficiency and productivity are the primary focus. Applications emerge particularly for the areas of production logistics, control of machines and equipment as well as the optimisation of the utilization and availability of production facilities. The starting point is the information automatically collected during manufacturing, which replaces a great number of manual counting, scanning, data collection and control operations and which can be used to control the production process and the synchronisation of the interfaces with other steps in the value creation chain. This can reduce waste and production stoppages caused by a lack of loading equipment and almost completely avoid misdirected items (Schmitt et al., 2008; Fleisch and Tellkamp, 2006).

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

59

Manufacturing companies use ubiquitous computing, however, not only internally to increase production efficiency, but also for other reasons. For instance, recall actions can be planned more precisely if only single batches or tranches are involved which are documented in detail in data records. Further applications are in container management and in quality control for certain tools (Schmitt et al., 2008). Most of the RFID projects currently being undertaken in automobile production are pilot projects. A continuous support of the goods and information flow combined with a closed container loop from the supplier to traders and repair workshops via ubiquitous computing are among the long-term plans of the manufacturing companies. Similar to the situation in retail, however, a worldwide standardisation of the technology and the data formats used would be beneficial. Parallels to retail applications exist also in the challenges which arise from the branch structure, with a few manufacturers and a large number of mostly medium-sized component suppliers. Here too the question must be answered: who can make the necessary investments and how can an additional benefit be fairly distributed among the stakeholders? 4.3. Transport logistics In logistics, it is important to know where the goods are at any time. In the long term, ubiquitous computing furthers this goal, in that transported objects are equipped with communication and computing capabilities. For a more efficient flow of goods and information from suppliers to enterprises, containers, pallets and products will be universally equipped in the mid term with RFID transponders, which will improve traceability and transparency in the supply chain. Thus, the logistics processes can be optimized from the process planning and steering to the handling of goods and information flows. Improving efficiency in the form of automatisation and rationalisation is necessary for firms in the hotly contested international logistics business, for reasons of competitiveness alone. The rationalisation potentials lie not only in internal processes, but also in the co-operation with partners from industry and trade, with whose systems the technology used must be compatible (Reyes et al., 2007; Chopra and Sodhi, 2007). The medium- to long-term goal is the creation of logistic networks, in which ‘‘intelligent objects” that detect their surroundings through advanced sensors can autonomously find their way to the addressee (ten Hompel, 2008). However, a number of technical conditions must be fulfilled first, not least of which are the definition of international standards for the technology and applications as well as the exclusive reservation of further frequencies, if possible, agreed with the USA and Japan. Through the use of UbiComp, logistics service providers will increasingly become all-round service providers, managing the data resulting from the monitoring of the goods flows. 4.4. Personal identification and authentication The proof of a person’s identity is an important feature of many applications of ubiquitous computing. Today, this plays a role primarily in applications for access control or payment procedures. The significance of this function will increase in future, because innovative applications should not only be location- and context-dependent, but tailor-made to suit the individual user. German passports, for instance, have been equipped since November 2007 with an RFID chip on which the digitized prints of both index fingers are stored along with the usual personal data. After some experts initially expressed doubts about the security mechanisms against unauthorized reading, now even non-governmental organisations such as the Chaos Computer Club assess the technology used as safe. Much more controversial, however, are the general reliability and usefulness of bioˇ íha, 2009; Gipp et al., 2007). metrics (R UbiComp technology, especially RFID, is also already very widespread in entrance tickets for events and ski passes. Although only few potentially critical data are collected in these contexts, their use in public spaces and the operation of the systems by private sector companies is not without problems, because in some cases very detailed patterns of movements and behaviour can be collected which can be utilized not only for the purposes of public safety, but for marketing. The RFID usage for the entry tickets for the FIFA Football World Cup in 2006 was considered by data protection authorities to be inappropriate and not compatible with data protection regulations (van’t Hof, 2007). Of particular concern from an ethical and data protection perspective are RFID implants, which are used explicitly in the long-term surveillance of ‘‘chipped” persons, even if this ostensibly serves a good purpose, such as preventing kidnappings. 4.5. Health care It is expected that the use of ubiquitous information technology can also help to meet the societal challenges posed by demographic change. Specifically, it is hoped that an increase in process efficiency and productivity will limit the costs in the healthcare system. Simultaneously, ubiquitous computing opens up possibilities for a better quality of care. The healthcare applications have a rather medium- to long-term implementation perspective, as they place much higher demands on the technology performance, in particular, of sensors. The proponents of ‘‘pervasive healthcare” see possible applications in diagnostic, therapeutic, nursing and documenting functions. Within healthcare facilities, for example, a higher quality is expected through more extensive information of the medical and nursing personnel and relieving them of administrative tasks.

60

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

In assisting elderly and/or chronically ill people in their home environment, information technology is regarded as an essential resource that can be deployed to improve the quality of life and enrich everyday life in old age. Ubiquitous computing has been addressed in this context for some years under the terms health telematics and, more recently, ‘‘ambient assisted living” (AAL). AAL includes concepts, products and services, which combine the new technologies and the social environment of the parties involved. The goal is to improve the quality of life for elderly and ill persons at home (Fishkin and Lundell, 2006; Doughty et al., 2007). A component of such systems is the automatic remote and self-monitoring and diagnosis for patients, which improve the possibilities for home care and medical care and support self-sufficiency and independent living. For this purpose, the vital parameters and motion data of the patients are recorded; the home environment is also monitored. The necessary sensors can be integrated in clothing and the collected data is sent, for example, to a microcomputer embedded in a belt. In emergencies, an alarm is set off, depending on the seriousness of the situation. The modelling of age-related, medical-psychological scenarios presents a special challenge in this context. Ambient assisted living has been massively promoted in recent years, but until now (mid-2010), there are hardly any marketable products or even a market for AAL products and services. In addition to the large number of involved stakeholders from the ICT industry, the healthcare professions, manufacturers of medical equipment and the housing industry, the lack of interoperability of technical solutions, the lack of standards as well as the issue of financing within the German health insurance system are considerable market barriers. The use of ubiquitous computing to optimize processes in the healthcare system largely follows the same logic, which is found in trade, industry and logistics. Such systems for integrated patient or hospital management should ensure an increased planning and scheduling security of medical examinations and high utilization of medical equipment. Today’s systems, however, support only single processes such as access management and obligatory documentation, automatic localisation of patients, materials and equipment or the mobile monitoring of measured data. For the transition to integrated hospital management, a timely and detailed coverage of the current situation by means of different sensors and input devices is technically necessary. In particular, the location of equipment, persons and patients within the entire hospital environment must be ascertainable by means of suitable techniques. In order to be able to appropriately support the personnel and patients, different contexts must be automatically recognized. Some doctors are questioning whether such scenarios individually or as a whole can really contribute towards facilitating work or simplifying processes or only encourage the tendency towards the ‘‘transparent patient” (Strasser, 2005). On the whole, the healthcare area is certainly the most difficult environment for the introduction of ubiquitous computing for several reasons. Medical data are the most sensitive personal data and thus require appropriate data protection measures, such as tiered access procedures, the prevention of new transient data accesses or undesirable secondary use. The financing of ‘‘pervasive healthcare” is problematical under the existing reimbursement regulations and trigger distribution battles among the various actors, for instance, about the issue of whether the home environment should be promoted as a healthcare and nursing location. For these reasons alone, applications in the healthcare sector have rather a long-term perspective and must be implemented step-by-step. There are also ethical issues which can be summarized under the captions security, autonomy and participation (Brown and Adams, 2007; Orwat et al., 2010; Bardram, 2008). In sum, the discussion must break free from its technical focus and deal with systemic questions, e. g., the openness of the systems or the integration in the national and regional healthcare system. Ultimately, the crucial question must be asked, which of the new services provide real added value? 4.6. Mobility and transport The use of ubiquitous computing in the area mobility and transport is regarded as a basis for a new generation of strongly networked and integrated systems to control transport flows and to inform road-users. The starting point here are solutions such as electronic tickets based on RFID or near-field communication, navigation and traffic recording systems as well as the traditional traffic telematics, which are currently being supplemented by so-called ‘‘vehicular ad hoc networks” (Joseph et al., 2006). In the long term, the supporters assume a comprehensive integration of such systems into a universal traffic management system based on real time data that offers advantages to both operators and users of the traffic systems (Car2Car Communication Consortium, 2007):  In the field of individual transport, one can expect diverse UbiComp applications such as (1) services to increase safety during travel (state of vehicle, accident prevention), (2) services to optimize traffic flows (navigation, optimisation of fuel consumption) and (3) services for more comfort for the passengers (location-dependant information, entertainment, Internet access).  For public transport, the primary goal is better networking with other transport sectors and assistance for travellers when booking and setting off on the journey or information about the itinerary and possible connections. As with the trade applications, one can foresee impacts on individual sovereignty and privacy, if road users and vehicles themselves become (active) parts of the transport system. In particular, the extensive recording of transport data facilitates new opportunities to control traffic, for instance, the creation of incentives (or penalties) for using certain roads at certain

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

61

times. Based on experience, this will find little acceptance among transport users. It is also doubtful whether a renewed attempt to optimize traffic flow will be more promising than in the past. Paradoxically, it appears that strengthening the individual user as foreseen in the UbiComp vision tends to lead to less autonomy for the individual in the long term (Weyer, 2006). 5. Ubiquitous computing mirrored in the press The public view of science and technology influences decision-makers and their actions and it affects science and research. For this reason, journalists’ reports in the national daily papers about ubiquitous computing, in particular RFID, were analyzed (Friedewald et al., 2010, Ch. 7). This shows how ubiquitous computing has been communicated and portrayed to the public in recent years and what important impacts have been addressed. The analysis also indicated the different positions the various actors wished to convey. The first, occasional articles about UbiComp began appearing from 1997. Since about 2004, the issue has received more or less continuous coverage, with a slight but steady increase. The early articles describe developments in the field of ‘‘smart homes” and appear to be fascinated by the new world of ‘‘house elf technology”. In addition to the positive application possibilities, however, these articles also already mentioned the surveillance potential of ubiquitous computing and the challenges for data protection, which increasingly influenced the reporting in subsequent years. Due to the presentation of the issue in the press, it could be assumed that data and consumer protection were the most problematical aspects of ubiquitous computing. In 2005 the Süddeutsche Zeitung warned against the tendency towards the transparent human being (Ludsteck, 2005). Such warnings corresponded with the opinion of many consumers who considered the data protection risks to be higher than the additional benefits. The more business-oriented press reacted to these reservations by pointing out that few of the applications planned today involve personal data. Important industrial representatives occasionally argue in the press that the emphasis on data and consumer protection is not only unwarranted, but also stifles innovation, while data and consumer protection is regarded by clients as an important regulatory issue. Security and privacy protection are closely connected in ubiquitous computing – and the press reports on this with corresponding enthusiasm. Whereas more security is regarded without exception as a desirable objective, the press coverage conveys the impression that in return for this security a price must be paid in the form of more surveillance. Part of the press emphasizes in connection with public safety that curiosity on the part of state and industry can contain new dangers. In this context, however, the discussion only rarely addresses to what extent more monitoring can preventively lead to more security and what level of security is (financially and socially) feasible at all. In recent years, reporting has been most comprehensive on the use of RFID for various applications, above all in the areas of logistics, retail, healthcare and housing. The issues raised here are relatively clear: in logistics and retail, the rationalisation of processes is the main focus, where retailers occasionally provide an additional benefit for consumers. In applications in the fields of healthcare and housing, the main emphasis is on providing assistance to live a healthy and independent life even in old age. The press makes it clear that on the whole applications within or between companies have the greatest significance at present and cost-benefit considerations are decisive for the introduction of technology. The issue of technology introduction is usually reduced by the press to the mere question of the price of RFID chips, which has fallen in the course of the years, without yet reaching the level necessary for a market breakthrough. Nevertheless, the media estimate the realizable efficiency gains or savings through ubiquitous computing to be quite considerable. In which cost categories, savings can ultimately be made is usually not mentioned, even if it can be assumed that rationalisation can primarily reduce personnel costs. Thus, some articles mention that the introduction of RFID will significantly endanger simple jobs, as many processes can be simplified and automated by using RFID. On the whole, the press coverage of ubiquitous computing in recent years has undergone a typical attention curve: at first, it was uncritically praised to the skies, and then after the first failures, excessively criticized. Finally, with implementation and tests of first applications, a more realistic estimate of the real advantages, but also of the limits of ubiquitous computing has emerged. Overall, the press reports factually, in a balanced fashion and not uncritically about the issue. 6. Legal aspects of ubiquitous computing Ubiquitous computing and its various applications present a considerable challenge for the further development of data and consumer protection.1 The legal challenges are in the protection of users’ informational self-determination in relation to the legally protected business interests of the operators of UbiComp applications. In addition, questions may arise from the expected utilization of autonomous information systems under private law. As technology developments are characterized by prognostic uncertainty, the question of the correct regulatory instruments also arises in addition to the substantive requirements of specific regulations to ensure the best possible balance of the actors’ interests. The spectrum of possible regulatory approaches ranges from classical regulatory law to new, self-regulation instruments such as association agreements. 1 This section is focussing on the legal situation in Germany. Since the privacy and data protection legislation in the European Union is largely harmonised, our analysis can be generalised to some extent for the situation in the EU. Since 2001, the German Federal Data Protection Act has implemented the European Data Protection Directive 95/46/EC while the Telecommunications Act was changed in 2004 to implement the directive on Privacy and Electronic Communications 2002/58/EC.

62

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

In order to ensure informational self-determination, the German Federal Constitutional Court has defined a number of substantive requirements and procedural safeguards which collide with the basic ideas of ubiquitous computing:  The principles of purpose limitation and data minimisation conflict with the goal of ubiquitous computing to support users invisibly, spontaneously and comprehensively. The requirement for informed consent also poses a serious challenge to the collection, processing and utilization of data in a UbiComp environment. Usually, this puts a heavy burden on the user as well as the data controller.  The citizens’ rights to access and correction cannot be asserted, due to the complexity of the data processing operations.  The wide range of participants leads to a diffusion of responsibility for data-processing operations. Against this background, it is questionable whether the traditional data protection law is still able to meet the challenges of ubiquitous computing. In an assessment of the adequacy of the law, one must wonder whether the framers of the German Federal Data Protection Act (BDSG) formulated principles assuming that there are few applications that would not change a lot over time. This was true for public sector applications in the 1970s, given the formality of administrative procedures. Today, this basic condition no longer holds true for private sector applications. For example, it is not surprising that the substantive and procedural regulations of the BDSG and the relevant telecommunication law have been found wanting in regard to RFID applications and, as a result, the danger of legal uncertainty exists for providers and users of UbiComp applications. In order to address these uncertainties, the protection program of the Federal Constitutional Court should be revised and the Federal Data Protection Act modernized accordingly (Friedewald et al., 2010; Bizer et al., 2006; von Westerholt and Döring, 2004). At the same time, the constitutional basis is of decisive importance in the question of ‘‘how” the new orientation should be designed. The legal questions about UbiComp are embedded in the overall discussion about the design of the future ‘‘Information Law”. Here two diametrically opposed opinions exist. On the one hand, in the private sector, personal information is understood largely as private property and therefore as a commodity (Vesting, 2003). On the other hand, personal data is judged as an essential part of human rights and therefore as particularly worthy of protection (Hoffmann-Riem, 1998). Which of these two points of view predominates has far-reaching impacts on the state mandate for action and the necessary substantive changes. Because of the great uncertainties in foreseeing future developments in technology and business models, the initiatives of the European Commission in this area largely advocate self-regulation instruments rather than regulatory measures. For implementation in national law, however, targets should be defined in order to ensure that self-regulation does not lag behind existing legal provisions. In addition, the state should reserve for itself the possibility of taking new regulatory measures in the event that self-regulation proves to be inadequate (EDPS, 2008). The second question is ‘‘what” should be regulated. Substantively, legal adjustments must be made in view of the expected changes in both EU data protection directives. The requirement to provide written consent for data protection purposes should be revised considering that UbiComp is intended to be unobstrusive and proactive. There should be also new provisions to ensure transparency in regard to long-term structural information. Furthermore, there need to be revisions to the legislation in regard to data protection requirements in the data collection phase. Protections are needed to address data mining. Finally, enabling class actions under data protection law as well as an independent data protection law for employees would be additional useful options. Simultaneously, there should be provision for privacy by design, i.e., so that data protection is designed into technology. This should be made explicit in legal regulations more strongly than is now the case. A suitable way would be an obligation to integrate a minimum set of access restrictions on the level of application protocols. This should be formulated in a technologyneutral way. On this basis, using appropriate application software, the user would permit only those uses of his personal data that he so chose. As the experiences with technology regulation involving the Internet show, the legislation should focus more on formulating goals than on giving detailed specifications for a concrete technology design (Bizer et al., 2006; Roßnagel, 2007).

7. Challenges and conclusions Ubiquitous Computing is already more than a mere technology vision. RFID has already reached a high degree of maturity and is entering more application areas. Regardless of whether the visions of a ‘‘brave new world” will ever be implemented or whether it is even desirable, we are in the middle of a development towards the ubiquitous information society. Smart phones and mobile applications have paved the way and now new devices such as the Apple’s iPhone and the iPad are seriously overcoming the paradigm of the general-purpose personal computer in favour of small, specialised information appliances becoming an integrated part of our life style. Other technical aspects of ubiquitous computing, however, still require considerable research and development work before the hoped for functionalities are suitable for practical use. These are above all:  Methods and techniques to create safe and dependable systems with predictable behaviour and good ability to diagnose errors. This becomes of paramount importance since UbiComp systems will become more complex and invisible for the end-user. Users will trust UbiComp in critical areas such as health care or payments only if the safety level of components and systems is high (Chetan et al., 2005).

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

63

 The increasing complexity of UbiComp systems in combination with their invisibility poses a big challenge to the design of novel human-computer interaction techniques.  Procedures for more reliable context recognition with good configurability by the user. This is based on a formal modelling and classification of the ‘‘real world” which is not only considered as a ‘‘hard problem” in computer science but also raises questions about the possibility and desirability of reducing the complexity of reality to a technically controllable degree. Ubiquitous computing has a considerable economic potential, to increase efficiency and thus competitiveness. For this reason, these uses will probably prevail in the medium term. On the other hand, ubiquitous computing enables a great number of new services, whose usefulness for citizens and economic viability must still be proved. In order for the UbiComp potential to be actually realized, a number of conditions must be fulfilled:  Ubiquitous computing is mainly an infrastructure-based innovation and requires high initial investments. Thus, international frequency harmonisation and standardisation are needed to provide protection for projects and investment (Wolfram et al., 2008).  Creation of timely access to UbiComp technologies for medium-sized companies and their integration in the standardisation processes. This not only ensures the realization of network externalities but also helps to prevent a domination of large, often globally active enterprises (Lee et al., 2008).  Balancing the data and consumer protection interests of users and citizens or customers with a view to specific uses by initiating and moderating a discussion with all stakeholders. In addition to the economic impacts, there is a great number of possible effects of UbiComp for which a scientific and/or societal dialogue must carefully weigh up whether the costs and benefits are acceptably correlated. The most striking impact of ubiquitous computing is on privacy or informational self-determination (Cˇas, 2005; Rouvroy, 2008). Both are currently being re-defined in the light of the ubiquity of data and data processing, whereby neither the size nor the sustainability of this new definition are completely predictable. The following activities could be useful:  Adapting the data protection law to the opportunities offered by ubiquitous computing to monitor and obtain personal data even from otherwise uncritical data sources,  Creation of a data protection law for employees,  Societal discourse about the origin and use of data trails that users are increasingly leaving behind in ubiquitous computing as well as the  Systematic monitoring of new technologies and evaluation of their impacts on informational self-determination, i.e., the establishment of privacy impact assessments (Clarke, 2009; Wright, forthcoming). In addition, the societal compatibility of ubiquitous computing should be further discussed, preferably by using concrete use cases. Important questions concern the sustainability of ubiquitous computing, not only from an economic and ecological, but also from a social point of view (Hilty et al., 2005; Bohn et al., 2005; Som et al., 2009). Ensuring universal access to and participation in the advantages of new offers is as important in this context as issues of system dependency and possibility to avoid loss of control, monitoring and normalisation of behaviour.  When ubiquitous computing system are supporting a growing part of daily life activities (such as shopping, working, government services) and replacing traditional procedures, universal access and inclusion will become even more important issues. Then, possession of affordable devices, access to infrastructure and services and usability are important limiting factors in social participation. This reality has to be balanced against new forms of ways to participate in social, political and commercial processes that proponents are expecting (Stephanidis, 2009; Bohn et al., 2005).  Closely related is the issue of system dependence and loss of control. When UbiComp systems are really becoming a ‘‘house elf technology”, users may lose their technical expertise, a loss which might be harmful in critical situations. Users may suffer from loss of control, feelings of helpless and loss of trust in the system (Bohn et al., 2005).  Ubiquitous computing has a potential to manipulate the user for the benefit of the system provider. There’s always a risk that the ‘‘house elf” is not acting in the interest of its owner. Some years ago, there were reports about a new concept doll being billed as ‘‘an autonomous purchasing object”, a toy that shops for itself and which tells children her ‘‘wishes” (Maeder, 2002).  Finally ubiquitous computing is basically a surveillance technology, because it needs to know where people and objects are, what they do, etc., in order to support them proactively. Users will not have the choice or possibility to avoid this surveillance in the work environments and in many applications in the public sphere (e.g., traffic, identification). This surveillance is not even subtle and can have an enormous impact on their behaviour, even limiting fundamental human rights such as autonomy and privacy (Bohn et al., 2005). Besides the necessary public discourse and additional research on social impacts of ubiquitous computing, there are a number of approaches that already seem appropriate to follow:

64

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

 Early consideration of user interests in the development process through ethnographic studies and ‘‘living labs” (De Moor et al., 2010).  Creation of real choices by explicitly labelling UbiComp systems as suggested by the European Commission for RFID (European Commission, 2007) and an opt-in model, in which the utilization of certain functions must be explicitly confirmed.

References Aarts, E., Encarnaçao, J.L., 2005. Into ambient intelligence. In: Aarts, E., Encarnaçao, J.L. (Eds.), True Visions: The Emergence of Ambient Intelligence. Springer, Berlin, Heidelberg, pp. 1–16. Alcañiz, M., Rey, B., 2005. New technologies for ambient intelligence. In: Riva, G., Vatalaro, F., Davide, F., Alcañiz, M. (Eds.), Ambient Intelligence: The Evolution of Technology, Communication and Cognition Towards the Future of Human–Computer Interaction. IOS Press, Amsterdam, pp. 3–15. Bardram, J.E., 2008. Pervasive healthcare as a scientific discipline. Methods of Information in Medicine 47 (3), 178–185. Bizer, J., Spiekermann, S., Günther, O., Dingel, K., Fabian, B., Hansen, M., Klafft, M., Möller, J., Juli, 2006. Technikfolgenabschätzung Ubiquitäres Computing und Informationelle Selbstbestimmung. Studie im Auftrag des Bundesministeriums für Bildung und Forschung, Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein; Institut für Wirtschaftsinformatik der Humboldt-Universität zu Berlin (in German). BMBF, 2007. ICT 2020: Research for innovations. Federal Ministry of Education and Research (BMBF), Berlin. BMWi/BMBF, 2007. European Policy Outlook RFID. Federal Ministry of Economics and Technology (BMWi), Federal Ministry of Education and Research (BMBF), Bonn/Berlin. Bohn, J., Coroama, V., Langheinrich, M., Mattern, F., Rohs, M., 2005. Social, economic, and ethical implications of ambient intelligence and ubiquitous computing. In: Weber, W., Rabaey, J., Aarts, E. (Eds.), Ambient Intelligence. Springer-Verlag, Berlin, Heidelberg, pp. 5–29. Brown, I., Adams, A.A., 2007. The ethical challenges of ubiquitous healthcare. International Review of Information Ethics 8 (12), 53–60. Car2Car Communication Consortium, Baldessari, R., Bödekker, B., Brakemeier, A., Deegener, M., Festag, A., Franz, W., Hiller, A., Kellum, C., Kosch, T., Kovacs, A., Lenardi, M., Lübke, A., Menig, C., Peichl, T., Roeckl, M., Seeberger, D., Strassberger, M., Stratil, H., Vögel, H.-J., Weyl, B., Zhang, W., 2007. Car2Car communication consortium manifesto, CAR 2 CARÒ Communication Consortium. ˇ as, J., 2005. Privacy in pervasive computing environments – a contradiction in terms? IEEE Technology and Society Magazine 24 (1), 24–33. C Chalasani, S., Conrad, J., 2008. A survey of energy harvesting sources for embedded systems. In: Proceedings of IEEE, Southeastcon 2008, Huntsville, AL, 3–6 April 2008. New York, pp. 442–447. Chetan, S., Ranganathan, A., Campbell, R., 2005. Towards fault tolerant pervasive computing. IEEE Technology and Society Magazine 24 (1), 38–44. Chopra, S., Sodhi, M.S., 2007. Looking for the bang from the RFID buck. Supply Chain Management Review 2007 (4), 34–41. Clarke, R., 2009. Privacy impact assessment: its origins and development. Computer Law and Security Review 25 (2), 123–135. Doughty, K., Monk, A., Bayliss, C., Brown, S., Dewsbury, L., Dunk, B., Gallagher, V., Grafham, K., Jones, M., Lowe, C., McAlister, L., McSorley, K., Mills, P., Skidmore, C., Stewart, A., Taylor, B., Ward, D., 2007. Telecare, telehealth and assistive technologies – do we know what we’re talking about? Journal of Assistive Technologies 1 (2), 6–10. EDPS, 23. April 2008. Opinion of the European Data Protection Supervisor on the communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on Radio Frequency Identification (RFID) in Europe: steps towards a policy framework COM(2007) 96. European Data Protection Supervisor, Brussels. Erdmann, L., Hilty, L., Althaus, H.-J., Behrendt, S., Hischier, R., Kamburow, C., Oertel, B., Wäger, P., Welz, T., 2009. Einfluss von RFID-Tags auf die Abfallentsorgung: Prognose möglicher Auswirkungen eines massenhaften Einsatzes von RFID-Tags im Konsumgüterbereich auf die Umwelt und die Abfallentsorgung. Texte 27/2009, German Federal Environemtal Agency, Dessau-Roßlau (in German). Available from: . Estrin, D., 2001. Embedded, Everywhere: A Research Agenda for Networked Systems of Embedded Computers. National Academies Press, Washington, DC. European Commission, 15 March 2007. Radio frequency identification (RFID) in Europe: Steps towards a policy framework. COM (2007) 96 final. Fishkin, K.P., Lundell, J., 2006. RFID in healthcare. In: Garfinkel, Rosenberg, pp. 211–228. Fleisch, E., 2004. Business impact of pervasive technologies: opportunities and risks. Journal of Human and Ecological Risk Assessment 10 (5), 817–829. Fleisch, E., Tellkamp, C., 2006. The business value of ubiquitous computing technologies. In: Roussos, G. (Ed.), Ubiquitous and Pervasive Commerce. Springer, London, pp. 93–113. Friedewald, M., Raabe, O., Georgieff, P., Koch, D.J., Neuhäusler, P., 2010. Ubiquitäres Computing: Das Internet der Dinge – Grundlagen, Anwendungen, Folgen. Edition Sigma, Berlin (in German). Fuji, A., 2008. Trends and issues in research on context awareness technologies for a ubiquitous network society. Science and Technology Trends Quarterly Review 26, 26–35. Gabriel, P., Bovenschulte, M., Hartmann, E., Groß, W., Strese, H., Bayarou, K.M., Haisch, M., Mattheß, M., Brune, C., Strauss, H., Kelter, H., Oberweis, R., 2006. Pervasive Computing: Trends and Impacts. SecuMedia, Ingelheim. Garfinkel, S., Holtzman, H., 2006. Understanding RFID technology. In: Garfinkel, Rosenberg, pp. 15–36. Garfinkel, S., Rosenberg, B., 2006. RFID – Applications, Security, and Privacy. Addison-Wesley, Upper Saddle River, NJ. Gipp, B., Beel, J., Rössling, I., 2007. ePassport: The Worlds’s New Electronic Passport. A Report about the ePassport’s Benefits, Risks and it’s Security. CreateSpace. Grunwald, A., 2004. Vision assessment as a new element of the fta toolbox. Paper presented at the EU-US Scientific Seminar: New Technology Foresight, Forecasting & Assessment Methods, Seville, 13/14 May 2004. Available from: . Hilty, L.M., Behrendt, S., Binswanger, M., Bruinink, A., Erdmann, L., Frölich, J., Köhler, A., Kuster, N., Som, C., Würtenberger, F., 2005. The precautionary principle in the information society: Effects of pervasive computing on health and environment. TA 46e/2005, TA-Swiss, Centre for Technology Assessment, Bern. van’t Hof, C., 2007. RFID and identity management in everyday life: striking the balance between convenience, choice and control. Report IPOL/A/STOA/ 2006-22, ETAG (European Technology Assessment Group), European Parliament, Strasbourg. Hoffmann-Riem, W., 1998. Zur Eigenständigkeit rechtswissenschaftlicher Innovationsforschung. In: Hoffmann-Riem, W., Schneider, J.-P. (Eds.), Rechtswissenschaftliche Innovationsforschung. Nomos, Baden-Baden, pp. 389–412. In German. ten Hompel, M., 2008. Logistics 2.0: move the things to move the world. mst News 2008 (6), 26–27. IST Advisory Group, 2005. Ambient intelligence: From vision to reality. In: Riva, G., Vatalaro, F., Davide, F., Alcañiz, M. (Eds.), Ambient Intelligence: The Evolution of Technology, Communication and Cognition Towards the Future of Human–Computer Interaction. IOS Press, Amsterdam, pp. 45–68. Joseph, A.D., Beresford, A.R., Bacon, J., Cottingham, D.N., Davies, J.J., Jones, B.D., Guo, H., Guan, W., Lin, Y., Song, H., Iftode, L., Fuchs, S., Lamprecht, B., Kyamakya, K., Fernández, J.G., García, J.C.Y., García, Y.S.M., de Gracia Santos, J., Nimesh, M., Pan, G., Wu, Z., Wu, Q., Shan, Z., Sun, J., Lu, J., Yang, G., Khan, M.K., Zhang, J., 2006. Intelligent transportation systems. IEEE Pervasive Computing 5 (4), 63–67. Juels, A., 2007. The vision of secure RFID. Proceedings of the IEEE 95 (8), 1507–1508. Krumm, J., 2009. A survey of computational location privacy. Personal and Ubiquitous Computing 13 (6), 391–399. Lagasse, P., Moermann, I., 2005. Broadband communication. In: Aarts, E., Encarnaçao, J.L. (Eds.), True Visions: The Emergence of Ambient Intelligence. Springer, Berlin, Heidelberg, pp. 185–207.

M. Friedewald, O. Raabe / Telematics and Informatics 28 (2011) 55–65

65

Lapide, L., 2004. RFID: what’s in it for the forecaster? The Journal of Business Forecasting Methods & Systems 2 (2), 16–20. Lee, S.M., Park, S.-h., Yoon, S.N., Hwang, T., 2008. Ubiquitous computing and its effects on small businesses. Service Business 2 (4), 347–358. Lie, E., 2005. Ubiquitous Network Societies: the case of the Republic of Singapore. In: ITU Workshop on Ubiquitous Network Societies, 6–8 April 2005, Geneva. International Telecommunication Union. Ludsteck, W., 2005. Wenn digitaler Staub die Informationen sammelt. Süddeutsche Zeitung 37/2005, 15, February 2005. Maeder, T., 2002. What Barbie wants, Barbie gets. Wired 10 (1). Available from: . METRO Group, 2008. Welcome to the real, – future store – a journey into the future of retail. METRO Group, Tönisvorst. De Moor, K., Berte, K., De Marez, L., Joseph, W., Deryckere, T., Martens, L., 2010. User-driven innovation? Challenges of user involvement in future technology analysis. Science and Public Policy 37 (1), 51–61. Orwat, C., Rashid, A., Holtmann, C., Wölk, M., Scheermesser, M., Kosow, H., Graefe, A., 2010. Adopting pervasive computing for routine use in healthcare. IEEE Pervasive Computing 9 (2), 64–71. Reyes, P.M., Frazier, G.V., Prater, E.L., Cannon, A.R., 2007. RFID: The state of the union between promise and practice. International Journal of Integrated Supply Management 3 (2), 192–206. Reynolds, T., Kelly, T., Jin-Kyu, J., 2005. Ubiquitous Network Societies: the case of the Republic of Korea. In: ITU Workshop on Ubiquitous Network Societies, 6–8 April 2005, Geneva. UNS/08. International Telecommunication Union. Rˇíha, Z., 2009. An overview of electronic passport security features. In: Matyáš, V., Fischer-Hübner, S., Cvrcˇek, D., Švenda, P. (Eds.), The Future of Identity in the Information Society: Revised Selected Papers of the 4th IFIP WG 9.2, 9.6/11.6, 11.7/FIDIS International Summer School Brno, Czech Republic, September 1–7, 2008. Springer, Boston, pp. 151–159. Rouvroy, A., 2008. Privacy, data protection, and the unprecedented challenges of ambient intelligence. Studies in Ethics, Law, and Technology 2 (1) (Article 3). Roßnagel, A., 2007. Informationelle Selbstbestimmung in der Welt des Ubiquitous Computing. In: Mattern, F. (Ed.), Die Informatisierung des Alltags: Leben in smarten Umgebungen. Springer-Verlag, Berlin, Heidelberg, New York, pp. 265–289 (in German). Schmitt, P., Thiesse, F., Fleisch, E., 2008. Adoption and diffusion of RFID technology in the automotive industry. In: Selvan, N.K. (Ed.), SCM in Automotive Industry – Concepts and Cases. The Icfai University Press, Hyderabad, India, pp. 152–172. Som, C., Hilty, L.M., Köhler, A., 2009. The precautionary principle as a framework for a sustainable information society. Journal of Business Ethics 85 (Suppl. 3), 493–505. Spiekermann, S., 2009. RFID and privacy – What consumers really want and fear. Personal and Ubiquitous Computing 13 (6), 423–434. Srivastava, L., Kodate, A., 2005. Ubiquitous network societies: the case of Japan. In: ITU Workshop on Ubiquitous Network Societies, 6–8 April 2005, Geneva, UNS/07. International Telecommunication Union. Stephanidis, C., 2009. Designing for all in ambient intelligence environments: the interplay of user, context, and technology. International Journal of Human–Computer Interaction 25 (5), 441–454. Strasser, M., 2005. Influence of ubiquitous computing on organizational structure. In: Müller, G., Lin, K.-J. (Eds.), Proceedings of the Seventh IEEE International Conference on E-Commerce Technology, CEC 2005, 19–22 July 2005, Munich. IEEE Computer Society, Los Alamitos, pp. 489–492. Vesting, T., 2003. Das Internet und die Notwendigkeit der Transformation des Datenschutzes. In: Ladeur, K.-H. (Ed.), Innovationsoffene Regulierung des Internet. Nomos, Baden-Baden, pp. 155–190 (in German). Want, R., 2006. An introduction to RFID technology. IEEE Pervasive Computing 5 (1), 25–33. Wasinger, R., Wahlster, W., 2005. Multi-modal human–environment interaction. In: Aarts, E., Encarnaçao, J.L. (Eds.), True Visions: The Emergence of Ambient Intelligence. Springer, Berlin, Heidelberg, pp. 291–306. Weiser, M., 1991. The computer for the 21st century. Scientific American 265 (3), 94–104. von Westerholt, M., Döring, W., 2004. Datenschutzrechtliche Aspekte der Radio Frequency Identification (RFID). Computer und Recht 20 (9), 710–716. In German. Weyer, J., 2006. Die Zukunft. des Autos – Das Auto der Zukunft. Wird der Computer den Menschen ersetzen? Soziologische Arbeitspapiere 14, Wirtschaftsund Sozialwissenschaftliche Fakultät, Universität Dortmund (in German). Wolfram, G., Gampl, B., Gabriel, P., 2008. The RFID Roadmap: The Next Steps for Europe. Springer, Berlin, Heidelberg. Wright, D., forthcoming. Should privacy impact assessments be mandatory? Communications of the ACM 54.