Before you roll out RFID... read this

Legal issues abound...

Legal issues abound...

RFID technology could make your business more efficient - or, like any IT project undertaken with a third party, could cause more headaches than it alleviates. Olswang solicitor Marc Dautlich advises how to avoid the legal minefields of an RFID rollout.

There are many reasons to use RFID in the retail sector, including tracking goods to improve supply chain efficiency and increasing the visibility of inventory. High-profile retail supply chain RFID projects currently underway - such as Wal-Mart in the US, Tesco in the UK and Metro in Germany - have brought plenty of attention to the technology.

However, anyone thinking of signing up to an RFID contract with a service provider to pilot RFID technology, whatever their industry sector, would do well to address two key business issues in order to reduce the legal risks involved and get the best out of the relationship. In this sense, an RFID project is similar to any other IT project of comparable size and scope.

The first issue is to identify the key business benefits intended to be delivered by adoption of the RFID technology. This is essential because it allows for the creation of effective tools for measuring the service provider's performance and also makes it possible to include appropriate incentives for the service provider to deliver the required level of performance in the contract.

For instance, say a retail operation wants to implement RFID technology into its supply chain. There is a range of potential benefits that will have been carefully evaluated as part of the business case. (The exception may be where the RFID adopter is simply acting under a mandate from a partner at the end of the supply chain).

The important point is to translate these commercial objectives into contractual obligations that the RFID service provider should be aiming for. Failure to do this will leave the RFID adopter without adequate contractual tools for encouraging the service provider to perform and without adequate legal remedies if the project fails to deliver the anticipated benefits.

Specifying the objectives may well involve creating a hierarchy of importance of the customer's various goals for the RFID project. To the extent that these are not already laid out in the business case, this exercise is probably a useful end in itself. It could be a particularly useful exercise if, for instance, it emerges in discussions with the service providers prior to pilot that not all of the objectives of the project can be delivered within the time frame allowed or initial budget.

Alternatively, the company adopting RFID may simply consider it good business practice to be explicit about those objectives that are of particular business value to it. For example, a primary goal might be better usage of assets - in the form of crates or dollies or roll cages - or to identify where the product is in the supply chain at any time.

From a legal perspective, these objectives ideally should be identified at the outset of the project. If not, the contract should at least include a mechanism allowing the adopter of the RFID technology to revisit its requirements from time to time with the service provider. Otherwise commonly touted contractual mechanisms such as 'gain share' or 'continuous improvement programmes' will get nowhere.

The second key issue for an organisation adopting RFID is to identify and map likely changes to its existing systems and processes. This could include anticipating and avoiding problems linking new and old databases or allocating sufficient resources to extract meaningful information from the large volumes of data typically generated by RFID technology.

If this step is not performed adequately, not only are the anticipated commercial benefits or return on investment unlikely to materialise but there will be an easy legal get-out for the service provider.

The scale of this mapping task is frequently underestimated and crops up consistently as a contributory factor in the failure of many IT projects, not just ones involving RFID.

Perhaps CIOs should adopt an alternative acronym for RFID: Read the contract and project documentation carefully; Figure out the key business objectives; Identify them in the contract; and Draft contractual performance criteria accordingly.

Marc Dautlich is a solicitor in the media, communications and technology department at law firm Olswang.