LuminousVoid

This article gives a brief overview of some of the current and possible legal protections afforded to consumers in an RFID infested environment. They recommend amending the wiretap act, to cover interceptions of RFID transmissions:

In essence, this act prohibits any person from intentionally intercepting, or endeavoring to intercept wire, oral or electronic communications by using an electronic, mechanical or other device unless the conduct is specifically authorized or expressly not covered.
Although wiretapping is not identical to RFID, it shares an abundance of similarities that may carry over to RFID technology.

Another source of protection they point to is contract law. Consumers with tags will generally be entering into contractual relations with the merchants/providers of the tags. This probably does not protect consumers from third-party use of the tags though. I’m not too sure about this, but I believe that the privacy torts and protections only protect people where they have a ‘reasonable expectation of privacy’ and this ‘reasonable expectation’ can’t be formed solely by contracting for privacy. I’ll have to double check that.

The article also points to the Federal Trade Commission’s Fair Information Practice Principles. I don’t think these have legal force, or even if they create a private cause of action (rather than simply being something that only the FTC will enforce).

Lastly the article points to the law enfocement/search uses of RFID. They don’t say much here, but my belief is the law is guided by the ‘reasonable expectation of privacy’ standard.