Smart Cities are controversial because they are sponsored by Big Tech, which is offering ‘free services’ in exchange for detailed private information. But there is a way to overhaul the concept so that it serves ordinary citizens. The real issue is finding the political will to tackle those necessary changes
From Toronto to Singapore, and New York City to Malta, municipalities flying the “smart city” flag are on the rise across the globe, promising to improve the quality of life for urban residents. Using artificial intelligence to analyze data collected from Internet-connected cameras, sensors, license plate readers, drones, digital identification cards, personal electronic devices, and mobile crowd sourcing, smart cities can, advocates say, eliminate traffic jams, improve energy conservation, assist in crime detection, better respond to weather conditions, and provide faster and better citizen services.
But the massive amount of data needed for smart cities to work has given the concept a bad name among those concerned about personal privacy. Tech companies supplying software and hardware to smart cities are hungry for citizens’ data, which they want to monetize and share with partners. For law enforcement agencies and municipal governments, data collected for smart cities represent a treasure trove of information about people’s movements, preferences, associations, and habits. Suddenly smart cities are starting to sound more like surveillance cities with less traffic jams. And there are plenty of people who’d prefer the traffic jams to the loss of control over their privacy.
Smart cities for the people?
Whether smart cities can truly benefit people in a meaningful way without handing over their private information to AT&T, Google, Amazon, and other corporations is unclear. We need to rethink the smart city concept to offer smart services to people without allowing corporations to exploit and profit off their data in the process.
At present, cities that want to become “smart” rely heavily on vendors that can supply the technical know-how about networking systems, AI algorithms, data optimization, cloud storage, infrastructure technologies, risk management, high-speed broadband, and security, just to name a few. City officials and municipal information technology departments don’t have the technical expertise to build and manage smart cities on their own. That’s where companies like Google come in.
The city of Toronto contracted with Sidewalk Labs in October 2017 to design a neighborhood on the city’s waterfront “from the Internet up.” Sidewalk Labs is owned by Alphabet, which is Google’s parent company. According to the plan for this smart city initiative, a network of sensors will collect real-time data about the environment, while it also gathers location-based information about buildings and infrastructure. Citizens would access services through a personalized portal. The project will be a “global testbed where people can use data about how the neighbourhood works to make it work better,” Sidewalk said.
Almost immediately, Toronto’s residents began asking questions about data collection and privacy. Who would own the data, and how would it be protected? A privacy expert hired by Sidewalk to assist with these issues resigned a year after project launch, telling the Global News newspaper that she couldn’t support the project after learning that third parties might have access to identifiable data collected. Another technologist resigned her post on the project’s digital strategy advisory panel, saying it had disregarded residents’ concern about data. Sidewalk CEO Dan Doctoroff said earlier this month that the company has no interest in monetizing personal information, just as a citizens’ group in Toronto launched #BlockSidewalk.
Citizens should be involved
There are more than a few lessons to be learned from Toronto. People are rightly concerned about their personal data being used without their knowledge and permission, and being tracked online. Recent privacy scandals at Facebook, numerous data breaches, and online misinformation campaigns have heightened those concerns. Cities going “smart” should be prepared to respond with specifics about whether they or their technology partners, or those partners’ partners, will have access to identifiable data. And they should expect a public backlash if the answer is yes, or “we don’t know yet.”
Citizens should be involved in the planning and development of data collection efforts from Day One. They should have a strong say in how and where they are being surveilled rather than be told that Vendor X’s cameras will be installed on every corner filming 24 hours a day, and the feed will go into a massive data base to be kept indefinitely.
Cities need experts who can defend citizens’ privacy and challenge inadequate safeguards over private information. They must incoluate themselves before signing contracts or entering into agreements with vendors, by engaging with top-notch security and privacy experts who can match the tech smarts of Google engineers and demand a privacy and human rights framework for smart city projects. To accomplish this, cities would have to make big investments in their IT departments, hiring cryptography and experts in data anonymization.
Smart city projects should start with the fewest privacy invasive methods of data collection, instead of using the most invasive and then winnowing that down. Vendors and developers would have to think creatively, in order to come up with ways to obtain data for smart city applications without defaulting to facial scans and license plate readers.
Municipal governments need to get tough about rules regarding data privacy. The effective way to do this is as follows:
- Pass ordinances or establish regulations that prohibit vendors from sharing citizens’ information
- Place strict limitations on turning data over to law enforcement or ICE
- Require vendors to anonymize personal data and purge it soon after use;
- Allow citizens to opt out of the collection of their locations, images, biometric data, and other personal information;
- Appoint executive level privacy and security czars to oversee data handling and storage and enforce data privacy practices.
We have become accustomed to “free” technology — email, social media accounts, instant messaging and photo sharing platform — but of course we are paying for it with our personal information. It’s a high price to pay.
Data collection for smart city implementation presents the same uneven exchange, but on a much larger scale. Your commute home becomes faster because cameras are capturing, analyzing, and storing scans of your license plates and the plates of the drivers around you, which are used to predict congestion and trigger modifications to traffic lights and lane closures to avoid jam ups. You get a seat on the bus because facial scans of you and your fellow riders are stored in the cloud indefinitely to help city transportation departments predict when to deploy more buses during periods of peak ridership. We have become convinced that a high quality of life is predicated on convenience. Perhaps it is time to question that assumption — to ask whether the price for all this convenience is just a bit too high.
