Case Study: Smart Cities and Our Brave New World
Cities around the world are deploying collecting increasing amounts of data and the public is not part of deciding if and how such systems are deployed.
Smart cities represent a market expected to reach almost $760 billion dollars by 2020. All over the world, deals are signed between local governments and private companies, often behind closed doors. The public has been left out of this debate while the current reality of smart cities redefines people’s right to privacy and creates new issues of exclusion.
What happened?
The definition of a smart city varies - for IBM it is about finding “new ways for the city to work”, for Alphabet company SideWalk Labs it is about “building innovation to help cities meet their biggest challenges”, a research paper commissioned by the British Department for Business Innovation and Skills describes smart city solutions as “applying digital technologies to address social, environmental and economic goals”. Beyond the marketing discourse, it is important to focus on what the essence of smart cities is: the use of data collection and technology to provide services in a city.
Smart cities range from the all-encompassing backbone infrastructure offered by companies like IBM and Oracle, who offer service going from security to transport and energy – often connecting various government departments to facilitate the flow of data, to apps created by start-ups that allow you to report potholes to your local authorities.
What’s the problem?
Privacy
Smart cities raise a series of problems. First of all, the right to privacy is entirely redefined in a smart city, as they create an environment where we are no longer expected to consent to the collecting, processing, and sharing of our data but instead the minute we step in the streets we are exposed to both government and corporate surveillance. And not only is there no opting out but more likely than not you will not even know that data about you is being collected.
In fact, you may not realise how much data is already being collected about you. In City of London for example, smart garbage bins were installed in 2012. The bins collected data from people’s phones to provide them with targeted advertising. People did not know their data was being collected as they walked by the bins nor did they realise the advertisement they were getting was specifically targeted to them until journalists exposed their existence a year later.
In a smart city, there is no longer such a thing as wandering around while no one knows you are there. In fact, a simple walk in the park is now enough for you to be tracked. In another example from London, Hyde Park aggregated data on age, gender, and location – based on data that was handed to them by network provider EE – to review the number of visitors and their typical journey through the park.
In the city of Singapore, sensors and cameras have been placed all over the city which has allowed the government to follow citizens step-by-step through an interface called Virtual Singapore. The government can even use the interface to run experiments and see how people would react to epidemics or earthquakes – based on the data that is being constantly collected about them.
While the discourse around smart cities has been largely focused on rewards and the positive changes smart cities bring about, once data is collected it can also be used for punishments. In Hong-Kong, for example, an anti-littering campaign group has been using the DNA found on discarded cigarette butts, gum, and condoms to reconstruct the face of the people who had left them in the streets. They then expose the portraits of the “culprits” in billboards across the city.
In Beijing, to tackle the issue of people stealing toilet paper from public toilets, the busiest public toilets have now been equipped with a facial recognition system. In order to obtain toilet paper, one needs to stand in front of a camera. And those who come too often are being denied.
What does it mean to live in a city where one is constantly tracked? We first have to bear in mind who will be the most exposed. Saudi Arabia, for example already has a system in place to text male guardians when women leave the country - what will happen to women in a smart city? We know that groups as varied as the security staff of malls, social media intelligence companies, and the Department of Homeland Security have all been monitoring members of the Black Lives Matter movement. So where will be a safe space for minorities and civil rights group to gather, meet, organise, and protest when each step is monitored in the city?
Thinking that a world where smart city data is collected and used to prevent protests is not science fiction, and China is already doing it. US intelligence firm Stratfor has been reporting on the creation of a “grid management system” that is effectively a spying apparatus merging data collected by the state, as well as CCTV footage and data from internet monitoring, to pre-empt social unrest.
We therefore know how smart cities – and Singapore is a perfect example of this – are becoming systems of real-time control. There may be some positive aspects of this – a smart transport system could help redirect traffic in the event of an earthquake – but we expose ourselves to the risk the city will be used against us, as we have seen in China. What if a ‘smart’ transport system was used to redirect traffic to keep people away from protests?
People are already starting to resist. In London the smart bins had to be removed after an outcry of privacy concerns. In Singapore, the government had created smart flats for the elderlies with sensors to detect their movement, people have started to use towelst o cover the sensors and protect their privacy.
Who do we build these cities for?
Beyond privacy it is worth asking who smart cities are being built for. Placing technologies at the heart of the services creates issues of exclusion for those who do not have the same access to technology. It is of particular concern for less-abled people or people who cannot afford access to technology. A worrying example from New York showed that the free Wi-Fi was only secure for Apple users and not for Android users.
The issue of gender is also important to bear in mind as studies have documented how women experience cities differently from men. While men tend to describe their journeys as going from home, to work and then back home, women tend to have much more complex journeys, which include picking up their children, buying the groceries, and visiting family members. Street harassment is also central in understanding why women have different perceptions of cities from men. In India, for example, the Indian government plans to build 100 smart cities - this has meant that the land of the most disfranchised has been forcibly acquired in order to build smart cities, which we suspect will be largely built for the wealthiest. We also know that India’s effort to “clean up” cities – that has come about at the same time as smart city projects started developing – has pushed away street vendors, whose very presence help make cities safer for women, as they mean streets do not end up being deserted and they can act as a point of contact for them.
Building smart cities for the wealthiest also result in failing to improve the lives of the majority of the population. In 2013, the city of Rio de Janeiro was awarded a World Smart City Award, as they prepared for the Olympics and the Football World Cup by setting up an Operation Centre and an Integrated Centre of Command and Control designed by IBM. The system aimed to improve public services, make the city safer, and more efficient. However, in 2016 research, published by Christopher Gaffney (University of Zurich) and Cerianne Robertson, showed Rio has not kept its promises and remains for most people a “dumb city”: one of the key issue highlighted in the research was that the smart city has been focusing on the wealthier areas leaving the majority of the city without improvement.
Discrimination
The next step for smart cities will be relying on algorithmic decision making to make the city more efficient and decide for instance how energy should be allocated, when and where lampposts should be turned on, how frequently the trains should run, etc. However, we know already how decisions made based on biased data reflects the biases in our society. Boston, for instance, set up an app to detect potholes in the streets, but if potholes are only fixed when the city is notified through this app what about areas where people are less likely to carry smart phones or download the app? We know that in the US the police has more data on crimes in areas where people of colour live and that predictive policing algorithms have been biased for that very reason. So how will using algorithms to allocate services affect the lives of city inhabitants? Will we risk denying people who are already struggling to afford energy access to the gas, electricity, and water they need to stay warm in the winter? Will we risk some streets in the dark at night and make those streets less safe for women? Will we risk reducing transport and access for people whose areas are already underserved?
Security
Finally, smart cities present serious security concerns: as more and more hacks and cyberattacks demonstrate we are not yet doing a decent job at securing our databases and online systems. And yet we are sleep-walking into a world of internet of things where everything in our cities will soon become vulnerable to hacking.
In December 2015, Ukraine’s power plant was hacked leaving more than 80,000 people in the dark for at least three hours. The hackers also targeted the energy companies’ monitoring stations, which meant that the energy company did not notice anything unusual. Moreover the phone helpline was targeted as well with a TDOS attacks, meaning that the phone line received a flood of fake phone calls from outside Ukraine that prevented legitimate customers from calling and reporting the power cut.
Research has also already demonstrated how vulnerable street lamps could be. Now what if the sensors that are tracking us, our public transport systems or our energy grids fall again between the wrong hands? What are governments and companies really doing to insure it does not happen?
What’s the solution?
Governments should seek to improve the quality of cities by prioritising solutions that are not based on data exploitation. If a project requires data collection, the data collected should be strictly necessary for the purpose of the service offered. The effectiveness of any service must be demonstrated and there must be consultation with citizen groups prior to its deployment. The data collected should not be shared with private companies and strict limitations should be in place to restrict access by the police and intelligence services. Citizens should be warned when data is collected and given the option to have their data deleted and they should have a right to be anonymous in a public space. Access to technology should never be the condition to have access to services. Smart city technology must be openly and transparently audited, as well as regularly patched to insure it remains secure.
The activities discussed above go against Privacy International’s forthcoming Data Exploitation Principles, specifically:
- Individuals must have rights over their data. This must include rights over their personal data, as well as data that is derived, inferred or predicted from their data, selves, actions, and behaviour.
- Data should not be generated, collected, analysed, retained, transmitted or aggregated excessively.
- Individuals must be able to ascertain their data footprint
- Security and privacy must be shared without discrimination, designed into systems to protect everyone, everywhere.