Protecting the data that makes cities smart

DKosig/Getty Images

Featured eBooks
Changes in State and Local Government Workforces
NASCIO Special Report 2024
A New Era of Social Media Regulation
Insights & Reports
Unlocking digital potential: Strategies for modernizing government services
Presented By Adobe
Download Now
Unlocking public sector potential
Presented By NTT DATA
Download Now
By Stephanie Kanowitz,
Contributor, Route Fifty
 

Connecting state and local government leaders

By Stephanie Kanowitz

|

Ensuring the security and privacy of data generated by residents and internet-connected devices will allow cities to reap the benefits of innovation.

Calling fears about privacy abuses related to smart city data overblown, a new report states that the key to building and sustaining smart cities is balance.

“Data collection is what makes cities and communities ‘smart.’ It can generate cost and time savings, increased productivity, and public health and safety,” according to “Balancing Privacy and Innovation in Smart Cities and Communities,” a March 6 report from the Information Technology and Innovation Foundation. “But smart cities’ data collection is also the source of privacy concerns when the data collection involves personally identifiable information. Smart city technologies that collect data about residents, particularly sensitive data—such as personal information that could be used for identity theft—make attractive targets for cybercriminals.”

Key to balancing privacy and innovation is understanding that many cities are already collecting data with little threat to individuals’ privacy, the report states. For instance, smart grid technologies embedded in the energy system—think smart meters, buildings and appliances—provide real-time data on energy consumption that allows for dynamic pricing and demand response, which can reduce emissions.

“Most smart city applications are built around the Internet of Things (IoT): physical objects embedded with sensors or actuators and network connectivity to enable them to send, receive, and act on data,” the report states. “Other enabling smart city technologies include wired and wireless broadband networks, analytics tools to process data coming from sensor networks, and autonomous systems.”

Examples include smart trash cans that can alert the sanitation department when they are full, preventing litter from overflowing and serving as Wi-Fi hotspots; smart water monitoring that can alert officials to pollutants and leaks; intelligent traffic signals that can improve the flow of vehicles and reduce accidents; and gunshot detection, which can help first responders reach the scene of a shooting faster.

But privacy advocates and smart city opponents say government entities may sell the data those devices collect to offset tech costs or use it for surveillance. Plus “every Internet-connected device involved in collecting, transmitting or receiving smart city data is a potential security vulnerability,” according to the report.

Security concerns are well-founded. Data breaches often result in the exposure of personal data and significant economic loss, the report notes, adding that the average cost of a public-sector data breach in 2022 was more than $2 million.

What’s more, local governments are big targets because of their large attack surface. Even though they control critical infrastructure, they “often fail to prioritize cybersecurity,” the report adds. “Effectively addressing this concern will require local governments to increase their investment in cybersecurity, follow cybersecurity best practices, update IT systems, require their private partners to follow the same practices, and exercise caution in procuring smart city technologies.”

Commercial use of data is another worry of privacy advocates. It often happens in two ways: a city or community could make a deal with a company to provide smart city tech and in turn will give that vendor access to the data collected, or it could sell localized advertisements. 

“To better protect residents’ privacy when sharing their data, smart cities and communities can set rules for their private-sector partners’ use of smart city data, and follow up to ensure continual compliance,” the report states.

Related articles

Does smart-city tech threaten democracy?

Tech disruption powers smart city expansion

The riskiest smart city technologies

Surveillance is a third concern that privacy advocates cite because although most of the data collected is of low risk to individual privacy, in aggregate, it could “build detailed profiles of residents’ behavior,” the report states. But “the United States has many laws, including those enumerated in the Constitution and Bill of Rights, that restrict governments at every level from engaging in this type of surveillance.”

The report offers six recommendations for balancing the benefits of smart city operations with privacy worries. First, cities and communities should prioritize cybersecurity when using smart city technologies. This includes encrypting data, using cloud computing and conducting threat and risk assessments.

Second, Congress should pass legislation requiring opt-in consent for data use by commercial entities and transparency rules to ensure the public understands how data is collected and used.

The final three recommendations relate to surveillance. State lawmakers should regulate data collection by law enforcement, such as limiting how long agencies can retain data unrelated to criminal evidence. Additionally, “cities and communities should anonymize any personal data they collect via smart city technologies …[and] delete stored personal data after a certain period of time when the data is no longer useful for its intended function,” the report states.

Lastly, local agencies should not be required to share sensitive personal data about users in order to use the technology, but they could share anonymized or other nonsensitive data.

“Data collection powers smart cities and communities, yet privacy issues continue to stall progress,” Ashley Johnson, a senior policy analyst at ITIF and the author of the report said in a statement. “Cities and communities need to balance the cybersecurity risks, commercial use of data, and potential government surveillance against other more prevalent concerns like public safety, sustainability, the beneficial uses of data, and cost.”

Smart city Case Studies
Powered By
Browse The Atlas full case study database or read more case studies about Smart city.
Geelong foreshore receives smart city upgrade to improve safety and declutter public spaces
Geelong VIC, Australia
Broadband & smart city services enhance visitor experience to Australia's most popular park
Sydney NSW, Australia
Building a People-Centered Smart City: San Antonio Aligns Tech with Resident & Staff Input
San Antonio, TX
BROWSE LOCAL GOV CASE STUDIES

NEXT STORY: Justice launches $8M smart policing grant program

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.