While closely linked, “data protection” and “privacy” are different concepts. “Data protection” is typically reserved for a set of norms that serve a broader range of interests than simply privacy protection. These norms focus only on the informational rather than spatial or physical dimensions of people’s privacy. Moreover, data protection is increasingly being treated in European law as a set of rights that are separate from the more traditional right to respect for privacy or private life.

Broken promises on civic innovation

Obviously, “data protection” is important. In this article, we focus on the protection of people’s right to privacy in its spatial dimension, more specifically in the context of smart cities.

A smart city is a city leveraging new technologies that include the Internet of Things (IoT) and Information & Communication Technology (ICT) to gain insights from data collection and processing in order to manage assets, resources, and services efficiently; this should then enable rapid and, hopefully, better urbanization. The capacity for identifying individuals is growing at the same pace as sensors are installed and embedded into a city. Therefore, the ability to gather unprecedented amounts of information could endanger people’s privacy. Beyond thinking about protecting collected data, we have to think first about how it is collected and how people give away personal information such as identity and location whether voluntarily or involuntarily. Smart cities and communities must generate mutual trust. In other words, these technologies should help people not invade their privacy.

The controversies surrounding San Diego’s Smart Streetlights program is a highly pertinent case. This program generated suspicion that the San Diego Police Department was using cameras installed on lamp posts for crime-solving rather than for their original purposes of optimizing parking and traffic together with tracking air quality. Accusations have been made that these cameras have been used to surveil protestors marching this summer against racism. The program has resulted in “broken promises on civic innovation

Broken promises could potentially mean broken laws as well. French legislation considers this kind of risk in legislation regarding information technology: “Information technology should be at the service of every citizen. (…) It shall not violate human identity, human rights, privacy, or individual and public liberties”. Beyond the necessary regulations, new technologies offer a way forward in this area of ​​privacy protection without losing any “smartness”.

Monitoring traffic and parking slots do not have to involve technologies that enable the identification of individuals. Advances in technology relating to sound analytics provide an interesting alternative to cameras. There are no images and no recording; the data is light enough to be processed at the edge of the network, on the device: the sounds never leave the streets, only metadata are sent. This solution combining acoustic, AI and data science has been developed especially for smart cities by Securaxis.

There is increasing recognition and consensus in academic discourse that privacy and data protection norms are valuable not simply for individuals but for the maintenance of societal civility, pluralism and democracy. In parallel, the technical reality that cannot be ignored is that large-scale data processing resulting from the interconnection of different data-gathering sensors can potentially lead to a serious invasion of people’s privacy with accompanying political fallout. These are issues to which cities’ authorities and the manufacturers of sensors will need to give much consideration as smart-city technologies become more commonplace.

Article written by Gaetan Vannay, chief of staff @Securaxis for DMS accelerator