by Adam Beck
As the Executive Director of the Smart Cities Council Australia, I work with cities throughout the Asia-Pacific region. I wanted to share with readers in other regions an issue that has become top-of-mind in Australia… and one that should be top-of-mind everywhere: Privacy.
Put briefly, privacy has the potential to derail smart city progress and to put a city at legal risk. The solution to this danger is to implement “privacy-by-design” – that is, to consider privacy issues at the design phase of any and every project, before it is deployed.
Here are three guidelines from one of Australia’s top privacy experts. As you will read, these principles can transform privacy from a roadblock to an opportunity. I hope you’ll consider carefully, for the sake of your city and your citizens. – Adam Beck, Executive Director, Smart Cities Council Australia New Zealand
Facial recognition, free WiFi, RFID tags, mobile phone apps, body-worn cameras, and drones – as these technologies are rolled out, are cities considering the privacy risks?
“Not really,” says privacy expert Nicole Stephensen.
Brisbane-based Stephensen has spent two decades in the privacy profession and is heading to Sydney for Smart Cities Week at the end of October. She has watched privacy concerns intensify over the last few years as the “explosion” of digital technologies and social media have encouraged the community to share “vast quantities” of personal information to access services and benefits, to make purchases, and to stay connected with their governments, peers and family.
Sharpened scrutiny of the tech titans who leverage community information for profit has also shifted people’s perceptions. “The community better understands the value of their personal information and how important it is to protect it,” Nicole says.
Some jurisdictions, like the European Union, have upgraded their privacy laws and now require privacy impact assessments before the collection, use, or disclosure of personal information can begin.
Despite this, privacy remains off the radar of most Australian cities, she says. “Local governments may not be aware of how the privacy legislation in their state or territory applies to them. This privacy legislation spells out how they must collect and manage personal information.”
Local governments gather information to fulfill their responsibilities and deliver services. But each time a citizen signs up for a library card, submits a building application, or hits “I agree” to access free WiFi, they give up elements of personal information.
“Many cities are in danger of gathering too much of this information in the first place. They are responsible for securing that information for its lifetime. If they don’t, they risk breaching the privacy law that applies to them,” she warns.
Stephensen works with local governments to support their smart city rollouts and address community concerns about how personal information is managed. Although she’s often been met with early resistance as a “handbrake to happiness,” cities soon see that “privacy is a real opportunity for local governments to vastly improve their relationship with the community”.
What can cities do to treat privacy as a positive engagement tool rather than a negative roadblock?
1. Appoint a privacy officer
“Most local governments don’t have a privacy officer who can invest the time and resources to understand the rules around collecting personal information and manage the risks that follow,” she explains. A privacy officer can assess initiatives in terms of both the “real and measurable” and “perceived” risks to privacy. “Privacy officers can identify concerns and coordinate targeted information privacy programs to address them.”
2. Develop a citywide privacy management framework
“This sets out the strategy for how a city will deal with privacy,” Nicole explains. “The framework can evolve into a plan that sets out objectives and how the city will achieve them over time.”
3. Embed ‘privacy by design’ into processes
“Cities should consider privacy at the outset when onboarding any new technology or initiative,” says Stephensen. “Subscribing to ‘privacy by design’ helps to identify and eliminate privacy risks before they become problems. It doesn’t mean you are going to cancel a project – but it does mean you are aware of the risks and can deal with them.”
Stephensen’s message is clear: Local governments have an obligation to comply with privacy laws. But looking at projects through a privacy lens can also be a critical decision-making exercise. “It’s time for cities to up their game. Privacy is an opportunity meaningfully engage with the community and build trust.”
Nicole Stephensen will join other dynamic speakers, visionary local government leaders, and trail-blazing technologists at Smart Cities Week from 30 October to 1 November in Sydney.
Adam Beck is the Executive Director of the Smart Cities Council Australia/New Zealand