The increased prevalence of technology in city infrastructure brings new privacy and security concerns. Major cities have already begun implementing ‘smart’ principles to increase the efficiency, safety, and convenience of city management.
Braun, Fung, Iqbal, and Shah argue that it is necessary to pre-emptively address the privacy and security concerns that Smart Cities raise in order to achieve these goals. They outline the major challenges posed by smart cities that could result in costly disruptions and destabilize personal privacy.
Smart Cities create privacy threats due to their reliance on rapid data sharing between multiple service providers. Combining multiple datasets allows for analysis of the data as a whole, potentially revealing information or identifying persons in ways that the individual service providers could otherwise not have and that consumers might not expect. Differential privacy is a relatively strong model for ensuring privacy and provides a measurable level of protection. An alternative is planning and reducing the types of data that are collected and analyzed, however there are some logistical issues with this approach. An approach to Smart Cities that makes use of privacy frameworks in the planning, design and implementation of technologies and their integration would be helpful.
The interconnectivity of Smart Cities and the inclusion of IoT devices results in many possible points of attack. In addition to layered security on individual devices, security across the city is required. An approach that could work for security within Smart Cities is to separate the network into three layers; known as the 3-Layer Onion Model.
Within this network all network devices have a unique identifying number and operate within the security layers. The governmental control domain layer regulates compliance with policy. The smart city Inhabitants/ Infrastructure Layer authenticates inhabitants and secures privacy. The service provider layer provisions and secures data sharing among service providers.
Smart Cities also raise issues around the collection, management and deletion of data. The quantity and nature of the data needs could be solved using cloud services. However, it is unclear what happens to data collected in a smart city, how data is stored and secured, who is responsible for data breaches, when is it disposed of and whether people are able to truly remove personal data once it is collected.
Preserving the trust of inhabitants is important for the sustainable operation of a smart city. This trust is challenged by concerns about the use of data and what consent looks like for both the subjects of data collection and use. There are helpful systems to preserve trust through computational trust, transparency and clear definitions of consent. In all cases, the inhabitants should be central to smart city design and implementation.
A thorough analysis of the privacy and security challenges posed by Smart Cities will be crucial in their success. Smart Cities must be marked by a carefully planned and holistic system of defence.
The success of Smart Cities may depend on a thorough analysis of their privacy and security challenges followed by a carefully planned and holistic system of defense.