Three BIG questions we need to ask before we start building smart cities

The idea that a company like Alphabet is getting into building cities from the ground up has, understandably, sparked conversations around privacy, security and data collection. Of course, data about traffic, public services, and utilities is collected in cities already, but mostly by government officials, not massive tech companies training in the art of the monetization of the data we give them.

The Sidewalk Labs project looks great on paper. The marketing is on point, and the rendered images and promised innovations paint a pretty picture of a utopian modern urban environment. But there are still major questions that need to be answered before the wider public gets behind a project like this, in my opinion.

What data is being collected?

Sidewalk Labs’ pitch vision for future claims that “by combining people-centered urban design with cutting-edge technology, we can achieve new standards of sustainability, affordability, mobility, and economic opportunity”. This includes things like a modern mobility system instead of private car ownership, data-driven management tools for parks and public spaces, and better data integration for social and community services.

The problem is that a lot of this is very vague. If we are going to embark on the building of smart cities, and we are going to let big tech build them, we need details. What kinds of data will be collected exactly? What will happen to that data? Will there be facial recognition technology? If a camera catches me smiling or looking depressed, will that data be used to influence my consumer decisions, for example? What’s rights are violated when residents don't know what data is being collected on their behaviors?

It’s exactly these kinds of questions that Sidewalk Labs has struggled to find convincing answers to. Critics are becoming more vocal. BlackBerry co-founder, Jim Balsillie, called the project: “A colonizing experiment in surveillance capitalism.” If Sidewalk is really a laboratory, then that makes Toronto waterfront residents the lab rats, doesn’t it?

Sidewalk Labs has responded to criticisms claiming that data collected will not be proprietary data that it owns. Instead, it wants to set up a data trust to ‘set a new standard for how data is collected, used and stored’. The problem with this reassurance, if you can even call it that, is that nobody knows what that data is! That’s the first question we need an answer to.

How future proof is the technology?

One of the big questions is surrounding the building of new smart cities that seems to be flying under the radar is how are we going to keep the software and, perhaps more importantly, the hardware, updated?

Then you have to consider the security risks involved in building cities that rely on this kind of technological infrastructure. Housing, commercial buildings and transport networks that heavily rely on chips and technological infrastructure need to be sustainable if this is going to work. It’s not only the security risks that we face today, but what about in 10, 15 or even 50 years? What happens when these technologies go out of date? How easy is it to switch a smart, connected city over to new technologies? How much does all of this cost?

• Smart home security basically doesn't exist

How do smart cities clash with GDPR in Europe?

Since May 2018, in Europe we have what is known as  General Data Protection Regulation (GDPR). It requires that, in most cases, consent is required by law before you can collect personal data. The rules are essentially that free, specific, informed consent be obtained. Online, this is typically done via privacy agreements and pop-up consent boxes that let users accept or reject cookies, for example. But how does a smart city meet those requirements? How do you give consent when walking around your neighborhood? Will residents be able to opt-out? How would they even do that?

There are already smart buildings around the world, where data is collected on everyone who walks in. The issue of whether consent is needed for this kind of data gathering is still debated. Some data protection lawyers would say yes, it is absolutely needed. However, the data gatherers say that because the data is aggregated, rather than individualized, that it’s not personal data and therefore consent is not needed.

• The UK’s porn block is going to be a privacy disaster

Still, the issue remains, and GDPR is just one of the hurdles that smart cities are going to face in the European Union.

Smart cities are in dev all over the world. 5G and IoT is moving the internet from online to everywhere. Is there is soon going to be no offline life?

What do you think? Does smart city really mean ‘city of mass surveillance’?