ATLANTA — As cities have begun to collect and release unprecedented amounts of data, questions about citizen privacy have become increasingly relevant. Local governments, for their part, often lack specific privacy policies and rely on checks such as community outcry, industry best practices and guidance from law professors to dictate the limits of their work.
This was an overarching topic at many panels during the recent MetroLab Annual Summit, where featured speakers included municipal tech leaders, nationally renowned law professors, privacy advocates and leaders of smart city tech companies, among others. What emerged was a sense that local governments are increasingly aware of privacy considerations; that they are interested in de-identifying the data they collect; and that they only want data that will help with the work of improving services. Technology and innovation, however, can tend to outpace efforts to establish firm checks on privacy.
To understand the discussions, one must understand the current state of municipal open data, as well as how government uses smart city tech. Open data has transitioned in recent years; previously, cities made data available without much thought to what happens once it is released, meaning most cities did not release data in formats that allowed easy use by all citizens, so the only people who found it useful were civic technologists and data geeks. This is changing, with cities like New Orleans, Boston and Chicago steadily rolling out new concepts that use open data to create tools citizens can use to get information about rental properties or learn about water quality at public beaches.
Many of these leading cities are now collecting information through Internet of Things (IoT) initiatives that help them learn more about their streets, collecting data on everything from traffic flow to rainfall to air quality. These initiatives are often carried out by sensors or nodes that essentially surveil certain areas, although "surveil" is too harsh a word. Instead, these initiatives simply capture large swaths of info so technologists and other city leaders can contextualize what’s happening, paving the way for the creation of prescriptive and predictive analytics tools that can alter the allocation of city resources and, ultimately, improve quality of life.
Swire said expectations for the power of governmental open data started high — he held a hand well above his head — but because of the potential for inadvertently identifying individuals, expectations dropped — he lowered his hand well below his neck.
Open data efforts at the city level must also consider whether data can be subpoenaed and used to make arrests, which is not the goal or function of civic open data work.
“It’s a fundamental part of an open data effort to think what can be re-identified, what is private information and can the police come and get a warrant,” Swire said, urging both public servants and gov tech vendors to always stay aware of that.
Perception is also important, as Chicago and its collaborators learned upon launching the Array of Things project, an influential smart cities initiative made up of thousands of nodes. Array of Things, which is in the process of being spread to other cities, was born of a collaboration between the city and researchers at the University of Chicago, like Charlie Catlett, the director of the Urban Center for Computation and Data.
Catlett said that when they were first setting up the nodes that collect data for the Array of Things project, the community was skeptical of any government effort to collect info, so technologists had to learn to become very deliberate when they explained what they were doing and why.
Mattmiller said that Seattle’s approach has been shaped by the desires of the community, and that, despite being a city where data is open by preference, this has led to Seattle reducing the data it releases.
“Our people who are paying attention would much rather see us err on the side of not releasing something that could cause a mosaic effect or otherwise cause harm,” Mattmiller said.
To that end, Seattle uses a practice that’s kind of like dipping a toe in a pool. When it comes to open data, city technologists guess at the most minimally valuable open data set that would benefit the community. They pinpoint that, release it and monitor reaction. If there isn’t strong opposition, they release another data set that’s more comprehensive.
Seattle has also implemented a privacy training program for employees, and it has heeded the advice of its academic and research community, specifically that offered by research dubbed Push, Pull and Spill, which gave a number of recommendations related to open data and privacy. Currently, Seattle has implemented all of the suggestions save one, which it is working with researchers to implement now.
One of the authors of this research, Jan Whittington of the University of Washington, emphasized the importance of steady communication with the public. To this end, the city must always have a clear end goal in mind when it begins collecting new data.
“If we get down to the root of it, the idea of the technology is supposed to be that it’s serving a real public purpose that people can get behind,” Whittington said. “It’s not supposed to be a fishing expedition.”
“Between every single one of those projects, we have the responsibility of thinking what is too much, what is too far,” Schenk said, “and it’s really a use-case-by-use-case basis.”
Nearly every speaker acknowledged the vast potential of predictive analytics that stem from this data collection, just as they all emphasized that it was important to not create tools that make residents' personal information vulnerable. But perhaps the most prevailing idea in these discussions, however, was the notion that we are in the early stages of municipal open data privacy regulations.
Speakers also voiced concern for the future, noting that while dialog may be open and strong among the first generation of smart city residents, people have a way of becoming complacent, and privacy considerations could be forgotten moving forward.
Mattmiller voiced a thought that could maybe sum up the future of the matter: “In this brave new world of IoT, notice of consent is going to be very interesting.”