With new tech comes mounting data on citizens and the growing potential for exposure. And while technologies jump ahead, laws protecting data and privacy often lag behind.
“We’re entering what we call the ‘creepy gap,’” said Kelsey Finch, policy council for the Future of Privacy Forum and moderator for a Thursday panel on how security and privacy are factoring into smart city programs at Smart Cities Week 2017 in Washington, D.C. “That’s between technology racing ahead and laws are too far behind to even see at this point. But social norms [around privacy] are catching up, and we haven’t had the conversations yet about what the technology means [for privacy] in a public space.”
While conversations persist around what facial recognition on the latest iPhone might mean for privacy, Finch argued that, for the most part, people who are used to enjoying a particular amount of anonymity don’t yet understand all the ways that their activity and identity data is being captured, used and shared through the tech ecosystem.
“As they learn, there is going to be a lot of fear and that instinctive ‘creeped out’ feeling,” said Finch.
Most likely, people will begin to develop new social norms that allow them to cope with the level of technology that’s becoming ever-more present in cities while laws and policies catch up. In the meantime, it’s important for local governments to begin engaging citizens in talks about what the technologies might mean for privacy and security as well as help them to ensure that their needs for both are being addressed and met as new tech enters the public sphere.
Moreover, with disparate privacy and security standards throughout the country, it’s important for each municipality to understand what its particular community’s expectations are in order to address them.
— Juliet Van Wagenen (@Juliet_Tech) October 5, 2017
“We need to begin having those conversations proactively with communities,” said Finch. “It’s really important to start engaging people early, soon and often and to re-evaluate as we develop those norms.”
3 Ways to Engage Community on Privacy
Beginning these kinds of talks can be a daunting process, however, particularly as local governments seek to reassure and inform the community without alarming citizens that their privacy may be compromised.
Jim Loter, the director of digital engagement for the city of Seattle, noted that communities can take a three-pronged approach to effectively engage citizens on discussions around privacy:
Begin with Transparency — Cities can begin by simply making information on how technology may impact privacy available to citizens via their websites or other means. He recommended offering both “a high-level summary and a deep-level dive,” so that anyone that wants to learn more can. “We don’t typically do a great job of even just opening the kimono and letting people know what’s going on, what could possibly go wrong, what are the specifications that we’re working under,” said Loter.
Communicate the Information Effectively — After the communication is out there, governments should seek to maximize their reach by crafting all of the resources necessary to include all corners of the community, including non-English speakers or those who have low digital literacy.
Foster Effective Community Engagement — The last step is to create platforms for a multiway flow of dialogue.
“This can get tricky because, if they are not handled effectively, these topics are ones that people feel very passionately about, which can cause those forums to go a particular way on a particular topic that is not useful to anyone,” said Loter.
While Loter admitted that Seattle is still looking for better ways to craft these forums and create spaces for these conversations to happen, both in person and digitally, he noted that being prepared and running a structured conversation can help get the word out without alarm.
“Because issues around privacy do trigger such passions in people, having a good structured format in which to frame the issues is key,” said Loter.
The Need for Inherently Anonymous Systems
While these conversations are an important part of adopting current technologies in the community, particularly those that gather large amounts of data on citizens, Loter said that the real need is for technologies that can help to eliminate privacy risks altogether.
“We’ve certainly acquired some technologies that only keep raw data for 30 days or even less, but the window of opportunity for the raw data — whether it’s video footage or anything else — is there. And as long as it’s there, there’s a risk to the public, to us, and in a lot of cases that data is subject to public disclosure,” said Loter. “We would be better off if we just didn’t have it in the first place.”
To this effect, Seattle is working with a team of electrical engineering graduate students at the University of Washington to design and develop an Internet of Things sensor in a way that it never collects personally identifiable information.
“Is it possible to build a smart city technology from the ground up with privacy in mind?” asked Loter. “More than anything, that’s what we need.”
Read more from StateTech’s coverage of Smart Cities Week 2017 here.