In this episode of the Smart City Podcast, I had a really interesting conversation with Nicole Stephenson, a Privacy Consultant originally from Canada but now based in Ipswich, Queensland. Nicole shares why privacy is such an important part of the Smart City conversation, and one that currently isn’t being embraced enough across the board. We discuss how Australia is currently embracing the Smart City concept and how we could still have a data driven and tech-enabled community that balances the privacy and security of citizen data.
Nicole explains some of the projects she’s currently working on, including her role with the Internet of Things Security Institute, an Australian Not-For-Profit organisation in the privacy space. We also talk about privacy legislation in Australia and across the world, such as GDPR — Europe’s General Data Protection Regulation, and what that means for the Smart City space here and abroad. Nicole explains the biggest mistakes a Smart City project or agency can make when it comes to privacy and why open data isn’t actually in opposition but can be enabled by privacy policy. We finish our conversation discussing the emerging trend of the changing views about privacy across different groups and generations in this Smart City space and the context of the 2018 digital world. As always, I hope you enjoy listening to this episode as much as I enjoyed making it.
Listen here:
>What we cover in this episode:
- Nicole’s background and her passions
- What a Smart City means to Nicole and why privacy is so important to the concept
- How Australia is currently embracing the Smart City concept
- Some projects Nicole is working on in the privacy space
- Privacy legislation and what it means for Australian Smart Cities
- The biggest mistakes that are being made by agencies and organisations when it comes to privacy
- How open data and privacy policies interact
- The changing views on privacy in this digital world
Quotes:
Because Smart Cities are, to a large extent, about having and using and sharing data, which includes the personal information of citizens within those cities, the concept has always made fairly loud pings on my privacy radar.
Privacy concerns are going to pop up in relation to Smart Cities, they’re either going to be real (where there’s an actual risk) or they’ll be perceived (where there’s a worry or fear within the community)…I think both have the power to derail community trust.
Smart Cities are all about using the data of our urban environment and our citizens to make life better, more connected, more accessible, faster, cleaner, safer and sustainable into the future.
Without adequate consideration of privacy, which for our cities is not just a normative matter, it’s actually one that’s based in law, then there’s a real concern that privacy rights of citizens will be overshadowed by the desirability of using cost effective, sparkly data-driven tech.
The premise of the Smart City is that it helps us leverage technology within our cities for social good: sustainability, resilience, equity. …I think that because so many large cities are struggling to meet the challenges of sustained urban growth and regional centres are struggling to attract external investment and drive prosperity or liveability for their communities, Smart Cities offer an opportunity to improve lives. Privacy though is exceptionally important because…it ensures that those making deicions in relation to Smart Cities have the full picture, that they understand we’re not just dealing with data here but we’re dealing with data that’s about a person and because of that the person is going to have expectations about what happens to that data over its life cycle, from the time that it’s collected right through to the time that it has finished being used and it’s destroyed.
Communities want to, in fact I think they need to, engage about how they live and how to make life better…what I’d like to see now though is a movement toward a model more like what we’ve seen coming out of Seattle Washington, where the Smart City is supported by the services of a person called the Chief Privacy Officer. That’s a critical role. …So there can be a great data-driven tech-enabled community balanced by the frank and fearless advice of a privacy professional who is embedded and who is concerned with the protection of citizen data in accordance with established privacy rules.
It’s important that all Australian municipalities remember that they are required to comply with the privacy principles that are set out in the legislation that is relevant in their state.
When cities intend to do something that involves personal information…they need to do that in accordance with the rules around how personal information must be collected, used, stored or secured, when it can be disclosed or shared and so forth.
Successful Smart City initiatives will absolutely rely on an integrated approach and I think a key step is going to be [removing] silos…cities aren’t going to become Smart in isolation.
In both the Smart Cities and IOT spaces, I feel that tech is far outpacing critical thinking in terms of privacy. With Smart Cities, I do see a lot of play in the cybersecurity arena, as in how do we secure our tech and how do we secure the data we’ve harvested, however I’d say the complementary privacy debate is still largely missing.
[The biggest mistake is] not recognising that we have privacy laws in place that have established the minimum benchmark that cities need to set in terms of protecting personal information through its life cycle.
I don’t think open data and privacy are competing, I think that they are different things and they each can be enabled by the other…I do think though that it requires some consideration and an understanding of, for example, what is personal information, to ensure that that information at a particular level of detail isn’t made available for the world at large.
The GDPR is the European Union’s General Data Protection Regulation and that is a really exciting development in privacy law from my perspective because it sets the benchmark really high for the collection and handling of personal information.
Data collection and sharing that’s necessary for operating Smart Cities does raise concerns about privacy and security of community information, personal information…it’s not as exciting as cool tech when it comes to a talking point though. So I find that [it] gets far too little air time and I’d like to see that change.
Links
The Future of Privacy Forum — Smart City Tool
Internet of Things Security Institute
Connect:
Find the full show notes: thesmartcitypodcast.com
Connect with Nicole at groundupprivacy.com.au
Connect with me via email: hello@mysmart.community
Connect with My Smart Community via LinkedIn or Twitter and watch on YouTube
Podcast Production by Perk Digital
Outstanding; thank you very much for your combined efforts on this ultra critical topic, that transcends even our Smart, Safe Cities focus, and extends into the broader context of universal human rights.; because we are really seeking not just Smart Cities – but Smart NATIONS, and a Smart WORLD. The bleakest future is one resembling the “identity genocide and pogroms” like those taking place in Western China today; and the brightest future is the Privacy awakening such as that taking place in San Francisco with the Facial Recognition notice, and the ongoing efforts of yourselves, and the heroic role of such institutions as Citizen Lab in Canada and elsewhere. Privacy is inseparable from IoT Security and IoT Security is inseparable from Safe Smart Cities.