Law in the Internet Society

Data Privacy: From Smart City to Smart Democrac(it)y [Revised]

-- By NamrataMaheshwari - 06 Dec 2019

Urban spaces are on the cusp of metamorphosis. The development agendas of various governments represent a kind of coming-of-age tale of smart cities, widely heralded as the next stage in urbanism. From $80 billion in 2016, the spending on smart city technology across the globe is expected to rise to $135 billion by 2021.

A smart city harnesses information and communication technology alongside data analytics tools to improve government service as well as the citizen’s quality of life. Imagine a technology that enables a two-way dialogue between the citizen and her surroundings and you have an accurate picture of a smart city.

Data Privacy and the Smart City Citizen in a Democracy

We know from past experience with the “smart” prefix that what follows is typically a leap in innovation, a dramatic increase in convenience and an extent of surveillance and data collection that we often do not fully fathom at the beginning. Lack of privacy is inherent to smart designs and smart cities are no different. Often referred to as “surveillance cities”, they can collect behavioral data on an unprecedented scale through the ever expanding Internet of Things where every object – from garbage cans to LED street lights – is connected to the internet.

The justification for recording every motion you make and preference you demonstrate is often that the equipment is necessary to optimize city functions for safety, sustainability and efficiency. While the efforts are in fact tethered to these goals, they also raise significant policy concerns with respect to data privacy. Simply put, since constant surveillance is possible, you may not know whether you are being recorded visiting the doctor, who controls the data on your visit and for what purposes it may be used.

Citizens are at the center of democracy and smart cities. And so, digital transformation capable of redefining their lives should be implemented in response to their rights and freedoms, instead of treating them as mere passive recipients.

Participation, Autonomy, Transparency and Security as the Pillars of Policy Making

Participation and deliberation are prerequisites to the democratic process of city-building. The public should be consulted on both the kind of projects that should be implemented and the manner in which such implementation should take place. Community engagement, through online town halls or budgeting schemes inviting suggestions and feedback as in Paris, should be used actively to shape projects. Such initiatives would assist in the success of smart city projects by making citizens feel invested and committed, and ensuring that urban schemes are responsive to the interests of key stakeholders.

Alongside continuing public input, there are three other elements – autonomy, transparency and security – that should be considered as the four pillars on which the policy infrastructure governing data privacy in smart cities must be built. Autonomy implies the ability to make free and informed decisions about how much of your data is collected and what it is used for; and where such an ability to consent is limited, it implies control over your actions with the knowledge of such limitation. Transparency refers to knowing exactly how data collection and analysis works. And security means having strong safeguards in place to prevent misuse of data.

These pillars are inseparable because you can only make an informed and independent choice (autonomy) if all the relevant information is made available in a comprehensible manner (transparency) and you are convinced that your data will be managed with the highest standards of ethics and accountability (security). But in the context of smart cities, a balancing act becomes necessary. Individual autonomy is inevitably limited in a city with mass surveillance infrastructure. You may be able to prevent your smartphone from accessing your location or opt-out of having your data collected by private companies, but you cannot make lampposts with cameras and censors work differently for everyone on public roads. And that is why transparency and security become uncompromisable.

Practical infeasibility is not a valid defense for undermining the importance of allowing each individual to exercise control over her data. Transparency and security would serve as shields protecting the vulnerability created by the limitation on autonomy. Transparency, in a meaningful form unlike the inscrutable privacy policies we see today, would allow for: i) a clear distinction between services for which individual consent on data collection is possible and those for which it is strictly not; and ii) complete autonomy over how you choose to act knowing the extent of your exposure at a given place. Yoked to such transparency is a framework of security through which: i) the purposes for which your data is used is limited and known; ii) you know how and where your data is secured and protected from the misuse that has so far proven to be inevitable; and ii) operators of a smart city are made accountable at every step.

The adoption of these principles as pillars would be laying the foundation for an architecture of devolution. In recognizing the citizen as the ultimate beneficiary, such an architecture serves the related purposes of enhancing autonomy and decentralizing decision-making. A democratic smart city will be one where the citizen - the farmer, the businessman and the rickshaw driver - plays an active role in the operation of the city, not merely by providing consent, but by being in a position to actively contribute to the manner in which the inflow and outflow of data occurs. This is only the only meaningful manner in which the stated goal of smart cities of optimizing the citizen’s day to day life can be achieved.


Data privacy concerns in smart cities need to be addressed through a regulatory framework created in anticipation of technology instead of on its heels. Only then can the purpose of striking the precious balance between fueling innovation, ensuring accountability and protecting democratic values be achieved.

You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" character on the next two lines:

Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.


Webs Webs

r4 - 24 Jan 2020 - 17:04:33 - NamrataMaheshwari
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM