Privacy by design: securing a data-driven city


Posted on: November 15, 2019 by Albert Seubers

While each smart city evolves in its own way, what they all share is their critical ability to leverage data to enable people to make better-informed decisions. And with information and intelligence shared extensively between city authorities, third parties and citizens, all this must be done in a way that protects and maintains the privacy of citizens.

Privacy by design

Some time ago, I was involved in a project to collect data from cameras located across a city and analyze it in real time to alert the police and other city authorities of any potential disruption. In designing the solution, we followed the strict principles of ‘privacy by design’, which include only using Minimal Data Sets – that is, not capturing or storing any more data than you need – and always anonymizing data. In this case, the data analytics were applied at the edge (that is, within the camera itself) and people in the city were presented as red dots on a map, with analysis of their movement patterns used to indicate any potential incidents. This ensured that the authorities had the data they needed for rapid decision-making, without invading citizens’ privacy.

Accessing and controlling data

Of course, in a smart– or data-driven – city, the really smart thing is to be able to structure and organize the same data for use for multiple purposes or ‘use cases’. To achieve this, data is collected from multiple sources (such as video cameras, sound detection sensors, waste bin sensors, and so on) and stored in ‘lakes’ of data, with each data lake relating to one specific use case. This means, for example, that if a camera detects a car entering and leaving a parking lot in order to record how long it is parked, it may also collect the car’s vehicle registration number, but this will be stored in a different data lake for a different purpose (such as administering road or vehicle tax).

Collecting and using data in this way requires that data is anonymized either by being analyzed at the edge (as with our video example above) or de-identified when it is in motion (just as with any kind of online money transfer). It also requires access to data to be strictly controlled to prevent any breaches of privacy, such as ensuring that a picture or profile of a person or object cannot be built up over time by assembling individual pieces of data.

Holistic solution

An integrated end-to-end technological solution and governance will address every one of these requirements to ensure the availability, integrity and security of data in a smart city. Artificial intelligence and automation ensure that each data lake is only accessed and used for its intended purpose. Context broker technology ensures that the source and timing of each piece of data is known in order to understand its value, meaning and urgency. Secure Internet of Things services ensure the flow of data across the connected city. Edge computing provides enough power to process and analyze data out in the network. And identity access management solutions, including two-factor authentication, ensure that access to data is strictly controlled with a clear audit trail.

Changing perceptions

To deliver this integrated solution, an end-to-end cyber security strategy is essential to prevent cyberattacks and data breaches. Yet it’s not just cyber incidents that need to be pre-empted and managed: events such as power outages and accidents can affect data flow, which is why cities need a bridge view (from a central  operations room) of their sensor networks to gain visibility of how and where all data points are working.

Inevitably, discussions by city leaders, technology partners and others are ongoing about what’s possible when it comes to maximizing the value of data within accepted ethics and privacy limits. Yet with the right technological expertise and infrastructure, it is perfectly possible to ensure privacy by design. And if citizens see the value of leveraging data while knowing that their privacy is protected, this can shift public perception to see the benefits of devices such as surveillance technologies and accelerate the evolution of the truly data-driven city.

Share this blog article


About Albert Seubers

Director Global Strategy IT in Cities and member of the Scientific Community
Albert H Seubers (1959) graduated at Agricultural University Wageningen in 1985. Ever since he worked in IT consultancy focused on governmental topics. He worked for Dutch Telecom implementing the first fiber networks in Netherlands, for CMG as director in the Public Sector Service group, for HP as Public Sector executive before he joined Atos. Since 2011 he is Director Global Strategy IT in Cities for Atos. The Atos MyCity program focusses on the virtuous circle of managing a city on all aspects as safety, citizen services, employment, education, social and health care, transport and traffic, sustainability and governance and economics. Engaging citizens and business communities to create and maintain a sustainable, safe and prosperous city is the key message in Atos MyCity. In his role he works with cities all over the world to help them define their strategy often referred to as a Smart City Strategy or find solutions to support their strategy. Albert is a strong believer in the fact that data is enabler for successfully creating the city of the future.

Follow or contact Albert