Managing Public and Private Datasets in Smart Cities

  • Come see us at the #GCTC Global Tech Jam in Portland Sept 11, 2019 at 3:00 for the panel discussion “Building an Open Smart City Platform.”
  • Download the Paper: Published in ACM SCC 2019 by Isaac Potoczny-Jones, Erin Kenneally, and John Ruffing.

The Global Tech Jam is an annual conference focused on bringing emerging technology together to better communities and quality of life. This year, the event is being held in Portland, OR September 10-12th, 2019. Tozny CEO, Isaac Potoczny-Jones will be giving a talk on our work around Smart City privacy protection.  Below is the abstract of his talk.

 

The past year has seen increasing scrutiny of Smart Cities efforts with regard to privacy. Privacy advocates have criticized Smart City data collection, and critiqued specific city efforts that they feel have crossed a line.

Cities struggle with a number of privacy issues. These include how to address third party collection of Smart City data, how cities consume personally identifying information, and how public records laws intersect with privacy concerns.

Public Record Laws

Most datasets that cities collect are subject to disclosure under public record laws, with an obligation to anonymize private information. As the amount and availability of data increases, the ability to cross-reference, correlate, and de-anonymize or re-sensitize data sets also increases. This leads to re-identification attacks that infringe on the privacy of individuals in those datasets, and fosters mistrust in city governments and technology vendors. A fundamental challenge is that open data and privacy interact in complex and unpredictable ways. Some cities allow third parties to collect and manage data in an effort to encourage innovation in the delivery of city services. They simultaneously wrestle with the legal and policy implications, such as privacy and public records law compliance. Unfortunately, this may also have undesirable privacy outcomes depending on third-party use of that data and the city’s role in encouraging its collection.

In this paper, we discuss concrete approaches to smart cities data privacy governance including collection and management. Specifically, an innovative pilot project supported by the U.S. Department of Homeland Security, Science & Technology Directorate aimed at demonstrating how privacy technology can help harmonize data sensitivity risks with intended benefits.