- Even as many cities adopt new technologies, they often lack basic governance policies around data privacy, accessibility and cybersecurity, according to a new report from the World Economic Forum (WEF).
- The report, based on detailed surveys with officials from 36 global cities, found that less than a quarter conduct privacy impact assessments when deploying new technology, while 80% acknowledge their legal obligations for privacy and data protection.
- The G20 Global Smart Cities Alliance, which uses WEF as its secretariat, is crafting a broad governance policy for government leaders and technology companies. The goal is to create a policy roadmap around five principles: equity, inclusivity and social impact; security and resilience; privacy and transparency; openness and interoperability; and operational and financial sustainability.
Local governments have been racing to become the next "smart city," introducing new technology and digital services. Those advancements can be helpful for citizens and policymakers — especially during the pandemic when in-person services were suspended — but also carry risks if they’re not managed properly, said report author Jeff Merritt, WEF’s head of internet of things and urban transformation.
"It’s a bit shocking when you see what some cities aren’t thinking about. They move so fast that they’re not thinking about clarity of accountability or responsibility,” said Merritt, who was previously the director of innovation for New York City. "Imagine if you taught a child to read books without first teaching them letters. A process that helps us focus on the basics can bring to light some of the fundamentals that might be skipped."
A better governance structure, Merritt added, creates more accountability and ensures consistency across administrations and technological shifts. A lack of guardrails on data privacy and security has delayed or halted some major smart city projects. Notably, Sidewalk Labs canceled its planned Quayside project on the Toronto Waterfront due to "economic uncertainty" following the onset of the pandemic. The project's cancellation also came after citizens and watchdogs raised concerns about how residents’ data would be stored.
"Cities today lack the basic building blocks to safeguard their interests and ensure the longevity of their smart city," the WEF report concludes.
Two-thirds of cities did not have a written data privacy assessment and less than half had designated officials in charge of privacy. Cybersecurity also remains an area of concern, with most cities lacking a chain of command that gives accountability for cybersecurity and just about half having senior management carry out regular reviews. More than half of cities did not have a written policy to make information and communications products accessible to people with disabilities.
One area of success was open data, where the majority of cities had a policy of making data available for industry and the public, and most had a central data team.
The report used data from two U.S. cities: San Jose, California, and Chattanooga, Tennessee. Mina Sartipi, founding director of the Center for Urban Informatics and Progress (CUIP) at the University of Tennessee at Chattanooga and a partner to city officials on smart cities projects, said her team has worked to engage the public before launching new technology projects. Sartipi’s team is collaborating with the city on a test bed project that uses sensors along a city street, while ensuring no data would be stored over privacy concerns. Eventually, the team replaced cameras with LiDAR sensors that could not detect individual cars or people.
"This reflected a commitment we had from the beginning that we would listen to the community,” Sartipi said. "We look at this as a sandbox and we are learning how to do things better. It’s not always about having all the new technology, it’s about making it work for the community."