This article was first published in Estates Gazette, May 2016
Faye Harrison considers the data concerns raised by increasingly technologically advanced offices, and whether privacy is a barrier to innovation
Over the past couple of years, we have seen smart commercial premises take off, with wholly connected buildings such as Amsterdam’s “Edge” leading the way for innovation. Beyond just using smart-meters or connected security cameras, these buildings contain tens of thousands of sensors integrated together to create a fully connected digital framework within which the building is managed. The sensors detect everything from motion, light and temperature to humidity and infrared, thereby informing the operation of the entire ecosystem of the building.
Everything is automated
Through a simple mobile app, individuals living and working in these buildings can connect to a highly sophisticated network, enabling them to manage their day from start to finish. For example, on arrival at the office, sensors will recognise an employee’s car number plate, identify them via a unique ID and direct them to a parking space. The coffee machine will remember that they take a large macchiato and the app will guide them to a suitable desk, while the surrounding temperature and lighting is continually monitored and adjusted in accordance with their preferences. For meetings, the location of the various participants will be analysed to pinpoint a mutually convenient meeting space.
Obvious benefits include minimisation of energy wastage and learning from occupation and usage patterns to inform efficient building operation. However, consider the huge volumes of personal data being collected on a daily basis – precise location, eating and drinking habits and interactions with other individuals connected to the system. Sensitive personal data (eg data relating to race, health or sexuality) may also be collected, for example if an individual regularly visits a prayer room or uses disabled access routes.
While the advocates of connected buildings may argue that data is used on a purely aggregate basis to manage matters such as building sustainability, there is clear scope for intrusive use of personal data, potentially enabling detailed monitoring and profiling of individuals’ movements, behaviours and preferences.
Of course, data protection laws exist to protect individuals against such intrusions into their privacy. Those responsible for collecting and processing personal data and making decisions regarding its use (data controllers) – which can include landlords and tenants – are required to comply with these laws.
Processing of personal data by smart devices will generally require the freely given, informed consent of the individual. If sensitive personal data is collected, explicit consent will be required. Individuals will need to be informed of the data that is being collected, the purposes for which it is used and who it will be shared with, in order to be able to give such consent. This may be difficult to achieve in a smart-building environment, particularly if the capabilities of the various technologies and potential scope of data collection/sharing is not fully understood (or controlled).
Personal data can only be used (and shared) for the purposes for which it is obtained. For example, if an individual’s location is collected in order to allocate the nearest desk-space, this information should not then be used to monitor individual movement patterns throughout the day. Data collection should also be kept to the minimum required for the relevant purpose – while it may be necessary to record an individual’s coffee preference in order to provide the perfect cup, it is not necessary to monitor the number of cups they drink per day for this purpose. Data controllers will therefore need to be careful about “scope creep”, as well as maintaining control over the dissemination of the data.
Personal data must not be kept for longer than is needed for the relevant purpose – data controllers will therefore need to maintain strict retention and destruction policies. For example, it might be necessary to record an individual’s number plate to allocate a parking space and manage car park security. However, unless there is a reason to retain the data (for example, during investigation of a security incident in the car park), it should be permanently destroyed within a reasonable timeframe.
Data controllers are also required to have appropriate security measures in place. This may be difficult where vast amounts of data are being shared by an array of devices across a complex, wireless network, where the level of security will only be that of the weakest component.
It is also worth noting that data protection legislation imposes fairly strict requirements for data to be considered truly anonymous; therefore analysis of aggregate data should only be carried out if these requirements are met. In addition, there are a number of other principles to be met to ensure compliance with applicable privacy legislation, including that data is kept accurate and up to date, and allowing individuals access to their personal data. Again, this may be tricky where large amounts of data are collected daily.
Privacy vs innovation
In reality, connected buildings will only reach their full potential if mass volumes of data can be shared between multiple devices operated across open networks. Yet privacy constraints clearly have the ability to stifle this. Looking ahead, the European Union’s upcoming introduction of the General Data Protection Regulation (expected in 2018) will bring further requirements, including an obligation to accommodate privacy principles when developing new technologies, more onerous consent provisions, and significantly increased fines for non-compliance.
On the other hand, data protection compliance can have commercial benefits for those developing and using these new technologies. In particular, if an organisation can demonstrate a good level of compliance, it will earn the trust of the individuals whose data is processed, potentially encouraging agreement to wider use of their personal data.
Ultimately, a balance needs to be found between supporting innovation and ensuring the privacy of individuals. While innovators need to find ways to work within the boundaries of the law, ensuring that privacy is borne in mind as new technologies are developed, the regulators need to take a commercial and risk-based approach to interpreting the law to avoid completely stifling innovation.