In the words of Michael Bloomberg, former mayor of New York City, "there is no better way to improve the lives of billions of people around the world than to improve the way cities work", but how will this vision of increased connectivity affect the lives of ordinary citizens and what privacy implications does it entail?

Picture the scene: you've just about shaken off the excesses of the festive period and you're jogging home after a gruelling day in the office, feeling virtuous. Suddenly you trip and fall, breaking your leg. There is no one else on the street, no buses passing by and no taxis in sight. In agony, you press the panic button on your city safety mobile phone app.

Within minutes a police patrol vehicle arrives, reassures you and escalates the case via the app. Cameras in the region have already detected the incident, and monitoring agencies, recognising it as a medical emergency, alert the nearest hospital and coordinate with the police to call an ambulance. The police initiate a special street-lighting response – a strobe effect to help guide the ambulance to your location – and any smart parking spots in the immediate area are removed from 'Available' status to further reduce unnecessary traffic.

This depiction of the smart city is an alluring vision of the future where everything runs as smoothly as the latest smart phone and where everyday technology such as street lighting, CCTV cameras and smart meters for utilities are all connected, sharing invaluable data online in real-time.

Smart Street Lighting – street lighting as a service

According to the British Standards Institution (BSI), 75% of the 60-90 million street lights in Europe are over 25 years old. Replacing them with LED lamps could potentially halve the energy bill and maintenance costs, giving an ROI in around 6-8 years. With energy-saving initiatives already under way, this upgrade is an opportunity for much more than a replacement of lighting technology: it can become a gateway to adopting a common platform on which to launch a number of critical smart-city solutions.

A good example of this is Glasgow, which has recently received funding worth £24 million from the Technology Strategy Board (now known as Innovate UK) to explore innovative ways of using technology and data to make life in the city safer, smarter and more sustainable. Glasgow has invested part of the funds towards the "Intelligent Street Lighting" initiative in three locations around the city offering several key benefits to its residents:

  • Energy Efficiency - energy efficient LED lighting reduces carbon footprint and long term operation costs.
  • Operations Centre Integration - real-time data feeds directly in to the operations centre, allowing for the manual brightening of lighting when required.
  • Noise Detection - street disturbances can be monitored using noise detection, with real-time CCTV and coordination of community safety responses.
  • Movement Detection - movement sensors allow the city to monitor footfall and traffic flow, generating important data to aid in city planning.
  • Air Pollution Detection - air pollution monitoring can be integrated into the street lighting network, giving the city up-to-date and accurate data to help with planning and pollution reduction.
  • Wi-Fi Service - the lighting network allows for the provision of a limited Wi-Fi service for use by vital city services and citizens.

Staying with our trusty street lamps for now, Cisco and Philips are developing new concepts and innovations around network-enabled LED street lighting and media content in cities such as Amsterdam. Together they have launched a pilot to provide an "enhanced citizen experience" by applying "design thinking" to develop the potential for on-demand, usage-based service provision, revenue-generation opportunities and public-private business models for networked city services. They see the future of public lighting as a transition from analogue to digital, from fluorescent light bulbs to sensor-equipped smart light fixtures – all connected to an energy grid and "talking" to other systems in real-time.

What about our data?

Developments of this nature raise significant data privacy issues. While much of the information collected will be relatively anonymous given that it will be analysed in the aggregate, typically in the form of people or traffic flows derived from multiple homes and sources, as the systems reach down towards specific buildings, dwellings and people, the data becomes more granular and the privacy risk increases, as does the need for public trust and heightened security measures.

It is clear that ever greater value can be derived by using city lighting networks for a variety of connected services. Rather than relying on static demographic data or expensive, custom on-site surveys to ascertain patterns in vehicle and pedestrian traffic, city governments will be able to derive insights from Wi-Fi and/or cellular network data. Indirect identifiers about citizens – increasingly viewed as personal data in the UK – and location data will be made available to service providers, thereby increasing the privacy risk profile of smart city projects.

LinkUK – farewell to the iconic British phone box and our privacy?

On the other side of the Atlantic, New York has seen the roll out of LinkNYC kiosks by Intersection, the Google/Alphabet-backed start-up, aimed at providing IoT-based 'smart services' such as free ultrafast Wi-Fi on the move, landline and mobile phone calls, mobile device charging and access to maps, directions and local services. An unforeseen, and slightly unfortunate, side effect of this free public Wi-Fi has been a somewhat different "enhanced citizen experience" involving hours of X-rated website browsing by certain passers-by as part of their free internet offering… Needless to say, the UK BT equivalent (due to hit our high streets later this year – alas, the iconic red phone boxes of our streets may be a thing of the past) will be deployed without the free web browsing capabilities to avoid the levels of loitering experienced in the Big Apple.

As well as providing a variety of services to the public for free from its two 55" digital displays, the sleek, ultramodern LinkUK kiosks will feature sensors for capturing real-time data relating to the local environment, including air and noise pollution, outdoor temperature and traffic conditions, all funded by revenues from advertising at no cost to the taxpayer – no immediate financial cost that is. How our personal data will be used by the kiosks and the risks from hackers (arguably cybercriminals would only need to rename their personal wireless network to the same name as the LinkUK network to steal users' data) is a real concern, particularly given the plans for LinkNYC kiosks to be used to "connect lighting systems, smart meters, traffic networks, connected cameras and other IoT systems". Experts agree that in many cities there is still no clear cybersecurity leadership. In light of the new Network Information Security Directive, cities may wish to follow the lead of big businesses in establishing Computer Emergency Response Teams to handle attacks or vulnerabilities, ensure vendors fix such flaws and run penetration tests to check their own systems.

As data is shared between increasing numbers of sensors and city services and stored in the cloud (which is likely to provide the open architecture of smart city digital platforms), concerns will naturally emerge over the use of data for a different purpose than that for which it was first obtained and whether personal data is being accessed, stored and processed appropriately and securely (as is required by the current EU Data Protection Directive and under incoming EU data protection legislation). Controls may be necessary to identify what data can be processed in which countries. Without clear safeguards in place, public confidence in the services being developed may suffer and this will pose a significant risk to the acceptability of smart city projects.

The BSI has developed a standards strategy for smart cities in the UK, which includes PAS 182 (smart city data concept model) and ISO/IEC 29100 (privacy risk management from a framework-level perspective) to provide assurance to potential users that the risks are being managed appropriately. In adopting a standard framework for acquiring, sharing and publishing data and considering privacy risks at design stage, BSI has effectively carried out a broader privacy impact assessment. As a mandatory requirement under the new General Data Protection Regulation, this will not only help to ensure compliance with UK data protection laws, but it will also help avoid expensive retrofits and will be more cost-effective in the long run.

Illuminated thinking

We have only just begun to explore the benefits that modern technologies and new business models can bring to our cities through real-time data sharing and analytics. However, for technology vendors to truly achieve that 'light-bulb moment', they need to work closely with city governing bodies and 'plug into' the trust and engagement of consumers, working within a legislative framework that is up-to-date with the latest technological developments. This kind of connected thinking could really light up our cities of the future.