In the latest in our series on Smart Cities, Marko Balabanovic and Paul Galwas focus on Environment to Consumer services and the use of spatio-temporal data. They consider that such information poses privacy risks, since people’s movements and interactions are so predictable and that cities that embrace privacy principles can build citizen trust by transparently addressing public concerns over data sharing in their ecosystems of third-party service providers.
What makes a city 'smart' in the eyes of the citizen? It is in large part the new Environment-to-Consumer (E2C) services that are enabled by data about people and services in the city, and the better decisions made as a result of people being readily able to access this data.
More than 50% of the world's population live in cities (UN 2014), with city growth fuelled by non-linear scaling in socioeconomic benefit and infrastructural efficiencies (West 2014). Global mobile data alone is forecast to grow at 61% annually to almost 16 exabytes per month by 2018 (Cisco 2015).
So to make better decisions, people will increasingly benefit from autonomous data processing that combines data from ever-more distinct and diverse sources. At the same time, this growing volume and complexity of data about and for citizens will exacerbate issues of privacy. It is a growing concern and managing the risks is a complex challenge, yet smart cities have an opportunity now of differentiating their citizen services by adopting a strong privacy stance.
The Value of Location
As people move around the city their mobile devices generate data linked to locations they visit, and the paths they travel. As citizens we are especially interested in our and our friends' mobility around the city, since time is increasingly of the essence (Schläpfer, et al. 2014), and travel is significant (Marchetti 1994).
Our locations, and the trajectories we follow, generate valuable and useful information around which new markets are forming. Those operating city services, such as transportation, seek more granular and timely information about how their customers move around the city. New services are emerging based on this location and path information. We call these Environment-to-Citizen (E2C) services. They give the citizen increasingly valuable information about what's happening in their vicinity, and along the routes they may choose to travel (Department of Business, Innovation and Skills 2013).
The city might provide the citizen with environmental data at key locations, traffic information along key routes, and travel information such as drive times and routing to help the citizen move around the city. In addition the citizen might value the ability to feed back to their friends and the city authorities information linked to his or her whereabouts and trajectories.
Consumer digital service offerings increasingly have to dovetail into the specifics of each person's life in parallel to many other digital services (Ng 2014). Location in the city is key to the E2C apps the citizen uses, and these apps must meld seamlessly into the changing landscape of other (non E2C) apps that the citizen uses.
From a digital perspective, the city is a domain of connected people and things. It distinguishes itself from other objects on the Internet by having a spatio-temporal context that corresponds to the topological objects in the city: points, connections and flow.
People's movements in a city are surprisingly predictable and the interactions between people and places are highly traceable. For example, most people travel in close proximity to their home locations (Brockmann, Hufnagel and Geisel 2006) while few make frequent long journeys, and almost all seem to follow the same universal probability distribution, leading to more than 90% average predictability in users' mobility (Song, et al. 2010).
There is also a strong correlation between mobile callers' location and the people they call often. Individuals with close network proximity and high tie strength typically follow similar trajectories (Wang, et al. 2011) so we can correlate data of their movements and social interaction networks.
Tracking people's movements in a city raises complex privacy concerns: there are legal compliance requirements, yet technical guarantees of privacy are theoretically impossible. To realise the massive potential of E2C services, availability must be tempered by considering the risks of compromising privacy of personal data.
Privacy regulations concern both data that directly identifies a living individual, and data that can be linked to an individual: personally identifiable information. Linkage of disparate data presents a probabilistic risk of exposing an individual, and since 'big data empowers through surprise' (Lane, et al. 2014) managing this risk is a growing challenge.
Since people's movements are especially predictable, their spatio-temporal data is at grave risk from linkage, especially given the strong correlation between their social interactions and their spatio-temporal information.
Who will own the data?
City governments assume they will control smart city services, but we predict the E2C market will inevitably be dominated by global consumer service providers for two major reasons.
First, the primary data about people and their location is gathered by the providers of popular consumer applications and services, such as maps, taxi services, transport planning, fitness tracking. It is these consumer services that also link location data to people's identities.
Second, there are network effects that will lead to winner-take-all markets (Vázquez, Pastor-Satorras and Vespignani 2002). The more people use the services, the better they become, and the more valuable the data they hold, thus leading to even more usage of the services. For example, in route planning, predicted journey times become more accurate and routes more optimal as you have denser tracking information. Taxi services are a two-sided marketplace: the service with the most users attracts the most drivers and vice versa.
Experience shows that such Internet services rapidly achieve dominant and global market penetration, with customer bases that are orders of magnitude greater than the populations of most cities. So a city cannot hope to compete alone in the E2C space: it must partner.
While those cities that leverage E2C services must consider the privacy of data they originate and use, the market dynamics mandate that they also consider the impact of these independent, global services – and the data that they hold – on their citizens.
Here the privacy concerns are even less tractable. For example, chains of companies may hold data, across multiple jurisdictions, each with distinct – often radically different - privacy regimes.
Companies may have radically different motivations in offering E2C services to those of a city. For example, a company's business model is often tied to the value of accumulating data. This data can be sold to cities, but it also has value to other third parties to use for more targeted advertising or personalised products and services.
The city must strike a balance.
On the one hand, people already freely share a (perhaps) surprising amount of data via social media, eg complete GPS trails for completed runs, or detailed sleep patterns from fitness tracking bracelets.
On the other hand, people increasingly express concerns about data leaks and unexpected usages of their data. A well-known example involved Uber's now-removed blog posting that mined taxi path data to find users who had 'brief overnight stays' (or one-night stands) (Bessette 2014).
There is space in the market for new E2C services that are differentiated by their rigorous treatment of personal data, to increase trust – and therefore value – to citizens. City leaders have the opportunity – and arguably an obligation - to broaden and deepen citizens' trust by transparently and emphatically adopting such a position. They can be guided by the principles of Privacy by Design, which have been embraced by the ICO, and they can apply these principles especially in leveraging privacy enhancing technologies to mitigate the risk around location and trajectory data (Renso, Spaccapietra and Zimanyi 2013). The Digital Catapult seeks to encourage these through its practical engagement with stakeholders.
Marko Balabanovic is Innovation Director at Digital Catapult (http://www.digitalcatapultcentre.org.uk/).
Paul Galwas is Security Architect at Digital Catapult
Bessette, Chanelle. 'Does Uber Even Deserve Our Trust?' Forbes, November 2014.
Brockmann, D, L Hufnagel, and T Geisel. 'The scaling laws of human travel.' Nature 439, no. 7075 (2006): 462-465.
Cisco. 'Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update 2014–2019.' February 2015. http://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/white_paper_c11-520862.html.
Department of Business, Innovation and Skills. 'Smart Cities: Background Paper.' October 2013. https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/246019/bis-13-1209-smart-cities-background-paper-digital.pdf.
ICO. 'Privacy by Design.' Information Commissioner's Office, UK . http://ico.org.uk/for_organisations/data_protection/topic_guides/privacy_by_design (accessed May 20, 2015).
Lane, Julia, Victoria Stodden, Stefan Bender, and Helen Nissenbaum. Privacy, Big Data, and the Public Good: Frameworks for Engagement. Cambridge University Press, 2014.
Marchetti, C. 'Anthropological Invariants in Travel Behavior, Technological Forecasting and Social Change.' International Institute for Applied Systems Analysis, Laxenburg, Austria. 1994. http://www.cesaremarchetti.org/archive/electronic/basic_instincts.pdf (accessed May 20, 2015).
Ng, Irene. Creating New Markets in the Digital Economy: Value and Worth. Cambridge University Press, 2014.
Privacy by Design Centre of Excellence. '7 Foundational Principles.' Information and Privacy Commissioner, Ontario, Canada. http://www.privacybydesign.ca/index.php/about-pbd/7-foundational-principles/ (accessed May 20, 2015).
Renso, Chiara, Stefano Spaccapietra, and Esteban Zimanyi. Mobility Data Modeling, Management and Understanding. Cambridge University Press, 2013.
Schläpfer, Markus, et al. 'The scaling of human interactions with city size.' J. R. Soc. Interface 11, no. 98 (2014).
Song, C, Z Qu, N Blumm, and A-L Barabasi. 'Limits on human mobility prediction.' Science 327, no. 5968 (2010): 1018-1021.
UN. 'World Urbanization Prospects The 2014 Revision - Highlights.' 2014. http://esa.un.org/unpd/wup/Highlights/WUP2014-Highlights.pdf.
Vázquez, Alexei, Romualdo Pastor-Satorras, and Alessandro Vespignani. 'Large-scale topological and dynamical properties of the Internet.' Physical Review E 65, no. 6 (July 2002).
Wang, D, D Pedreschi, C Song, F Giannotti, and A-L Barabasi. 'Human mobility, social ties, and link prediction.' Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining. 2011. 1100-1108.
West, G. 'Scaling: The surprising mathematics of life and civilization.' In Foundations & Frontiers. Santa Fe Institute, 2014.