Privacy, security and data protection in smart cities: a critical EU law perspective

Research output: Contribution to journalArticle

Abstract

"Smart cities" are a buzzword of the moment. Although legal interest is growing, most academic responses at least in the EU, are still from the technological, urban studies, environmental and sociological rather than legal, sectors and have primarily laid emphasis on the social, urban, policing and environmental benefits of smart cities, rather than their challenges, in often a rather uncritical fashion . However a growing backlash from the privacy and surveillance sectors warns of the potential threat to personal privacy posed by smart cities . A key issue is the lack of opportunity in an ambient or smart city environment for the giving of meaningful consent to processing of personal data; other crucial issues include the degree to which smart cities collect private data from inevitable public interactions, the "privatisation" of ownership of both infrastructure and data, the repurposing of “big data” drawn from IoT in smart cities and the storage of that data in the Cloud. This paper, drawing on author engagement with smart city development in Glasgow as well as the results of an international conference in the area curated by the author, argues that smart cities combine the three greatest current threats to personal privacy, with which regulation has so far failed to deal effectively; the Internet of Things(IoT) or "ubiquitous computing"; "Big Data" ; and the Cloud. It seeks solutions both from legal institutions such as data protection law and from "code", proposing in particular from the ethos of Privacy by Design, a new "social impact assessment" and new human:computer interactions to promote user autonomy in ambient environments.
LanguageEnglish
Pages28-58
Number of pages31
JournalEuropean Data Protection Law Review
Volume2
Issue number1
StatePublished - 15 Mar 2016

Fingerprint

data protection
European Law
privacy
security industry
threat
Internet
personal data
interaction
social effects
privatization
EU
autonomy
infrastructure
regulation
Law
lack

Keywords

  • privacy
  • smart cities
  • data protection
  • internet of things
  • privacy by design
  • HCI
  • social impact asessment

Cite this

@article{9bc84854cc0d4b779f2cc2b4570c7a8c,
title = "Privacy, security and data protection in smart cities: a critical EU law perspective",
abstract = "{"}Smart cities{"} are a buzzword of the moment. Although legal interest is growing, most academic responses at least in the EU, are still from the technological, urban studies, environmental and sociological rather than legal, sectors and have primarily laid emphasis on the social, urban, policing and environmental benefits of smart cities, rather than their challenges, in often a rather uncritical fashion . However a growing backlash from the privacy and surveillance sectors warns of the potential threat to personal privacy posed by smart cities . A key issue is the lack of opportunity in an ambient or smart city environment for the giving of meaningful consent to processing of personal data; other crucial issues include the degree to which smart cities collect private data from inevitable public interactions, the {"}privatisation{"} of ownership of both infrastructure and data, the repurposing of “big data” drawn from IoT in smart cities and the storage of that data in the Cloud. This paper, drawing on author engagement with smart city development in Glasgow as well as the results of an international conference in the area curated by the author, argues that smart cities combine the three greatest current threats to personal privacy, with which regulation has so far failed to deal effectively; the Internet of Things(IoT) or {"}ubiquitous computing{"}; {"}Big Data{"} ; and the Cloud. It seeks solutions both from legal institutions such as data protection law and from {"}code{"}, proposing in particular from the ethos of Privacy by Design, a new {"}social impact assessment{"} and new human:computer interactions to promote user autonomy in ambient environments.",
keywords = "privacy, smart cities, data protection, internet of things, privacy by design, HCI, social impact asessment",
author = "Lilian Edwards",
year = "2016",
month = "3",
day = "15",
language = "English",
volume = "2",
pages = "28--58",
journal = "European Data Protection Law Review",
issn = "2364-2831",
number = "1",

}

Privacy, security and data protection in smart cities : a critical EU law perspective. / Edwards, Lilian.

In: European Data Protection Law Review, Vol. 2, No. 1, 15.03.2016, p. 28-58.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Privacy, security and data protection in smart cities

T2 - European Data Protection Law Review

AU - Edwards,Lilian

PY - 2016/3/15

Y1 - 2016/3/15

N2 - "Smart cities" are a buzzword of the moment. Although legal interest is growing, most academic responses at least in the EU, are still from the technological, urban studies, environmental and sociological rather than legal, sectors and have primarily laid emphasis on the social, urban, policing and environmental benefits of smart cities, rather than their challenges, in often a rather uncritical fashion . However a growing backlash from the privacy and surveillance sectors warns of the potential threat to personal privacy posed by smart cities . A key issue is the lack of opportunity in an ambient or smart city environment for the giving of meaningful consent to processing of personal data; other crucial issues include the degree to which smart cities collect private data from inevitable public interactions, the "privatisation" of ownership of both infrastructure and data, the repurposing of “big data” drawn from IoT in smart cities and the storage of that data in the Cloud. This paper, drawing on author engagement with smart city development in Glasgow as well as the results of an international conference in the area curated by the author, argues that smart cities combine the three greatest current threats to personal privacy, with which regulation has so far failed to deal effectively; the Internet of Things(IoT) or "ubiquitous computing"; "Big Data" ; and the Cloud. It seeks solutions both from legal institutions such as data protection law and from "code", proposing in particular from the ethos of Privacy by Design, a new "social impact assessment" and new human:computer interactions to promote user autonomy in ambient environments.

AB - "Smart cities" are a buzzword of the moment. Although legal interest is growing, most academic responses at least in the EU, are still from the technological, urban studies, environmental and sociological rather than legal, sectors and have primarily laid emphasis on the social, urban, policing and environmental benefits of smart cities, rather than their challenges, in often a rather uncritical fashion . However a growing backlash from the privacy and surveillance sectors warns of the potential threat to personal privacy posed by smart cities . A key issue is the lack of opportunity in an ambient or smart city environment for the giving of meaningful consent to processing of personal data; other crucial issues include the degree to which smart cities collect private data from inevitable public interactions, the "privatisation" of ownership of both infrastructure and data, the repurposing of “big data” drawn from IoT in smart cities and the storage of that data in the Cloud. This paper, drawing on author engagement with smart city development in Glasgow as well as the results of an international conference in the area curated by the author, argues that smart cities combine the three greatest current threats to personal privacy, with which regulation has so far failed to deal effectively; the Internet of Things(IoT) or "ubiquitous computing"; "Big Data" ; and the Cloud. It seeks solutions both from legal institutions such as data protection law and from "code", proposing in particular from the ethos of Privacy by Design, a new "social impact assessment" and new human:computer interactions to promote user autonomy in ambient environments.

KW - privacy

KW - smart cities

KW - data protection

KW - internet of things

KW - privacy by design

KW - HCI

KW - social impact asessment

UR - http://edpl.lexxion.eu/article/EDPL/2016/1/6

UR - http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2711290

M3 - Article

VL - 2

SP - 28

EP - 58

JO - European Data Protection Law Review

JF - European Data Protection Law Review

SN - 2364-2831

IS - 1

ER -