Privacy and Municipalities

Privacy is considered a fundamental right by Canadians. Canadians view privacy both as a right protected by laws and as a value that is foundational to our enjoyment of other rights in a free and democratic society. For this reason, it is important to understand the many ways in which privacy intersects within the smart city.

First, Canadians understand privacy as an essential component of liberty: we see our right to privacy as an essential element of what it means to live in a free and democratic society. Our right to privacy from unwarranted government intrusion distinguishes Canada from authoritarian states.

Second, personal information protection laws control many of the ways that governments collect, use and share information about us.

Third, private sector personal information protection laws give us the right to exercise control over many of the ways that the businesses and other non-governmental organizations collect, use and share information about us.

Finally, civil laws regulate how people interact, create liability for intrusion on seclusion or other violations of privacy rights. These will vary from province to province.

As a result, Canadian municipalities planning to use smart city solutions face many potential ways in which they may be liable for breaching peoples’ privacy. These laws overlap. Privacy compliance is further complicated by the emergence of public private partnerships for implementing smart city solutions.

Privacy in the Smart City

Smart city solutions use data and/or information technology tools to offer new municipal services or improve existing municipal services. Both data and information technology tools can raise important privacy issues.

The people of a municipality are often an integral component of municipal data analysis – their movement through space, their use of services, or their engagement with the municipality or other people are the data and context within and for which the analysis happens. This will usually involve the collection of information about identifiable individuals, which falls within the definition of “personal information” governed by data protection laws. Note that this definition includes not only information that, on its face, identifies individuals, but also information about and individual that is “identifiable”. For example, data collected about an individual who is not identified by name but by "customer number” is easily identifiable if that data is compared to another database that includes both "customer number” and name. Location data of individuals, in particular, is extremely difficult to divorce from identity since people’s movement through space is often surprisingly consistent (e.g. daily travel from work to home and back) and unique (e.g., no one else both lives and works where you do).

Smart city information technology raises privacy issues because of the prevalence of sensors that collect data. The privacy issues associated with networked sensors – the “Internet of Things” - is well known. The security issues associated with the very large network employed by Internet of Things solutions also poses issues for privacy, as insecure networks means that the personal information stored on those networks is also insecure.

Regardless of liability issues, the prevalence of sensors, cameras, and monitors across the smart city raises the spectre of unwanted surveillance, which can itself have a chilling effect on liberty. People behave differently when they know they are being watched. Surveillance pressures people into conforming to the behaviour of the majority. In a society that values liberty, dissent, and diversity, we must always be cautious about the unintended consequences of the use of tools with surveillance capabilities.

Addressing Privacy: Policy and Legal Governance Recommendations

1. Develop a Smart City Privacy Plan.

Municipal governments should develop principled policies on the choice and implementation of smart city technologies. These policies should serve the interests of Canadians and be guided by the needs of Canadians and the goals and policy agendas of governments, rather than by commercial objectives of technology partners. A Smart City Plan should be grounded in transparent and responsive governance, open standards, interoperable technologies, open data, meaningful public engagement and democratic control.

2. Involve Privacy Regulators at the Outset of Major Projects.

Smart city technologies pose difficult challenges to privacy laws and values. Municipalities and their partners should develop standards, practices and governance structures in close consultation with privacy regulators. Such consultations will assist with both legal compliance and with the use of privacy regulatory tools.

3. Develop Processes to Include Municipal Privacy Resources at the Outset.

Municipalities and their partners should develop standards and practices that include municipal privacy resources at the outset. Every municipality has an authority charged with privacy compliance. Bringing those authorities into even small projects at the earliest opportunity helps ensure that projects roll out in compliance with privacy laws from the outset. These authorities will also help identify useful tools such as privacy impact assessments and the privacy by design methodologies in the execution of smart city projects.

4. Use Privacy Impact Assessments.

Privacy Impact Assessments are an essential, standardized tool, familiar to privacy regulators and authorities, that help identify privacy risks and issues and ensure regulatory compliance by mitigating the issues raised.

5. Design with Privacy in Mind.

Municipalities should embrace the principles of privacy by design and security by design. These principles place privacy and security at the centre of project design and development. Many privacy issues arise after project design is complete. These principles help ensure that issues are identified and accordingly addressed early, as an aspect of privacy design rather than as an expensive consequence of project execution.

6. Assert Privacy Principles.

Any time personal information is involved in a smart city project, privacy risks and legal obligations follow. Identify the laws governing the project and ensure that work stays within them. Key privacy principles, such as consent, data minimization and identifying purposes must be incorporated into smart city data governance design. Where the objectives of an initiative can be achieved using less privacy invasive means, those alternatives should be employed.

7. Use Anonymization and Deidentification Standards .

Municipalities should avoid “re-inventing the wheel” in addressing privacy concerns. Using standards for anonymization and de-identification, where they exist, will help to ensure that unexpected privacy issues are addressed at the outset.

8. Data Governance.

Data governance in the smart city is a civic responsibility. Municipalities and their partners should address key decisions about responsibility for the collection, use, sharing and safe-keeping of the different categories of data generated by smart city technologies in a transparent, principled and coherent fashion rather than in an ad hoc or reactive manner. Data sharing-agreements and data-processing agreements, and public private partnerships generally, should include terms binding private sector partners to the privacy commitments of the municipality.

Resources

Guides and Toolkits

IAPP, Privacy By Design - An overview of privacy by design, a design approach to embedding privacy in technology from the outset.

Office of the Ontario Information and Privacy Commissioner, Technology Fact Sheet: Smart Cities and your Privacy Rights, (April 2018) - Brief overview of some informational privacy issues associated by smart city technologies, particularly sensor data.

Office of the Ontario Information and Privacy Commissioner, Planning for Success: A Privacy Impact Assessment Guide - Useful guide to planning and conducting a privacy impact assessment.

Office of the Ontario Information and Privacy Commissioner, "De-identification Guidelines for Structured Data", (June 2016) - Guidelines for systematically addressing potentially identifiable information in organized data.

Office of the Privacy Commissioner of Canada, Which Privacy Law Applies - A useful decision tree tool for determining which privacy law may apply in a situation - if any.

Regulatory Publications

Office of the Ontario Information and Privacy Commissioner, Webcast: Building Smart Cities and Ensuring Public Trust, (January 24, 2019) - Panel discussion on privacy issues raised by smart city proposals and regulatory responses to those risks.

Office of the Privacy Commissioner of Canada, Summary of Privacy Laws in Canada - Overview of the different privacy laws applicable in different contexts in Canada.

Office of the Privacy Commissioner of Canada, VIDEO: What is Personal Information - A simple but clear description of the definition of "personal information" under Canada's privacy laws.

Office of the Privacy Commissioner of Canada, Provincial and Territorial Privacy Laws and Oversight - An overview of provincial privacy laws in Canada.

Civil Society Guidance

ACLU, Community Control Over Police Surveillance – Guiding Principles - A statement of principles for exercising community control over law enforcement surveillance activities, including those data-centric surveillance applications typically employed in smart city contexts.

CIPPIC and McMaster University, Smart City Privacy - A guide to privacy issues and laws applicable to smart city approaches in Canada. Includes a geographic survey of smart city tools already employed in Canada as well as a statement of best privacy practices.

Privacy International, Smart Cities Resources - Reports, news analysis and other resources published by Privacy International, a leading privacy advocate.

Articles and Blog Posts

Maryiam Saifuddin and Chad Marlow, The Canadian Government Executive Blog, “How to stop smart cities from becoming surveillance cities” - This opinion piece asis from Maryiam Saifuddin, an Open Cities Fellow at the Sunlight Foundation, and Chad Marlow, an ACLU Senior Advocacy & Policy Counsel for surveillance, privacy & technology.

CBC, Spark "Confused by Smart Cities? This Expert explains what it is and why we should care - Podcast interview with KTH Royal Institute of Technology urban sustainability professor Andrew Karvonen, discussing fundamentals of smart cities and their privacy considerations.

CBC, Spark "To Protect Privacy, There Need to be Limits on Smart City Surveillance - In February, 2019, Victoria, BC hosted the 20th Annual Privacy and Security Conference which featured a panel on how to balance freedom and security in a smart city. Panelists included Ann Cavoukian, the former privacy commissioner of Ontario, David Izzard, Architecture & Cyber Security Manager for the City of Surrey, BC, and Andrew Clement, Professor Emiritus and the University of Toronto Information School and a member of the Waterfront Toronto Digital Strategy Advisory Board.

Stephen Pritchard, "Securing the Smart City", Infosecurity - Article on privacy and security issues in the smart city.

Linnet Taylor, Liuciano Floridi & Bart van der Sloot (Eds), Group Privacy: New Challenges of Data Technologies, (2017) - Going one step further than existing research, this book considers group privacy rather than the individual.