Enhancing the Privacy of Smart City Citizens with Open-Source-Technology
At Oivan, we have built smart city solutions for over a decade. In Finland, we developed mobile apps for an electric car charging network company, digital services for a smart-office-hotel-hybrid, and AI-powered real estate investment analysis tools. In the Kingdom of Saudi Arabia (KSA), we’ve developed leading e-government services for buying homes, digital facilitation of rental agreements, and energy consumption data platform for businesses. Currently, we work on numerous smart city-related projects that are still in stealth mode but will likely have a significant impact in the coming years.
The demand for smart city solutions is expanding rapidly, especially in our primary market, the KSA. At the premier tech event LEAP in Riyadh in February 2023, I had several fascinating discussions about smart city-related topics with Saudi government leaders and business executives. During these discussions, I found myself exploring the dichotomy of smart city technologies and human freedoms: While the promise of an AI-powered urban environment, which anticipates and adapts to each individual’s needs in real-time, is an inspiring vision, the flip side is the potential to build a piece of enormous digital surveillance machinery stripping away individual freedoms.
Finding the perfect balance between smart city data collection and protecting peoples’ privacy is challenging, but here are some thoughts on things we should consider and how open-source tools can help fine-tune this delicate balance.
Smart cities use technology to improve residents’ efficiency and quality of life. One of these technologies is people flow tracking systems, which monitor and analyze the movement of people in public spaces such as streets, parks, malls, and transport hubs. These systems can provide valuable insights for urban planning, traffic management, public safety, and environmental sustainability.
However, people flow tracking systems also pose significant challenges to privacy protection. These systems collect and process large amounts of personal data, such as location, identity, behavior, and preferences of individuals. This data can reveal sensitive information about people’s habits, preferences, health conditions, social relationships, and political opinions. Moreover, unauthorized parties such as hackers, advertisers, or governments can access or misuse this data.
Therefore, it is essential to ensure that people flow tracking systems respect the privacy rights and expectations of the citizens. Regulators and companies can achieve this by adopting various measures such as:
- Implementing privacy-by-design principles requires that service providers embed privacy protection into the design and operation of people flow tracking systems from the outset. Responsible service providers minimize the collection and retention of personal data; anonymize or pseudonymize the data; encrypt and secure the data; provide transparency and accountability for the data processing; and enable user control and consent over the data.
- Applying privacy-enhancing technologies enables people flow tracking systems to perform their functions without compromising privacy. For example, differential privacy adds noise to the data to prevent individual identification; homomorphic encryption allows computation on encrypted data without decrypting it; federated learning distributes the learning process across multiple devices without sharing raw data; and zero-knowledge proofs prove a statement without revealing any information. Furthermore, open-source-based encryption tools, which allow semi-anonymous digital identities with public and private key pairs, may help add more privacy to people flow tracking systems.
- Establishing privacy governance frameworks: These frameworks provide legal and ethical guidelines for regulating the use of people flow tracking systems. They include laws and regulations that define the rights and obligations of data subjects and controllers; codes of conduct and best practices that set standards for responsible data handling; oversight mechanisms that monitor compliance with privacy rules; enforcement mechanisms that impose sanctions for violations; and redress mechanisms that offer remedies for harms.
By adopting these measures, smart cities can balance the benefits of people flow tracking systems with the risks for privacy protection. This way, they can foster trust and confidence among their citizens while enhancing their livability and competitiveness.
The infrastructure of smart cities runs on IoT (Internet of Things) devices, which monitor and adjust millions of processes in real-time across the urban environment. Road traffic, smart parking, utility management, facility operations, and many other processes rely on the 24/7 interplay of sensors, data, and devices.
Public and private sector organizations are the primary operators of the IoT systems of smart cities, and they need to maintain a healthy attitude toward using personal data ethically in their services. For example, do I need to authenticate with my real-life identity when charging my electric vehicle? Could I charge my car more anonymously as I do with cash at a gas station today?
Open-source technologies like Bitcoin’s Lightning Network (Lightning) could provide a more private alternative to fully centralized services. Lightning is a second-layer technology built on the Bitcoin network, which uses peer2peer connections to enable close-to-real-time and close-to-zero-fee microtransactions. Every bitcoin consists of 100 million satoshis (sats) which allow for highly dynamic and granular ways of paying for services, such as the charge for my electric car. One could visualize electricity streaming to my vehicle while sats stream to the charging station.
Most people will naturally opt to use fully centralized IoT services for convenience. The same logic played out in adopting the internet, where most people voluntarily use it via centralized services and devices from Google, Microsoft, Facebook, Amazon, and Apple. Still, open-source technologies such as Bitcoin and the Lightning can provide viable options for law-abiding people who don’t want to be surveilled 24/7 during their lives. Lightning will also be helpful in machine-to-machine commerce, which we expect to grow exponentially within smart city environments. For example, self-driving taxis could pay EV-charging stations for electricity without human facilitation.
As an upcoming digital asset class, bitcoin’s price volatility can seem too high for the above use cases. Bitcoin experts expect the volatility to lessen as global user adoption takes Bitcoin’s market cap closer to Gold’s 13 trillion market cap. In the meanwhile, Bitcoin-backed stablecoins have the potential to provide a viable interim solution. In the next 12 months, bitcoin-backed stablecoins representing USD, and potentially other fiat currencies, will launch on Lightning. In other words, Bitcoin can soon work as the base-layer technology for personal and machine-to-machine payments without exposure to bitcoin’s price volatility.
Using Bitcoin-backed stablecoins can also remove the headache of handling tax reporting for organizations, people, and devices participating in smart city economies until more countries forfeit capital gains taxes for using bitcoin for payments. Even in my home country Finland, which has some of the most comprehensive tax regulations in the world, a citizen can spend small amounts of bitcoin per year without tax reporting obligations. And at the other end of the spectrum, El Salvador has made bitcoin legal tender, and more countries will follow.
Smart city regulators and service providers should educate themselves on the tremendous opportunities the internet-of-value provided by Bitcoin-related open-source technologies can do to enhance citizen well-being, privacy, and efficiency of commerce.
When citizens of smart cities interact with public services, they use digital identities to log in to the services they use. In many cases, such as in legal matters, the person’s real-life identity connects with their digital identity for a valid reason. But in many cases, connecting real-life identity with digital identity is intrusive and creates multiple risks for individuals. Nick Szabo famously stated in 2001 that trusted third parties are security holes.
For example, when a resident of a smart city wants to go to a digital art exhibition, does she have to log into the ticketing platform with her real-life identity, or could she reserve the art exhibition ticket by logging into the ticketing service semi-anonymously? After all, in most places, I can still buy art exhibition tickets with cash today.
Modern open-source technologies make it possible to create persistent semi-anonymous digital identities using public and private key pairs. A simple way to think of public and private key pairs is to view the public key as your email address and the private key as your password. The security provided by private key encryption is military-grade. In layperson’s terms, cracking an SHA-256 private key is as complex as turning a banana, avocado, apple, carrot, and spinach smoothie into the original fruit and vegetables in their original shapes.
A smart city resident could have a semi-anonymous public key representing her in all services that don’t inherently require her real-life identity, such as logging into an art exhibition ticketing service. The service providers could still get data on the user history of the person and, provided that the person has given permission, share the account history with other service providers.
Designers of smart cities should work to find the right balance of services that require real-life identity and services that work with a semi-autonomous public key-based digital identity. In other words, the user could build a persistent digital reputation semi-anonymously while transacting with a smart city’s businesses and public sector organizations. Service providers could still personalize the user experiences for the person without knowing who she is in real life while giving the user complete control over what to share and with whom.
The user’s public key represents her publicly in the service. In contrast, the user needs her secret private key to complete “write” actions, such as sending a message or following/unfollowing a user.
I am confident that Nostr-based solutions will play a significant role in bringing anonymity and privacy to those communication services of smart cities, which are better without using real-life identities. Again, most people will use centralized services with their real-life identities out of convenience and convention. And some services, such as legal ones, naturally require real-life identities to work correctly.
Still, human-centric smart city regulators should allow for more privacy wherever it makes sense. The EU’s GDPR is an example of how regulators can influence organizations to adopt the less-is-more philosophy of using people’s real identities in their services.
Many smart city initiatives include ambitious plans for digital cash. The proposed concepts range from using the current instant payment apps (Venmo, Cash App, Mobily Pay, WeChat Pay, Siirto, and Mobile Pay) to full-fledged CBDCs (Central Bank Digital Currencies).
Instant payment apps and CBDCs record people’s every financial transaction. While most people don’t perceive this as a problem, we’ve already seen chilling examples of how governments use payment rails against their people. For instance, in 2022, we saw a G7 nation Canada shut down the banking access of people supporting a non-violent protest.
Even if you think your financial activity does not require any secrecy, it is worth exploring the implications of fully surveilled money. For example, if your consumption habits go against the current agenda of your government, you might be in for an unpleasant surprise.
Suppose a smart city in 2030 where 99.9% of people use electric vehicles for transit, and you own a gas-powered “museum car” for recreational fun. What if regulators decide you are an “enemy of nature” and shut down your access to buy gas for your vehicle? When using an instant payment app, or a CBDC, shutting down your payments to gas stations takes one phone call or a mouse-click from the regulators.
Aside from the lightweight example above, one can easily imagine more sinister uses of blocking payment rails of people that the regulators dislike. The things happening in China for the Uyghur people are a vivid example of what weaponized payment rails can do to innocent people.
Modern quality of life relies heavily on property rights and the freedom to transact financially. Any smart city project that forgets these principles has to compete with the ones that don’t. Competent regulators of smart cities should allow the use of bitcoin as a complementary payment rail to digital fiat currencies, similar to how cash works today.
How the geographical arbitrage between smart cities will play out in the coming decades will be interesting to watch, and I think that many people will instead move to a smart city where fundamental personal freedoms remain than to a place where the regulators can shut down your access to transact at any given moment.
The Way Forward
At Oivan, we promote using the technologies powering smart cities in a human-centric way. AI, IoT, and digital currencies can enrich people’s lives significantly, but only if regulators and service providers find the correct balance between privacy and data collection. Accessible, open-source software technologies are excellent tools for balancing the interplay between data collection and human freedom, and any entity wanting to build a genuinely human-centric smart city should take them seriously.
Would you be interested in knowing more about this topic? Please feel free to contact me, Oivan CEO Rami Korhonen, if you would like more information.
+358 40 730 7813