The rise of the “internet of things” refers, as just about everybody knows, to the interconnectedness of all those everyday items that send and receive data. But did you know this phenomenon is about to transform, not only everything else, but also the way cities operate? “Smart cities” are here. They deploy a lot of cutting-edge technologies, sensors, and physical devices—and, by design, also get a lot of “help” from Big Data.
You should be.
Thanks to these higher-IQ cities, we could get, so the promise (always) goes, more effective management of various services and amenities—everything from transportation and traffic-control to electric-grid operations and waste management. But that has not happened, and this evolution could put, and has put, civil liberties and the security of citizens at risk. And, thanks to their tax dollars, these victims have paid for the privilege.
Internationally, Amsterdam is by far the “smartest city” in Europe. In the United States, several Californian cities have done much of the pioneer work on smart-urban tech. And they’ve pioneered some impressive mistakes, too.
One such debacle was the disastrous smart streetlight program in San Diego. Up until 2017 streetlights in San Diego were just—well, streetlights. But city officials declared more was needed from the city’s government-owned light fixtures, and in 2018, after a brief pilot program, the city partnered with General Electric to retrofit them with cameras. Traffic flow and measurement of some other key metrics, like weather change and its impact, would improve, officials assured citizens. In addition, the new LED lights would be more energy efficient than their predecessors—and could even be outfitted with “intelligent” sensors that would deliver traffic updates to officials. Another benefit? Real-time monitoring—for their own benefit, of course—of pedestrians and bicycles. In sum, residents and businesses alike would enjoy “data-driven processes, tools, and capabilities.” The San Diego Mayor even promoted the program as a way to save the city money.
But, instead of improving urban living in southern California, the streetlights became a tool for citywide surveillance. In 2019, it was revealed that the city's contract with General Electric had allowed the company to collect and sell to third parties the data captured by the streetlights. Then, in 2020, both the public and city officials demanded answers regarding how city police were using the streetlight cameras to investigate criminal activity. Police officials assured the public that the department was using the cameras responsibly. Then, during the June 2020 Black Lives Matter demonstrations, San Diego police were found to be using the streetlights to spy on protesters far in advance of any wrongdoing.
We all desire that those we pay to enforce the law make effective use of the tools at their disposal, but the San Diego police abused their power by going beyond promised limits and acting with little or no oversight. And the whole endeavor was badly run and seriously expensive to operate. Not long after implementation, in a city memo, the deputy chief operating officer of the smart-lights effort revealed that the program lacked a properly trained staff, suffered from lax supervision, was on track to be $1.4 million over budget after the first five years, and would cost taxpayers, in the end, an additional $1.1 million in unplanned expenses. In addition, the much-ballyhooed energy savings would be, each year, about one million dollars less than anticipated. Three thousand cameras later, San Diego’s mayor pulled the plug on the $30 million lights.
That smart-city tech proved downright stupid for San Diego hasn’t slowed, however, the lemming-like rush to the digital cliff by other California cities. Even now, the city of San Leandro, for example, prides itself on being a center for the internet of things. Its goal is a smart-energy system and 4,730 smart street lights—all connected to a city fiber-optic cable-network. The new plan doesn’t appear to make any effort at all to ensure that what happened in San Diego does not happen in San Leandro.
Automatic license-plate readers are another aspect of smart-urban tech. These cameras capture and store license-plate images of passing cars, and California has one of the largest networks in the nation. And it also has some spectacular violations of civil liberties.
A notable example of license plate readers going awry occurred a few years ago, when San Francisco police officers pulled over Denise Green, a city bus-driver on her way home from work. Thinking Green was a car thief, several officers pulled her, bewildered and terrified, out of her car and, with guns pointed at her head, forced her to the ground. She was then handcuffed.
The police had erred badly, however, when they stopped Denise Green, in her burgundy Lexus. They were, in fact, supposed to be looking for a gray GMC truck. But a misread by a license-plate reader had identified her car as stolen. The city settled Green’s resulting lawsuit for $495,000. But the readers remained in place, and other California cities have added them to their internet of things.
And problems, as you might expect, are rife. A 2020 audit of city departments in California found that many agencies did not have policies in place to prevent the outright unauthorized use of license-plate reader images and did not always follow proper procedures when it came to the handling and storing of the data collected by the readers. California state law does in fact require agencies to establish policies and procedures to mitigate the unauthorized use or manipulation of their systems—but what city government is eager, in practice, to curtail its own powers?
Another issue that should cause concern: the security of these massive digital surveillance networks. Despite new technology on the sensing/photographing front-end, these systems often rely on legacy computers for back-end processing. These older machines are difficult to update and are therefore vulnerable to the latest malicious software, as well as to the growing number of bad actors worldwide harboring ill-designs against Americans and their infrastructure—much of which, new and old, is run by municipalities.
Furthermore, talk to any decent cyber security expert, and he’ll tell you that one of the best ways to protect a network is to segment it properly. Should hackers invade one piece of the infrastructure, segmentation prevents their accessing the rest of the network. (Think: the emergency shutoff valves in a pipeline.) But remember. Smart-city tech works only if everything in these enhanced “internets of sensors and cameras” are more or less always talking to each other—which is very opposite of segmented. Turns out, then, the very connectedness of smart-urban tech is the very thing that renders such new digital regimes vulnerable to hackers and the truly dangerous events such persons could inflict on a city. Imagine the traffic lights not working because the parking system got hacked.
We mentioned Big Data at the beginning. First, consider that the data on citizens collected by smart-city tech is tied to basic services of city government. That means it is nearly impossible for you to opt out of being surveilled, once a smart tech regime has descended on your city. You won’t be able to leave your house, for instance, without possibly being recorded by your streetlight. A website or an app must ask to receive your personal information. But in a smart city, you don’t provide the data voluntarily. You are tracked with or without your consent.
Second, given the instantaneous manner in which this kind of data is collected—just by stepping out your front door, driving off your driveway, or parking your car at the grocery store—the amount of data collected is just massive. No wonder, then, that cities rely on firms we now designate as Big Data to analyze that information, report on it, and apparently sell it without your knowledge or consent. In addition, the storage of this data is adding up, making those increasingly target-rich backup computers ever more vulnerable to the thieves.
Without question, therefore, the advent of smart cities raises serious concerns regarding civil liberties. Some might contend that, because these cameras and sensors are in public spaces, there isn’t much to complain about. It is true that, as a legal matter, the expectation of privacy in public is generally lower than the right to privacy in your residence. But, as the Supreme Court of the United States also has stressed:
[a] person does not surrender all [privacy] protections by venturing into the public sphere. … society’s expectation has been that law enforcement agents and others would not—and indeed, in the main, simply could not—secretly monitor and catalogue every single movement of an [individual] for a very long period.
“Secretly monitor and catalogue every single movement”—but that is precisely what is happening in these smart-city regimes or very nearly so. To a country defined, since its inception, by a unique kind of political freedom, and a related unique type of economic freedom, these smart-city regimes, if they go unchecked, are serious threats.
But the smart-city story is not all bad. Take predictive policing—a practice that uses algorithms based on historic crime data to direct police actions. In Santa Cruz, authorities there were among the nation’s first to use these algorithms. Los Angeles was also an early adopter. But predictive policing, it turns out, largely relies on junk science and can result in profoundly biased outcomes, as can be seen in algorithms that score the likelihood that an imprisoned person will reoffend. As a result, in 2020, Santa Cruz became the first in the nation to ban the practice of predictive policing, citing the high potential for racial bias. (Santa Cruz’s ban does have some unfortunate loopholes, however.) Los Angeles also ended its predictive policing program last year. San Diego, too, has learned some hard lessons and now has city ordinances and a privacy commission aimed at stopping city-government abuse.
But the lessons these big cities have recently learned are comparatively small. In California and elsewhere, the trend toward a Big Tech paternalism—all in the name of efficiency—is real and shows no sign, overall, of slowing down. Thinking citizens across the country, therefore, should demand, and right away, that their respective cities adopt privacy policies prior to the purchase of these technologies by city hall. After the fact is too late.
The godfather of all social planners, the utilitarian Jeremy Bentham, once designed, not at all surprisingly, a circular prison, in the middle of which rose a watchtower. From that perch, the wardens could keep criminals under omnipresent surveillance. In the middle of the twentieth century, another thinker, this time the Frenchman Michel Foucault, also spoke of the panopticon—but now as a metaphor for how modern society maintains social control . With the increased prevalence of smart-city tech, a post-modern version of that nightmare is slouching toward a city near you. And it is no metaphor.
Jonathan Hofer is a Policy Research Associate at the Independent Institute and a co-author, most recently, of COVID in California: How Government Regulations Created Critical Healthcare Shortages. Christopher B. Briggs is Publications and Public Affairs Counsel at the Independent Institute.