In a world where information is everything, where do we draw the line between enabling collaboration and improving quality of life through the collection and sharing of data and actually intruding on peoples’ privacy?
I am a strong believer in the power of sharing data and how it can be used for the greater good, particularly within the public sector. If we truly want to deliver services that are person and place based, we have to overcome the perpetual issues of data sharing between our organisations, whilst still protecting our citizens’ rights. I do believe that the public sector has the will to do this, albeit at a much slower pace than it needs to be done.
Working in local government 5 years ago, the concept of Smart Cities and the Internet of Things (IoT) were buzzwords that you put in a presentation to sound cutting edge but didn’t seem to have much relevance or practical application in solving problems in the real world. But there seems to have been something of a paradigm shift more recently. Digital technology now touches almost everything we do and the pace of change is accelerating rapidly, along with an understanding of its ability to improve service delivery and create efficiencies.
The IoT industry is still nascent but growing rapidly, estimated to have a $1 trillion market and 50 billion devices connected by 2020. Having recently attended the Government Internet of Things Summit, I can see huge benefits in sharing data through IoT in the public sector. Leeds City Council have based their Smartcity platform on four different areas – Housing and Assisted Living, Transport, Air Quality and Citizen Driven Health and Wellbeing. It’s hard not to see the links between these areas and I’m personally excited about the idea of ‘Mobility as a Service’- the idea that we move away from personally owned modes of transport towards multi-modality transport shared and consumed as a service and the impact that that can have on improving air quality. We’ve already started to see schemes across Greater Manchester such as Mobike city bikes in Manchester and Co-Wheels Car Club in Salford that will clearly contribute to this the more widely they are used. Manchester is also leading the IoT way with its Cityverve demonstrator and innovation hubs such as Mi-Idea.
Technology supporting IoT is now gradually moving away from proprietary, private networks and platforms towards using open standards such as LoraWan (standardising low powered wide area networks) and Hypercat (for the standardisation of data discovery). The cost of wireless devices and sensors is going down and battery life has increased to up to 10 years, opening up many more possibilities. Public, private and academic partnerships such as those in Newport and Bradford are starting to provide the underlying citywide infrastructure to support IoT, making it easier for others to innovate. It is critical that we move the public and private sector towards design principles that promote openness, interoperability and shared standards based on an infrastructure that is vendor neutral, federated and uses open APIs.
The concept of open data has also moved on over the last number of years but most organisations are still highly closed to sharing data and we need to incentivise them to move towards the development of open ecosystems that focus on social value and economic growth potential.
But, as well as innovating, there needs to be an equal focus on protecting our citizens’ data from unwanted use and making sure it is secure. We have the advantage in Europe of strong data protection legislation to make sure we don’t go too far the other way. This will be further enhanced with the advent of the GDPR next year. Organisations are encouraged to do ‘privacy by design’ and will have to become more transparent and accountable about what they are doing with personal data, giving people the right to have their data erased, where there is no legitimate reason not to do this.
Many IoT devices still present a cyber-security risk because they are based on old protocols and easily hackable coding with a rise of botnets exploiting security flaws (‘Botnet of things’). As we move towards a future where more and more processing is done at the point of data collection, the edge, these issues need to be addressed.
Many vendors have not even started to think about the implications of GDPR on their digital and IoT products. As data controllers, we will need to have data processing agreements in place with our suppliers that cover both data security and privacy. We will need to provide robust and clear privacy notices to our citizens so they know what data we are collecting and why, what we will do with it and who we will share it with. We need to make sure we get explicit consent where required and be clear how we will erase data under the right to be forgotten.
As new models for investment, funding and procurement emerge, disruptive digital technology will start to move from discovery to business as usual. But, as well as funding, solutions require a critical mass of data to be able to maximise the benefits. The more data we can acquire, the more effective and useful those digital solutions will be. This means engaging with citizens and organisations to help them understand the benefits of sharing their data, involving them more in the development of our projects and providing them with transparent, user friendly platforms where they can share and control that data. The BeeActive app, launched today, is a perfect example of this – the more data it has access to and consumes, the more useful it becomes to its user.
I continue to remain optimistic that in the UK, we will get this balance right, becoming world class digital leaders providing innovative solutions that benefit our citizens, built on strong data privacy foundations.