What is a smart city? For many, the answer is technology. A smart city is, by definition, a technologically modern urban area that uses different types of electronic methods and sensors (sometimes hundreds or thousands) to collect specific data.
By Bertus Engelbrecht, senior manager: information security at BCX
In reality, it is data that makes a city smart, and it works because Internet of Things (IoT) sensors, cameras, and GPS devices collect information related to the city’s infrastructure and allow for real-time monitoring.
The amount of data that can be generated by IoT devices is inconceivable. It’s estimated there will be 55,7-billion IoT devices generating almost 80 zettabytes (ZB) of data by 2025.
Using sensors, a smart city could collect data about air quality, traffic patterns or energy consumption, for example, to generate insights. And any data gathered around mobility, transport and living conditions can be used to help inform policies going forward. At the same time, the public sector must ensure that any data collected meets high ethical, privacy and transparency standards.
Data may be key but being connected means that a smart city’s security is always at risk and the reality is that cybersecurity is a major concern for both city authorities and citizens. A cyberattack has the potential to compromise the critical infrastructure, systems, and data that enable a smart city to function. Threat actors could easily access and exploit personal identifiable information (or PII) which could include anything from names, phone numbers, ID numbers, addresses, and bank account details.
The reality is, with severe cyberattacks increasing 300 per cent year-over-year, including hacks on government systems and ransomware demands, an effective cybersecurity strategy for a smart city is a never-ending task of assessing risks, and consequences, and taking appropriate steps.
The more IoT devices a smart city has, the more entry points there are to compromise a city’s systems and take advantage of the resulting vulnerabilities. Not only must a city build data protection processes at every level to ensure compliance with both current and future legislation, but the public sector has a responsibility to educate citizens about data privacy, cybersecurity, and responsible technology usage.
While there are concerns around surveillance technology, it’s important to keep in mind that what smart cities use today has evolved far beyond CCTV. The technology implemented is focused on data – transforming visual footage into metadata – and in most scenarios, the video never leaves the camera as the analytics are analysed (and anonymised or pseudonymised) at ‘the edge’.
This ensures that any data gathered is only used for legitimate purposes and that citizens are protected from blanket surveillance. As a result, the city authority receives only anonymous data that minimises the risk of individuals’ identity being revealed.
Smart cities are complex and layered ecosystems made up of people, processes, and devices. As physical and digital spaces become more amalgamated, smart cities need to make sure that human rights are protected both online and off. With connected cities continuing to develop and expand, smart citizens should be aware of the policies designed to protect their rights.
In South Africa, the right to privacy is protected under both the common law and Section 14 of the Constitution. These legal foundations emphasise our commitment to preserving individual freedoms and privacy in our interconnected and data-driven world.
According to Statista, the global smart cities market is expected to grow to a value of about $1,38-trillion by 2030. Smart cities are evolving to redefine urban living, bringing enhanced efficiency, sustainability, and quality of life to the urban environment. However, it is only through education, cybersecurity, and responsible technology usage that we can ensure that smart cities and their digital citizens stay safe.