Privacy, Security and Data Protection in Smart Cities: A Critical EU Law Perspective 2 European Data Protection Law Review (EDPL) 2016

2 Eur. Data Prot. L. Rev. 28 (2016)
Privacy, Security and Data Protection in Smart Cities: A Critical EU Law Perspective

handle is hein.journals/edpl2 and id is 34 raw text is:

28 1 Privacy, Security and Data Protection in Smart Cities

Privacy, Security and Data Protection in Smart

Cities:

A Critical EU Law Perspective

Lilian Edwards*

'Smart cities' are a buzzword of the moment. However, a growing backlash from the priva-
cy and surveillance sectors warns of the potential threat to personal privacy posed by smart
cities. Key issues include the lack of opportunity in an ambient or smart city environment
for the giving of meaningful consent to processing of personal data; the degree to which
smart cities collect private data from inevitable public interactions; the 'privatisation' of
ownership of both infrastructure and data; the repurposing of'big data' drawn from IoT in
smart cities; and the storage of that data in the Cloud. This paper argues that smart cities
thus combine the three greatest current threats to personal privacy, with which regulation
has sofarfailed to deal effectively; the Internet of Things (JoT) or 'ubiquitous computing';
'Big Data'; and the Cloud. I will discuss how and if EU data protection law controls possible
threats to personal privacy from smart cities and given legal inadequacy, suggest further re-
search on a number of solutions.

I. Introduction

'Smart cities' are a buzzword of the moment. Al
though legal interest is growing, most academic re
sponses at least in the EU, are still from the techno
logical, urban studies, environmental and sociologi
cal rather than legal, sectors1 and have primarily laid
emphasis on the social, urban, policing and environ
mental benefits of smart cities, rather than their chal
lenges, in often a rather uncritical fashion2. Howev
er a growing backlash from the privacy and surveil
lance sectors warns of the potential threat to person

Professor of E-Governance, University of Strathclyde, Glasgow. My
thanks to Anastasia Gubanova, LLM candidate at the University of
Strathclyde, for helpful and timely research assistance; and to
CREATe and the Horizon Digital Economy Hub at Nottingham for
helping sponsor the international conference, Designing Smart
Cities? Opportunities and Regulatory Challenges, Strathclyde, April
2015 from which many insights were drawn for this paper. A full
web resource of the conference can be found at http://www.cre-
ate.ac.uk/blog/2014/11/06/designing-smart-cities/ and papers from
the conference were published as a special edition of the journal
of Society for Computers and Law (SCL Journal, vol 26, issue 2,
June 2015/July 2015 (http://www.scl.org/site.aspx?i-is43131 )
some of which are referred to below. My thanks also to Lachlan
Urquart (doctoral candidate, Horizon) who provided enormously
useful research assistance for the conference, and editorship for
the special edition; to all the speakers at the conference, whose
expertise has helped me accelerate up my learning curve about

al privacy posed by smart cities3. A key issue is the
lack of opportunity in an ambient or smart city en
vironment for the giving of meaningful consent to
processing of personal data; other crucial issues in
clude the degree to which smart cities collect private
data from inevitable public interactions, the 'privati
sation' of ownership of both infrastructure and data,
the repurposing of'big data' drawn from IoT in smart
cities and the storage of that data in the Cloud.
This paper, drawing on author engagement with
smart city development in Glasgow as well as the re
sults of an international conference in the area curat

smart cities; and particularly to Francesco Sindico (also of Strath-
clyde) who took charge of the environmental and energy side of
the conference. Finally thanks are owed to the participants in the
Amsterdam Privacy Law Scholars Conference 2015 where this
paper was workshopped, especially Bert-Jan Koops and Eleni
Kosta, and to Daithi MacSithigh for helpful reading and comments.
See discusion in Annalisa Cocchia, Smart and Digital City: A
Systematic Literature Review ( Springer 2014); also overview in
the leading text Anthony Townsend, A Smart cities : big data,
civic hackers, and the quest for a new utopia (W W Norton and
Co 2014).
2 Rob Kitchin's Programmable City project (n 105) and Adam
Greenfield (n 26) are outstanding counter-examples however.
3 See, eg David Murakami Wood's surveillance studies Ubicity
project at Queens Ontario (n 105).

EDPL 112016

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.

Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

What Is HeinOnline?

Purchase Access

Contact Us

Log In

NEED HELP?

CONTACT US

Get started

Subscribe to our Newsletter