Kyle Macaskill | Research Team, Future of Place
As we aspire to safeguard data, privacy and physical assets in our cities and communities there are many strategies we can adopt. These can play a crucial role in helping build trust with citizens. Here are four strategies to embrace:
1. Raise public awareness and transparency in the data collected
Privacy concerns within communities often stem from a lack of knowledge surrounding what and when data is collected, who can access the data, and why it is being collected.
Thus, we encourage technology deployment through a community-driven mindset, prioritising citizen privacy by providing transparency on IoT devices and projects implemented. Furthermore, governments and cities should discuss accountability with data custodians. It may be in the form of publishing a privacy policy or allowing community input on proposed IoT projects.
However, note that this does not resolve issues surrounding consent towards data collection.
2. Implement 'privacy by design'
Privacy by design ensures that privacy risks are handled proactively, rather than reactively. This ties in with end-to-end security where personal information is collected, stored and transmitted securely across its entire lifetime.
Transparency with end-users and respect for user privacy are crucial principles to be maintained. Other strategies include the use of encryption and other methods at the source, and to minimise the amount of personal information which is collected. A first step to ensuring privacy by design is to perform a Privacy Impact Assessment, which identifies the privacy risks and strategies for managing and minimising risks.
3. Increased training for community leaders, city shapers and IT experts, and appointing a privacy officer
Privacy concerns in the public realm are often linked to many things, such as:
-
poor communication and engagement
-
lack of availability and understanding of a privacy policy
-
poor governance resulting in inadequate risk assessments.
By increasing education and awareness around privacy, this allows for deeper considerations surrounding privacy in decision making, ultimately improving privacy in the public realm.
Furthermore, building awareness of privacy among the 'city shaping' professions allows for privacy to be 'baked into' the city-shaping process, establishing privacy by design. Local government organisations should also consider appointing a privacy officer or champion who can identify and manage privacy risks and advance privacy by design.
4. Enforcement of privacy guidelines to ensure effective and correct privacy policy implementation
Publishing privacy policies and embedding privacy by design are crucial steps in minimising risks. However, it's also pivotal to establish a framework that ensures compliance with privacy guidelines and legislation is maintained. Evidence of privacy policy and principles implementation should be published and analysed to ensure that privacy risks are handled appropriately.
