Cyber security challenges in Smart Cities: Safety, security and privacy

June 1st, 2024

Share:

The benefits of Information and Computing Technologies (ICT) in a Smart City and of the Internet of Things are tremendous. Smart energy meters, security devices, smart appliances for health and domestic life: these and more offer unprecedented conveniences and improved quality of life. City infrastructures and services are changing with new interconnected systems for monitoring, control and automation. These may include water and sanitation to emergency responders and disaster recovery.

These benefits must be considered against the potential harm that may come from this massively interconnected world. Technical, administrative and financial factors must be weighted with the legal, political and social environment of the city.

Methodology

Several paradigms and categorical structures may be applied in analyzing the benefits and detriments of this data environment. An applicable paradigm used for this analysis is that of IBM that the Smart City, its components and its citizens are

  • Instrumented
  • Interconnected and
  • Intelligent.

This is denoted as “IN3.”

“Instrumented” gives city components and citizens devices, at varying levels of features that, at a minimum, respond to a sensor network. These are, in turn, “interconnected” as to pass information into a network. That information is computationally available for analysis and decision-making, making the Smart City “intelligent” in its operations.

Security and privacy concerns rest on how the information within IN3 is used. The core of the technology is the information. A full examination of any system of the Smart City may categorize information as to sources, types, collections, analytics and use.

Fig. 1. Data sources feed data collections feed data analytics for knowledge.

Fig. 2. The production loci of data in the Smart City.

Fig. 3. Source nodes of activities and services producing data.

Fig. 4. The recursive cycle of data in the Smart City – information generated is information used is information generated is information used.


The instrumented source may have particular rights or risks associated with particular types of information, such as a person’s location or actions. The collections of that information, such as on the device or on a cloud aggregator, similarly invoke issues of rights, duties and risks. From those collections analytics can build services of varied sophistication which, in turn may be used for good or ill.

The loci of activity nodes may be categorized in relation to people, workplace, transportation, homes and social/commercial interactions.

An additional way to categorize within this space is to consider information source nodes as the activities and services of social and civic life, people, work, home, transport and social life.

In all of the interactions the information generation and exchange is at least bilateral and communicative. Actions often call and use information which, in turn, generates new information related to the services, including bettering those services on analysis.

IN3 is brought together in the commercial culture of search, recommender services and locational apps for devices that suggest services based on a person’s location, characteristics and historical preferences.

More fundamental civil services at greater efficiency and reduced cost are possible for a Smart City. Citizen safety is a paramount civil responsibility. After the murder of a social worker making a home visit, computer engineering students devised an app package for smartphones that would track via GPS and provide panic button notification to supervisors and police via direct activation and timed cancelation. This support was only possible with this instrumented, interconnected and intelligent system. Similarly, every police officer on patrol may be monitored as to his or her precise location in relation to other activity in the city.

Yet this is subject to abuse. Various apps subvert the instrument, such as a smartphone, and turn it into a spy and tracking device for a jealous spouse, obsessed former associate or malicious voyeur.

The first major instrumented/interconnected/intelligent case before the U.S. Supreme Court involved a GPS tracking device. The Supreme Court of the United States found the placement and monitoring of a GPS tracking device on a person’s automobile while it travelled on public roads to be illegal absent sufficient evidence relating the vehicle to criminal activity as determined by a neutral magistrate. This was an “unreasonable search” even though it would have been completely permissible for police agents to follow the automobile in their own vehicle and log the movements.

Although a prevailing rationale was that the placement of the tracking device without permission was a trespass, Associate Justice Sonia Sotomayor in a concurring opinion addressed the growing risks pervasive computing and communications technologies, such as GPS-enabled smartphone presented for traditional notions of privacy. Electronic surveillance may still be improper “when the government violates a subjective expectation of privacy that society recognizes as reasonable” and she agreed with Justice Alito that long-term GPS monitoring would impinge on those expectations.

But Justice Sotomayor continued in United States v. Jones,:

In cases involving even short-term monitoring, … GPS monitoring generates a precise, comprehensive record of a person’s public movements that reflects a wealth of detail about her familial, political, professional, religious, and sexual associations … (“Disclosed in [GPS] data … will be trips the indisputably private nature of which takes little imagination to conjure: trips to the psychiatrist, the plastic surgeon, the abortion clinic, the AIDS treatment center, the strip club, the criminal defense attorney, the by-the-hour motel, the union meeting, the mosque, synagogue or church, the gay bar and on and on”). The Government can store such records and efficiently mine them for information years into the future …  And because GPS monitoring is cheap in comparison with conventional surveillance techniques and, by design, proceeds surreptitiously, it evades the ordinary checks that constrain abusive law enforcement practices: “limited police resources and community hostility.” Illinois v. Lidster, 540 U. S. 419, 426 (2004).

The knowledge of such surveillance could have a negative impact on freedoms of speech and association with others as well as provide the government with immense private information subject to misuse.

Security is a global idea tied to safety, an assurance that a person may go about his or her life without injury to life, property or rights. Cyber security is a subset that focuses on computing systems, their data exchange channels and the information they process, the violations of which may be sanctioned under criminal law. Information security and assurance intertwine with cyber security with a focus on information processed.

With computing systems the kernel of security concerns is the information handled by the system. The three general areas to be secured are

  1. The “privacy” and confidentiality of the information
  2. The integrity and authenticity of the information and
  3. The availability of the information for its use and services.

Further, the legal and social concepts of a citizen’s “right to privacy” are entangled with the challenge of cyber security and the benefits of the Smart City. That legal/social concept of privacy addresses confidential aspects of life, control of one’s own public profile and a life free of unwarranted interference. This applies to both state action and that of private parties.

Within most democratic and hybrid legal regimes under common law, civil law and mixed systems there are core general principles relating to privacy and cyber privacy:

  1. Activities within the home have the greatest level of protection and are generally protected from intrusion by others absent reasonable grounds and, often, judicial orders of intrusion, based on law.

  2. Activities that extend outside the home may still be protected as to privacy but the level of protection may vary. This may depend on whether there is a “reasonable expectation of privacy,” under U.S. constitutional law, or a special protection out by statute for that activity.

  3. Activities out in public or involving third parties may have little or no protection as to privacy absent special protection out by statute for that activity.

  4. Activities subject to public regulation may carry lesser or no privacy protections, particularly where data collection is part of regulation or a pre-condition to state permission to use regulated services.

  5. Any activity data may be monitored, collected and used with the consent of the data subject, absent statutory prohibitions on use even with consent. Third parties may condition use of their services or products on consent to such data use, even where a data subject may consent without actually reading the consent document they execute.

As to “cyber privacy” the legal regime is further defined by related, analogous statues that may prohibit unauthorized access to a computer, a network and related data, unauthorized interception of, interference with or transmission of data and unauthorized data processing and analytics of a data collection.

Any of these may be authorized by statute, judicial order or the consent of a data subject.

So the data processes of the Smart City may be completely permissible under the law. But the benefits of the Smart City, such as locational services, may create unexpected risks.

Security and privacy issues

For such instruments the privacy concerns relate to the data kept in them. Locational data can detail much about a person’s life they do not wish revealed, as Justice Sotomayor discussed as to medical, political or social contexts. GPS systems can track destination and origination points when used and may even store the actual route taken. Access to contact lists and messages tells much that may need to be kept private for personal, professional or commercial reasons.

Locational data can be a key security concern. Many set the GPS originating address from their homes. Access to these data details that home location. If the automobile is away from home, that home may be a better target for burglary. If the driver is avoiding a stalker, now the stalker knows where they live.

The OBD II systems are open access without sufficient security. OBD II Bluetooth dongles may be surreptitiously installed, allowing external monitoring. Vehicles with native Bluetooth access may also be compromised.

The Event Data Recorders raise several issues. Vehicle manufacturers have used EDR data in their defense against claims their vehicles were at fault in crashes. Claims of surreptitious data collection as an invasion of privacy have been rejected. Id.

Legally these data are within the control of the vehicle owner who controls access to that data absent a judicial order to produce it to third parties, including the government. Accessing these data without consent or a judicial order is unauthorized access to a computing device that carries both criminal and civil penalties.

With these data from these sources, the next step is to collect that data via systems that offer remote viewing and remote analysis for many different purposes.

Teilen: