Smart cities, personal data and citizens’ rights in Brazil
By Danilo Doneda and Diego Machado
(See portuguese version here)
Among the various conceptual propositions of smart cities, it becomes increasingly clear that the city “smartness” is not limited to the use of Information and Communication Technologies (ICTs) for data processing. Broadly speaking, the use of data technologies is the first aspect for the smartness of the city. However, other common elements usually are: (i) special attention to physical and network infrastructures; (ii) provision of more efficient public services; (iii) combination, interconnection and integration of infrastructures and systems to enable social, environmental, cultural and economic development; and (iv) the shared optimistic vision of a better future.
The combination of these elements can trigger transformations of ample magnitude and with potentially tremendous impact on city dwellers’ everyday life. Therefore, they should be accompanied by due reflection on their effects on individuals, and such reflection should be considered for the formulation of a regulatory environment that encourages the implementation of smart cities in a way that adequately protects the rights of the city inhabitants.
In the Brazilian scenario, the Reference Paper “Technology Demonstration Environment for Smart Cities”, published in 2017 by ABDI (Brazilian Industrial Development Agency) and Inmetro (National Institute of Metrology, Quality and Technology), using the IoT (Internet of Things) Plan of Action Report developed by MCTIC (Ministry of Science, Technology, Innovation and Communication) and BNDES (Brazilian Development Bank), is based on the understanding that “the Smart City is one that, through the absorption of innovative solutions, especially linked to Information and Communication Technologies (ICTs), the Internet of Things movement and Big Data phenomenon, optimizes the public demands (which vary according to the City in study), taking into consideration, as far as possible, the current technological stage of humanity.”
Under this approach, the aforementioned Reference Paper is directly influenced by the International Organization for Standardization (ISO) standards and methodologies to indicate the city’s “smartness evaluators”. Although ISO 37122 – Indicators for Smart Cities is still under construction, it inspired the formulation of indicators such as: centralized, integrated and smart control of information and public structures and services of the city, telecommunications infrastructure and connectivity in the city, smart public lighting, smart public safety, and smart management of public health.
These indicators can serve as guidelines to orientate legislators in the complex regulatory initiative of smart cities, whose normative frame of reference implies legislative and administrative competencies at all federative levels. Taking public safety as an example, the integration of state authorities in the smart city discussions is essential, for instance when implementing systems similar to the “Detecta” system of the State of São Paulo, which has more than 3,000 surveillance cameras and “gathers the largest database of police information in Latin America”, from the interconnection of the databases of civil and military police, the Judiciary Police Digital Record of Occurrences (RDO), the Institute of Identification (IIRGD), Operational System of the Military Police (SIOPM- 190), Criminal Photo System (Fotocrim), as well as vehicle and National Driver’s License (CNH) database.
There are important challenges to be faced in the infrastructure and logic layers to provide connectivity and interoperability at appropriate levels, as well as others related to development of appropriate policies. However, ensuring the rights of citizens, whose data will be massively collected and processed in the smart city ecosystem, is increasingly highlighted as the fundamental issue that is and should be considered, especially in a context of increasing use of smart services for (predictive) policing.
In addition to interfering with the right to privacy, it is no wonder that collecting personal data on a large scale increases the risk of discriminatory bias in algorithmic and automated decision-making systems, especially in predictive policing and facial recognition applications, against minorities and vulnerable groups.
In the context of smart cities, it is important to point out that the collective dimension of data protection becomes particularly relevant. The classification of groups of people using automated profiling techniques with the ultimate purpose of predicting the behavior of such collectivities may evade the traditionally individual perspective of privacy protection and the concept of personal data defined by article 5,I of the Brazilian General Data Protection Law (LGPD). However, the risk of discrimination and interference in the rights and freedoms of certain groups remains, for example, in public safety applications with a facial recognition system using software that may have 5 to 10% lower accuracy for black people than for caucasians. Due to this type of malfunctions innocent black people in peripheral communities may be the main targets of systematic police actions.
In such context, the personal data protection principles of transparency and prevention should be applied in order to identify the need for additional caution, requiring impact reports to protect data or even to the prohibition of using some technologies.
Therefore, the need for protection of citizens and data subjects should be translated into rights and freedoms of city dwellers and data subjects, and into the duties of public authorities, controllers and operators. In this perspective, the legal regime defining the basic protections for city dwellers, which must accompany systems implemented in smart cities, should include at least:
a) Right to anonymity or data anonymisation: personal information collected in smart city systems should be treated only if necessary and appropriate for the purpose of its collection and processing, otherwise, if excessive, it should be anonymised (LGPD, art. 6th,III);
b) Right to review decisions made by automated systems that provide unlawful interference in the legally protected interests of the data subject (LGPD, article 20);
c) Obligation to adopt the pertinent technical and administrative security measures (articles 6, VII, 46) in order to implement reliable information standards according to the state of the art;
d) Obligation to carry out an impact assessment of specific smart city systems on the protection of personal data (RIPD).
An analysis of municipal laws related to smart cities in São Paulo, Rio de Janeiro and Curitiba, which is going to be published by the Smart Cities project of FGV Law School, shows the absence of consistent policies regarding the regulation of personal data processing promoted by local Public Administrations.
Despite the possibility of obtaining health data, in the context of smart public-health services, for example, there is little clarity and insufficient protections of individuals’ sensitive personal data in the regulations.
Another of the critical regulatory aspects for a smart city ecosystem is information security. In such an ecosystem, the principle of security is one of the precepts of essential observance for respect for the individual and collective rights of citizens. Although the above mentioned municipalities have information security policies, legislation needs to provide for security requirements and measures for the processing of personal data. For example, in the municipal legislation consulted, there is no express provision or the duty of public entity data-controllers to notify data subjects of the existence of a security system violation and data leakage.
The forthcoming entry into force of the LGPD, foreseen for August 2010, will require all activities that to some extent involve the processing of personal data to comply with the new provisions. In the case of smart cities, however, such adaptation should take into account particular factors and guidelines, given the immense permeability of the effects of data processing for city inhabitants and its implementation in public spaces and in situations and scopes that do not allow the citizen to exercise effective choices about the use of their data. In this sense, data processing systems in smart cities should consider in depth a series of issues, spanning from information security and proportionality to the principle of data minimization.
However, perhaps the most relevant point is to stimulate the proper introduction in the regulatory agenda and in the implementation of smart city systems and services of the preventive elements already defined by the LGPD. Such elements include, among others, the need for the design of technical tools leading to taking into account its impact on privacy and the need to demonstrate what measures have been taken to comply with the LGPD provisions. In this sense, there is ample room for the definition of these elements in technical standards or as conditions to be included in in public tenders for the provision of smart city services.