if you want to stay happy, stay hidden!


If you want to stay happy, stay hidden. One of the reasons often put forward for wanting to live in a large city is the anonymity it offers. While everyone in small villages knows everyone else, in a city nowadays you can just blend in and ‘disappear’. But how long will this last? The rise of the Smart City could threaten this desire for invisibility. Without waiting for the arrival of self-driving cars, tools designed to map activity flows and help people to get around town can already monitor how we live and track where we go.  The digital platform operators claim to anonymise sensitive data but the way the data is processed offers opportunities for cross-referencing that can enable precise identification of individuals. Analysis of New York City taxi data makes it feasible not only to track famous celebrities around the city, but also, by tracing homeward journeys, to figure out the private addresses of supposedly ‘anonymised’ people who regularly frequent such venues as hostess bars (Source: Neustar Research).

There are even tools capable of carrying out the cross-referencing process on an industrial scale. A former Uber employee working in the security field has revealed that the ride-sharing specialist designed an interface, known as the ‘God View’, that enabled Uber staff real-time access to personal data – contact numbers, journeys made in Uber cars – on everyone using Uber services (Source: Konbini, in French).

This kind of data can then be sold on to data-brokers who re-sell it to companies for marketing profiling purposes. Sometimes however the data is used in unexpected ways or for unforeseen purposes.


traffic timelapse


When will we have ‘private navigation’ in the public space?


of mobile apps

use geolocation

In order to avoid this type of misuse will it be possible to activate a ‘private mode’ as you can on web browsers, so as to be able to wander incognito through the public space? This issue is all the more sensitive when it comes to Smart City technology, where user information and consent – which are the bedrock of data privacy – are difficult or even impossible to arrange. Out on the pavement there are no cookies to accept or refuse nor any general terms and conditions to agree to. Of course, you can always turn off your smartphone in the hope of making the radar disappear, given that 30% of all mobile apps rely on geolocation, according to the French National Commission on Informatics and Liberty (CNIL). To get some idea of the kind of information our mobile device can deliver up, all Android users have to do is look at the record of where they have been held by Google. People are most often being geolocated without being aware of it, as happens with the WiFi tracking that measures our exposure to advertising messages, including the use of ‘spy bins’ (source The Guardian). In the city of the future, there are likely to be sensors installed everywhere, though essentially invisible, like the ubiquitous video surveillance that enables individual facial recognition. So is the concept of data privacy actually compatible with the Smart City? Can people’s privacy be maintained without hampering the development of innovative services? In an attempt to answer these questions, the CNIL – the French body whose mission is to ensure correct application of privacy legislation to the collection, storage and use of digital data – has just published a report on future innovation (in French) entitled ‘The City Platform: Personal data central to the construction of the Smart City’.


Surveillance obey


“The starting point for drafting this report was the realisation that nowadays it is often private enterprise such as Waze/Google, Uber and Facebook that produce data for the use of the city departments,” explains Régis Chatellier, Head of Prospective Studies at the CNIL. Operating on the principle of ‘data in return for free-of-charge services’, “the services they offer are truly useful and are widely used by city residents,” Chatellier acknowledges, pointing out however that: While these players are providing a service to the public, they are not part of the public sector. With very few exceptions, there are no formal contracts with the local authorities to carry out a public service mission”.

 Valérie Peugeot, a researcher at Orange Labs, a member of the CNIL and former vice-chair of the French Digital Council (CNNum) underlines: “The digital technology sector players have a very clear idea of the value of the data, but what about the users who are providing the data and the public bodies? Some data needs to be available so as to provide city services, and for use by all kinds of local organisations including charitable bodies, ‘third spaces’ and residents’ associations.”

For example, data from Airbnb is potentially useful for the hotel and restaurant sector, for tourist offices, plus regional development agencies, arts and entertainment providers, and so on. “A tourist office would be able to offer differing options, depending on whether the tourist was Chinese and staying for just a half day, or a Spaniard staying for a week,” Valérie Peugeot points out, adding: “We can envisage creating a range of cultural routes through the city to show off its living heritage in different ways. Today everyone goes away with the same leaflet in their hand.”


Ghost citoyen


Private open data and the 'APIsation' of city data


Uber Movement

In order to enable local authorities to use data drawn from their cities to better effect, the French National Commission on Informatics and Liberty report explores four possible scenarios. The first already exists: the ‘private open data’ scenario. Uber for example has set up the Uber Movement platform – covering Paris and the surrounding region since 20 October – which makes journey data available in aggregated, anonymised form. This type of initiative could become more widespread if legislators decide to make it obligatory to allow publication of data deemed to be of public relevance and public interest. This is precisely what France’s new ‘Digital Republic Law’ mandates. “This type of data is useful to local authorities, and also, once it is in the form of open data, could be used by private companies looking to come up with new services,” suggests Régis Chatellier.

The second scenario, put forward by LINC – the Digital Innovation Laboratory at the CNIL – concerns what the lab calls ‘augmented data of public interest’. Here the data is no longer made anonymous – as open data is, which thus automatically downgrades its quality – but instead it is pseudonymised before being made available to organisations such as a public agency.

“Rather than supplying datasets, private sector players could set up platforms to bring the algorithms to their data, rather than the other way round using APIs. A public body – or any player with whom the private sector players might have a contractual relationship – would be entitled to obtain a reply to any question regarding the data, without ever actually accessing the data and so becoming responsible for handling it themselves.

Regis Chatellier

Régis Chatellier

  This is the essence of the debate that took place in New York City about the data being published by – once again – Uber. City Hall felt that aggregated data did not sufficiently meet its needs. To help its planning, intended to make New York a more efficient city, the authorities needed more fine-tuned data, in order to work out for example which areas of the City are poorly served by public transport. (Source: Wired).

In this situation, the local authority will become responsible for processing the ‘augmented’ public interest data, and will be required to handle it in full compliance with data privacy regulations, under the auspices of the regulator.

The third scenario, as described above by Régis Chatellier, envisages the establishment of data access platforms. Private companies have already set up platforms of this kind in order to make their data available to the public sector, as for example under the Opal (‘Open Algorithm’) project, on which French multinational telecoms corporation Orange has teamed up with MIT.




Data Portability and the General Data Protection Regulation

Lastly, the fourth scenario looks at data portability. This is a principle introduced by the newly-minted EU General Data Protection Regulation (GDPR). The new Regulation, due to come into force next year, will allow everyone to access their own data in an open, readable format. This is not only about being entitled to look at your own data but also being able to transfer it to third parties if you wish.

If we take audio streaming as an example, it will thus become possible to switch your playlists and your listening record from Spotify over to Deezer, or vice versa. It is clear that our personalised music world, built up over many years, has a greater value than the mere cost of the subscription.

On the ‘citizen’ front, the same could hold true for data on the city produced by Waze, Google Maps or Uber. It would then be possible to send the data to a public agency for processing for city-related purposes – e.g. in order to improve urban planning, roads or municipal services.



In this way common datasets will be created. The local authority will have an agreement that the user-generated data can be used for certain purposes. “This is the most innovative scenario, but the problem will be to attain critical mass,” argues Régis Chatellier. “It will have to gain traction among a large number of people if it is to generate relevant, useful datasets.”

More generally, Chatellier believes that compliance with the GDPR, which comes into force on 25 May 2018, will create competitive advantage among players and local authorities who manage to take advantage of the situation and build trust among citizens as regards their data privacy.

Unlike the 1995 EU Directive which required member country governments to pass enabling legislation, the EU Regulation will automatically apply uniformly to all EU countries and will be immediately binding in every country. “This harmonisation process is about to create a European standard, which could become very powerful worldwide,” predicts Régis Chatellier.  

Calling on the legislators or trusted third parties…

In addition to these scenarios, Valérie Peugeot wants to see the public authorities pushing things forward. “Regulators can bang their fists on the table so as to drive things forward. This was the intention when transport data was opened up in France through the ‘Loi Macron’ (Macron Law) but it got buried because the current government has not yet passed the necessary edict giving force of law to its provisions,” she laments.

Another state initiative, a successful one this time, is the La Fabrique des mobilités (Mobility Factory). Run by the French Environment and Energy Management Agency (Ademe), this first-ever European accelerator focusing exclusively on the rapidly-changing transportation and mobility scene brings together diverse automobile sector players in order to share data, develop standards and build an ecosystem. The accelerator reckons that with public support it could involve other sectors as well.

Meanwhile, Gilles Betis, founder and President of Smart City consultancy OrbiCité and Chairman of the Smart Cities Initiative run by the Institute of Electrical and Electronics Engineers (IEEE), believes that Trusted Third Parties (TTP) have an important role to play in regulating data sharing. In the same way that French postal company La Poste came up with a digital strongbox offer, called Digiposte, to centralise your electricity bills and bank statements, “one might envisage a public, quasi-public or private operator, providing that it is sufficiently neutral and cross-cutting, interacting with other service providers. It could for example verify the validity of supporting documents,” he foresees.

Betis takes the example of ride-sharing companies whose numbers are set to expand. All of them will need drivers with driving licences. But a driver might not want to divulge all the information shown on his/her licence to a scarcely-known party. The Trusted Third Party might then take care of ensuring that the user has a valid, legally-compliant driving licence and a sufficient number of years behind the wheel. The TTP would only supply the number of the licence and its holder’s contact details in the event of an accident.

By Xavier Biseul
Journaliste indépendant