A new paper, ‘The (In)Security of Smart Cities: Vulnerabilities, Risks, Mitigation, and Prevention’ by Rob Kitchin and Martin Dodge, has been published in the Journal of Urban Technology. Download the paper here.
Abstract
In this paper we examine the current state of play with regards to the security of smart city initiatives. Smart city technologies are promoted as an effective way to counter and manage uncertainty and urban risks through the effective and efficient delivery of services, yet paradoxically they create new vulnerabilities and threats, including making city infrastructure and services insecure, brittle, and open to extended forms of criminal activity. This paradox has largely been ignored or underestimated by commercial and governmental interests or tackled through a technically-mediated mitigation approach. We identify five forms of vulnerabilities with respect to smart city technologies, detail the present extent of cyberattacks on networked infrastructure and services, and present a number of illustrative examples. We then adopt a normative approach to explore existing mitigation strategies, suggesting a wider set of systemic interventions (including security-by-design, remedial security patching and replacement, formation of core security and computer emergency response teams, a change in procurement procedures, and continuing professional development). We discuss how this approach might be enacted and enforced through market-led and regulation/management measures, and then examine a more radical preventative approach to security.
Abstract: In this paper we examine the current state of play with regards to the security of smart city initiatives. Smart city technologies are promoted as an effective way to counter and manage uncertainty and urban risks through the effective and efficient delivery of services, yet paradoxically they create new vulnerabilities and threats, including making city infrastructure and services insecure, brittle, and open to extended forms of criminal activity. This paradox has largely been ignored or underestimated by commercial and governmental interests or tackled through a technically-mediated mitigation approach. We identify five forms of vulnerabilities with respect to smart city technologies, detail the present extent of cyberattacks on networked infrastructure and services, and present a number of illustrative examples. We then adopt a normative approach to explore existing mitigation strategies, suggesting a wider set of systemic interventions (including security-by-design, remedial security patching and replacement, formation of core security and computer emergency response teams, a change in procurement procedures, and continuing professional development). We discuss how this approach might be enacted and enforced through market-led and regulation/management measures, and examine a more radical preventative approach to security.
The final set of papers in the Data and the City workshop were a great way to end to a fantastic event. The full catalogue of videos are listed on our Project Videos page and can be found through our Vimeo account. Thanks again for all the attendees for making this year’s workshop such a resounding success.
Data Issues
Smart City, Surveillance City: human flourishing in a data-driven urban world
David Murakami Wood, Associate Professor, Canada Research Chair (Tier II) in Surveillance Studies, Department of Sociology and Cross-Appointed in the Department of Geography, Member of the Surveillance Studies Centre, Queens University, Kingston, Ontario, Canada
Abstract
‘Smart cities’ are characterized by pervasive and distributed sensor networks generating big data for forms of centralized urban management, drawing together such previously unconnected infrastructural systems as video surveillance, meteorological stations, traffic lights and sewage systems. Although presented as largely civic, corporate and managerial, these schemes have a parallel history in military strategic thinking and policing, from crime mapping and predictive policing models, to new forms of urban warfare involving forms of distributed sensor platforms, and computer analytics, to enable forces to get a ‘clear picture’ of the complexities of the urban landscape and its inhabitants. In some cases, these have come together in overt ways, for example in the new ‘Domain Awareness’ initiatives in Oakland, California, and in New York which extends existing port security projects way beyond the military maritime ‘domain’ into the surrounding city and its governance.
Drawing on work in philosophy, science and technology studies, geography and surveillance studies, this paper considers the smart city as the archetypical urban form of the data-driven ubiquitous surveillance society. The paper considers the place of human rights in a broad sense, not simply privacy but also equity, access to services and justice, and ultimately, after Spinoza and Deleuze, the capacity of diverse human beings to flourish, in cities in which people are increasingly monitored, categorized and managed as logistical flows. It suggests some directions from the practices of bottom-up, citizen-centered city hacking initiatives and maker-spaces, but cautions that such practices are already subject to corporate capture and rebranding. The paper concludes that if smart cities are to be a way that big data can serve human flourishing, they need to be detached from narrow techno-economistic purposes and more truly refounded in social-ecological thinking, and this means dismantling many of the surveillance logics that underpin smart cities.
Michel Foucault and the smart city: power dynamics inherent in contemporary governing through code
Francisco Klauser, Assistant Professor, Faculté des lettres et sciences humaines Institut de géographie, Neuchâtel University
Abstract
Drawing upon Michel Foucault’s approach to power and governmentality, the paper explores the regulatory dynamics inherent in contemporary data-driven forms of regulation and management-at-a-distance of urban systems. More specifically, channelled through Michel Foucault’s concept of ‘security’, the paper portrays ‘governing through data’ not only as fundamentally reality-derived, relative and plural in scope and scale, but also as inherently flexible and fluid in aim and functioning. This in turn raises a series of critical questions with regard to the novel possibilities of differentiation and prioritisation, the actual adequateness, and the very implications of contemporary governing through data.
Empirically speaking, the paper focuses on the study of two high-profile pilot projects in Switzerland in the field of smart electricity management: iSMART and Flexlast. Both projects rely on massive efforts of data generation, interconnection and analysis, thus allowing the critical investigation of the rationales and problems inherent in the management of urban systems through data.
Crime Data and Analytics: Accounting for Crime in the City
Teresa Scassa, Canada Research Chair in Information Law, Faculty of Law, University of Ottawa
Abstract
Crime data are a record of incidents of crime. Such data are routinely compiled by police forces and feed into regional and national crime statistics. Crime data are relied upon in various narratives of crime in society. They are made selectively publicly available as open data and are also increasingly used in visualizations such as urban crime maps. Yet the nature of these data makes uncritical reliance upon them problematic. This paper explores the limits of crime data 21 the constraints on open data as crime data, and the deficiencies of visualizations of crime based on this data. It considers some of the practical, legal and institutional challenges of both expanding and improving these data.
