Data about me in my city

This article is a few months old (and in German), but two points of view that I’ll just offer side by side as they pretty much sum up the state of play in smart cities these days.

For context, this is about a smart city partnership in which Huawei implement their technologies in Duisburg, a mid-sized German city with a population of about 0.5 million. The (apparently non-binding) partnership agreement includes Smart Government (administration), Smart Port Logistics, Smart Education (education & schools), Smart Infrastructure, 5G and broadband, Smart Home, and the urban internet of things.

Note: The quotes and paraphrases are roughly translated from the original German article.

Jan Weidenfeld from the Marcator Institute for China Studies:

“As a city administration, I’d be extremely cautious here.” China has a fundamentally different societal system, and a legal framework that means that every Chinese company, including Huawei, is required to open data streams to the communist party. (…)

Weidenfeld points out that 5 years ago, when deliberations about the project began, China was a different country than it is today. At both federal and state levels, the thinking about China has evolved. (…)

“Huawei Smart City is a large-scale societal surveillance system, out of which Duisburg buys the parts that are legally fitting – but this context mustn’t be left out when assessing the risks.”

Anja Kopka, media spokesperson for the city of Duisburg:

The city of Duisburg doesn’t see “conclusive evidence” regarding these security concerns.The data center meets all security requirements for Germany, and is certified as such. “Also, as a municipal administration we don’t have the capacity to reliably assess claims of this nature.” Should federal authorities whose competencies include assessing such issues provide clear action guidelines for dealing with Chinese partners in IT, then Duisburg will adapt accordingly.

The translation is a bit rough around the edges, but I think you’ll get the idea.

With infrastructure, when we see the damage it’s already too late

We have experts warning, but the warnings are of such a structural nature that they’re kinda of to big and obvious to prove. Predators will kill other animals to eat. ????

By the time abuse or any real issue can be proven, it’d be inherently to late to do anything about it. We have a small-ish city administration that knows perfectly well that they don’t have the capacity to do their due diligence, so they just take their partners’ word for it.

The third party here, of course, being a global enterprise with an operating base in a country that has a unique political and legal system that in many ways isn’t compatible with any notion of human rights, let alone data rights, that otherwise would be required in the European Union.

The asymetries in size and speed are vast

And it’s along multiple axes — imbalance of size and speed, and incompatibility of culture — that I think we see the most interesting, and most potentially devastating conflicts:

  • A giant corporation runs circles around a small-to-mid sized city. I think it’s fair to assume that only because of Chinese business etiquette was the CFO of one of Huawei’s business units even flown out to Duisburg to sign the initial memorandum of understanding with Duisburg’s mayor Sören Link. The size and power differential is so ridiculous that it might just as well have been the Head of Sales EMEA or some other mid-level manager that took that meeting. After all, for Chinese standards, a city of a population of a half-million wouldn’t even considered a third tier city. Talk about an uneven playing field.
  • The vast differences of (for lack of a better word, and broadly interpreted) culture in the sense of business realities and legal framework and strategic thinking between a large corporation with global ambitions and backed by a highly centralized authoritarian state on one side, and the day-to-day of a German town are overwhelming. So much so, that I don’t think that the mayor of Duisburg and his team are even aware of all the implicit assumptions and biases they bring to the table.

And it’s not an easy choice at some level: Someone comes in and offers much needed resources that you need and don’t have any chance to get, desperation might force you to make some sub-prime decisions. But this comes at a price — the question is just how bad that price will be over the long term.

I’m not convinced that any smart city of this traditional approach is worth implementing, or even might be worth implementing; probably not. But of all the players, the one backed by a non-democratic regime with a track record of mass surveillance and human rights violations is surely at the bottom of the list.

It’s all about the process

That’s why whenever I speak about smart cities (which I do quite frequently these days), I focus on laying better foundations: We can’t always start from scratch when considering a smart city project. We need a framework as a point of reference, and as a guideline, and it has to make sure to keep us aligned with our values.

Some aspects to take into account here are transparency, accountability, privacy and security (my mnemonic device is TAPS); a foundation based on human and digital rights; and participatory processes from day one.

And just to be very clear: Transparency is not enough. Transparency without accountability is nothing.

Please note that this blog post is based on a previously published item in my newsletter Connection Problem, to which you can sign up here.

Leave a Reply