Categorydigital rights

Smart Cities & Human Rights

S

This article is part of 20in20, a series of 20 blog posts in 20 days to kick off the blogging year 2020. This is 20in20:02.

If you’ve followed this blog or my work at all, you’ll know that I’ve been doing a fair bit of work around Smart Cities and what they mean from a citizens and rights perspective, and how you can analyze Smart City projects through a lens of responsible technology (which of course has also been the main mission of our non-profit org, ThingsCon).

For years, I’ve argued that we need to not use tech goggles to look at how we can and should connect public space but rather a rights-based perspective. It’s not about what we can do but what we should do, after all.

But while I’m convinced that’s the right approach, it’s been non-trivial to figure out what to base the argument on: What’s the most appropriate foundation to build a “Smart City Rights” perspective on?

A recent conversation led me to sketch out this rough outline which I believe points in the right direction:

Image: A sketch for a basis for a Smart City and Human Rights analytical framework

There are adjacent initiatives and frameworks that can complement and flank anything based on these three (like the Vision for a Shared Digital Europe and its commons-focused approach), and of course this also goes well with the EU’s Horizon 2020 City Mission for Climate-neutral and smart cities. So this is something I’m confident can be fleshed out into something solid.

Are there any other key documents I’m missing that absolutely should be incorporated here?

Category Error: Tracking Ads Are Not a Funding Mechanism

C

This article is part of 20in20, a series of 20 blog posts in 20 days to kick off the blogging year 2020. This is 20in20:01.

A note to put this in perspective: This blog post doesn’t pull any punches, and there will be legitimate exceptions to the broad strokes I’ll be painting here. But I believe that this category error is real and has disastrous negative effects. So let’s get right to it.

I’ve been thinking a lot about category errors: The error of thinking of an issue as being in a certain category of problems even though it is primarily in another. Meaning that all analysis and debate will by necessity miss the intended goals until we shift this debate into a more appropriate category.

I increasingly believe that it is a category error to think of online advertising as a means to fund the creation of content. It’s not that online advertising doesn’t fund the creation of content, but this is almost a side effect, and that function is dwarfed by the negative unintended consequences it enables.

When we discuss ads online, it’s usually in the framing of funding. Like this: Ads pay for free news. Or: We want to pay our writers, and ads is how we can do that.

To be clear, these are solid arguments. Because you want to keep news and other types of journalism as accessible to as many people as possible (and it doesn’t get more accessible than “free”). And you do want to pay writers, editors and all the others involved in creating media products.

However.

Those sentences make sense if we consider them in their original context (newspaper ads) as well as the original digital context (banner ads on websites).

There, the social contract was essentially this: I give my attention to a company’s advertisement, and that company gives the media outlet money. It wasn’t a terribly elegant trade in that there are still (at least) three parties involved, but it was pretty straightforward.

Fast forward a few years, and tracking of success of individual ads gets introduced, which happens in steps: First, how many times is this ad displayed to readers? Then, how many readers click it? Then, how many readers click it and then follow through with a purchase? There’s a little more to it, but that’s the basic outline of what was going on.

Fast forward a few years again, and now we have a very different picture. Now, ads place cookies on readers’ devices, and track not just how often they’re been displayed or clicked or how often they convert to a purchase.

Contemporary tracking ads and their various cookies also do things like these: Track if a reader moves the cursor over the ad. Tracks from which website a reader comes to the current website and where they head after. Track the whole journey of any user through the web. Track the software and hardware of any reader’s devices and create unique fingerprints to match with other profiles. Match movement through the web with social media profiles and activities and likes and shares and faves. Track movement of the reader in the physical world. Build profiles of readers combined from all of this and then sell those in aggregate or individually to third parties. Allow extremely granular targeting of advertisements to any reader, down to the level of an ad personalized for just one person. And so on.

This is nothing like the social contract laid out above, even though the language we use is still the same. Here, the implied social contract is more like this: I get to look a little at a website without paying money, and that website and its owner and everyone the owner chooses to make deals with gets to take an in-depth look at all my online behaviors and a significant chunk of my offline behaviors, too, all without a way for me to see what’s going on, or of opting out of it.

And that’s not just a mouthful, it’s also of course not the social contract anyone has signed up for. It’s completely opaque, and there’s no real alternative when you move through the web, unless you really know about operational security in a way that no normal person should ever have to, just in order to read the news.

This micro-targeting is also at the core of what might (possibly, even though we won’t have reliable data on it until it would be too late, if confirmed) undermines and seriously threatens our political discourse. It allows anti-democratic actors of all stripes to spread disinformation (aka “to lie”) without oversight and it’s been shown to be a driver of radicalization by matching supply with demand at a whole new scale.

Even if you don’t want to go all the way to this doomsday scenario, the behavior tracking and nudging that is supposed to streamline readers into just buying more stuff all the time (you probably know how it feels to be chased around the web by an ad for a thing you looked up online once) without a reasonable chance to stop it is, at best, nasty. At worst, illegal under at least GDPR, as a recent study demonstrated. It also creates a surprising — and entirely avoidable! — carbon footprint.

So, to sum up, negative externalities of tracking ads include:

  • micro-targeting used to undermine the democratic process through disinformation and other means;
  • breaches of privacy and data rights;
  • manipulation of user behavior, and negatively impacting user agency;
  • and an insane carbon footprint.

Of course, the major tracking players benefit a great deal financially: Facebook, who make a point of not fact-checking any political ads, i.e. they willingly embrace those anti-democratic activities. Google, who are one of the biggest provider of online ad tracking and also own the biggest browser and the biggest mobile phone operating system, i.e. they collect data in more places than anyone else. And all the data brokers, the shadiest of all shadow industries.

Let me be clear, none of this is acceptable, and it is beyond me that at least parts of it are even legal.

So, where does that lead us?

I argue we need to stop talking about tracking ads as if they were part of our social contract for access to journalism. Instead, we need to name and frame this in the right category:

Tracking ads are not a funding method for online content. Tracking ads are the infrastructure for surveillance & manipulation, and a massive attack vector for undermining society and its institutions.

Funding of online content is a small side-effect. And I’d argue that while we need to fund that content, we can’t keep doing it this way no matter what. Give me dumb (i.e. privacy friendly, non-tracking) ads any day to pay for content. Or, if it helps keep the content free (both financially as well as free of tracking) for others then I think we should also consider paying for more news if we’re in any financial position to do so.

(What we shouldn’t do is just pay for our own privacy and let the rest still be spied on, that’s not really a desirable option. But even that doesn’t currently exist: If you pay for a subscription you’ll still be tracked just like everyone else, only with some other values in your profile, like “has demonstrated willingness to spend money on online content”.)

So, let’s recognize this category error for what it is. We should never repeat these statement again that ads pay for content; they do not. (Digital ad spend goes up and up but over the last 15 years or so newspaper revenue through digital ads have stayed pretty flat, and print collapsed.) Ads online today are almost completely tracking ads, and those are just surveillance infrastructure, period. 

It’s surveillance with a lot of negative impact and some positive side effects. That’s not good enough. So let’s start from there, and build on that, and figure out better models.

Data about me in my city

D

This article is a few months old (and in German), but two points of view that I’ll just offer side by side as they pretty much sum up the state of play in smart cities these days.

For context, this is about a smart city partnership in which Huawei implement their technologies in Duisburg, a mid-sized German city with a population of about 0.5 million. The (apparently non-binding) partnership agreement includes Smart Government (administration), Smart Port Logistics, Smart Education (education & schools), Smart Infrastructure, 5G and broadband, Smart Home, and the urban internet of things.

Note: The quotes and paraphrases are roughly translated from the original German article.

Jan Weidenfeld from the Marcator Institute for China Studies:

“As a city administration, I’d be extremely cautious here.” China has a fundamentally different societal system, and a legal framework that means that every Chinese company, including Huawei, is required to open data streams to the communist party. (…)

Weidenfeld points out that 5 years ago, when deliberations about the project began, China was a different country than it is today. At both federal and state levels, the thinking about China has evolved. (…)

“Huawei Smart City is a large-scale societal surveillance system, out of which Duisburg buys the parts that are legally fitting – but this context mustn’t be left out when assessing the risks.”

Anja Kopka, media spokesperson for the city of Duisburg:

The city of Duisburg doesn’t see “conclusive evidence” regarding these security concerns.The data center meets all security requirements for Germany, and is certified as such. “Also, as a municipal administration we don’t have the capacity to reliably assess claims of this nature.” Should federal authorities whose competencies include assessing such issues provide clear action guidelines for dealing with Chinese partners in IT, then Duisburg will adapt accordingly.

The translation is a bit rough around the edges, but I think you’ll get the idea.

With infrastructure, when we see the damage it’s already too late

We have experts warning, but the warnings are of such a structural nature that they’re kinda of to big and obvious to prove. Predators will kill other animals to eat. ????

By the time abuse or any real issue can be proven, it’d be inherently to late to do anything about it. We have a small-ish city administration that knows perfectly well that they don’t have the capacity to do their due diligence, so they just take their partners’ word for it.

The third party here, of course, being a global enterprise with an operating base in a country that has a unique political and legal system that in many ways isn’t compatible with any notion of human rights, let alone data rights, that otherwise would be required in the European Union.

The asymetries in size and speed are vast

And it’s along multiple axes — imbalance of size and speed, and incompatibility of culture — that I think we see the most interesting, and most potentially devastating conflicts:

  • A giant corporation runs circles around a small-to-mid sized city. I think it’s fair to assume that only because of Chinese business etiquette was the CFO of one of Huawei’s business units even flown out to Duisburg to sign the initial memorandum of understanding with Duisburg’s mayor Sören Link. The size and power differential is so ridiculous that it might just as well have been the Head of Sales EMEA or some other mid-level manager that took that meeting. After all, for Chinese standards, a city of a population of a half-million wouldn’t even considered a third tier city. Talk about an uneven playing field.
  • The vast differences of (for lack of a better word, and broadly interpreted) culture in the sense of business realities and legal framework and strategic thinking between a large corporation with global ambitions and backed by a highly centralized authoritarian state on one side, and the day-to-day of a German town are overwhelming. So much so, that I don’t think that the mayor of Duisburg and his team are even aware of all the implicit assumptions and biases they bring to the table.

And it’s not an easy choice at some level: Someone comes in and offers much needed resources that you need and don’t have any chance to get, desperation might force you to make some sub-prime decisions. But this comes at a price — the question is just how bad that price will be over the long term.

I’m not convinced that any smart city of this traditional approach is worth implementing, or even might be worth implementing; probably not. But of all the players, the one backed by a non-democratic regime with a track record of mass surveillance and human rights violations is surely at the bottom of the list.

It’s all about the process

That’s why whenever I speak about smart cities (which I do quite frequently these days), I focus on laying better foundations: We can’t always start from scratch when considering a smart city project. We need a framework as a point of reference, and as a guideline, and it has to make sure to keep us aligned with our values.

Some aspects to take into account here are transparency, accountability, privacy and security (my mnemonic device is TAPS); a foundation based on human and digital rights; and participatory processes from day one.

And just to be very clear: Transparency is not enough. Transparency without accountability is nothing.

Please note that this blog post is based on a previously published item in my newsletter Connection Problem, to which you can sign up here.

What type of smart city do we want to live in?

W

Warning: Trick question! The right questions should of course be: What type of city do we want to live in? What parts of our cities do we want to be smart, and in what ways?

That said, this is the talk of my talk for NEXT Conference 2019 in which I explore some basic principles for making sure that if we add so-called smart city technology to our public spaces, we’ll end up with desirable results.

What happens when one product in a family of connected products fails?

W

About a year ago, we changed our home audio setup to “smart” speakers: We wanted to be able to stream directly from Spotify, as well we from our phones. We also wanted to avoid introducing yet another microphone into our living room. (The kitchen is, hands down, the only place where a voice assistant makes real sense to me personally. Your mileage may vary.) Preferably, there should be a line-in as well; I’m old school that way.

During my research I learned that the overlap of circles in this Venn diagram of speakers that are (a) connected (“smart”) for streaming, (b) have good sound and (c) don’t have a microphone is… very thin indeed.

The Venn diagram of speakers that are connected (“smart”), good and have no microphone

The Sonos range looked best to me; except for those pesky microphones. Our household is largely voice assistant free, minus the phones, where we just deactivated the assistants to whatever degree we could.

In the end, we settled for a set of Bang & Olufsen Beoplay speakers for living room and kitchen: Solid brand, good reputation. High end. Should do just fine — and it better, given the price tag!

This is just for context. I don’t want to turn this into a product review. But let’s just say that we ran into some issues with one of the speakers. These issues appeared to be software related. And while from the outside they looked like they should be easy to fix, it turned out the mechanisms to deliver the fixes were somewhat broken themselves.

Long story short: I’m now trying to return the speakers. Which made me realize that completely different rules apply than I’m used to. In Germany, where we are based, consumer protection laws are reasonably strong, so if something doesn’t work you can usually return it without too much hassle.

But with a set of connected speakers, we have an edge case. Or more accurately, a whole stack of edge cases.

  • The product still fulfills the basic function, just in a way that is so diminished and awkward to get to work because of a software issue that it’s too much to do on a daily basis, meaning the speakers simply stay off. It kinda works, kinda doesn’t. Certainly doesn’t work as advertised.
  • If one of these gets returned and I wanted to switch to a different brand, then I’d be stuck with the other speakers in the set, which are now expensive paperweights: Connected products work in families, or so-called platform ecosystems. One without the other just doesn’t make sense. It’s like the chain that breaks as soon as the weakest link breaks. So can I return all of them because there is a software issue with one of them?

This is going to be an interesting process, I’m afraid. Can we return the whole family and switch on over to a different make of speakers? Or are we stuck with an expensive set of speakers that while not quite broken, is very much unusable in our context?

If so, then at least I know never to buy connected speakers again. Rather, then I guess I’d recycle these and instead go back to a high end analog speaker set with some external streaming connector – knowing full well that that connector will be useless in a few years time but that the speakers and amp would be around and working flawlessly for 15-20 years, like my old ones did.

And that is the key insight here for our peers in the industry: If your product in this nascent field fails because of lacking quality management, then you leave scorched earth. Consumers aren’t going to trust your products any more, sure. But they are unlikely to trust anyone else’s, either.

The falling tide lowers all boats.

So let’s get not just the products right: In consumer IoT, all too often we think in families/ecosystems. So we have to consider long-term software updates (and mechanisms to deliver them, and fall-backs to those mechanisms…) as well as return policies in case something goes wrong with one of the products. And while we’re at it, we need to equally upgrade consumer protection regulation to deal with these issues of ecosystems and software updates.

This is the only way to ensure consumer trust. So we can reap the benefits of innovation without suffering all the externalized costs as well as unintended consequences of a job sloppily done.

(See also the ThingsCon Trustable Technology Mark, Better IoT, Tech Transformed.)

Update (Oct 2019): Turns out other companies also start recognizing that there’s a demand for mic-free speakers: Sonos just launched a speaker that they market specifically for it being mic-free, and it’s otherwise identical to one of their staples. (It’s called the One SL; I imagine the “SL” stands for “streamlined” or “stop listening” but I might be projecting.)

Developing better urban metrics for Smart Cities

D

When we embed connected technologies — sensors, networks, etc. — into the public space*, we create connected public space. In industry parlance, this is called a Smart City. (I prefer “connected city”, but let’s put the terminology discussion on the back burner for now.) And data networks change the way we live.

* Note: Increasingly, the term “public space” has itself come under attack. In many cities, formerly public (as in publicly owned & governed) has been privatized, even if it’s still accessibly by the public, more or less. Think of a shopping mall, or the plazas that are sometimes attached to a shopping mall: You can walk in, but a mall cop might enforce some house rules that were written not by citizens but the corporation that owns the land. I find this not just highly problematic, I also recommend flat out rejecting that logic as a good way forward. Urban space — anything outside closed buildings, really — should, for the most part, be owned by the public, and even where for historical reasons it can’t be owned, it should at least be governed by the public. This means the rules should be the same in a park, a shopping mall-adjacent plaza, and the street; they should be enforced by (publicly employed) police rather than (privately employed) mall cops. Otherwise there’s no meaningful recourse for mistreatment, there’s no ownership, citizens are relegated from stakeholders to props/consumers.

Networks and data tend not to ease but to reinforce power dynamics, so we need to think hard about what type of Smart City we want to live in:

  • Do we want to allow people to get faster service for a fee (“Skip the line for $5”), or prefer everyone to enjoy the same level of service, independent of their income?
  • Do we want to increase the efficiency for 90% of the population through highly centralized services even if it means making the life of the other 10% much harder, or do we plan for a more resilient service delivery for all, even if it means the overall service delivery is a tad slower?
  • Do we want to cut short-term spending through privatization even if it means giving up control over infrastructure, or do we prioritize key infrastructure in our budgeting process so that the government can ensure quality control and service delivery in the long term, even if it costs more in the short term?

These are blunt examples, but I reckon you can tell where I’m going with this: I think democratic life requires public space and urban infrastructure to be available to all citizens and stakeholders, and to work well for all citizens. Pay for play should only apply for added non-essential services.

“Don’t confuse the data you can capture with the things you need to know!

In order to shape policies in this space meaningfully, we need to think about what the things are that we prioritize. Here, a brief warning is in place: the old management adage “you can’t manage what you don’t measure” is problematic to say the least. All too often we see organizations act on the things they can measure, even if these things are not necessarily meaningful but just easy to measure. Don’t confuse the data you can capture with the things you need to know!

What do we want to prioritize, and maybe even measure?

That said, what are the things we want to prioritize? And might it even be possible to measure them?

Here I don’t have final answers, just some pointers that I hope might lead us into the right direction. These are angles to be explored whenever we consider a new smart city project, at any scale — even, and maybe especially, for pilot projects! Let’s consider them promising starting points:

Participation
Has there been meaningful participation in the early feedback, framing, planning, governance processes? If feedback has been very limited and slow, what might the reasons be? Is it really lack of interest, or maybe the barrier to engagement was just too high? Were the documents to long, too full of jargon, to hard to access? (See Bianca Wylie’s thread on Sidewalk Labs’ 1.500+ page development plan.) Were the implications, the pros and cons, not laid out in an accessible way? For example, in Switzerland there’s a system in place that makes sure that in a referendum both sides have to agree on the language that explains pros and cons, so as to make sure both sides’ ideas are represented fairly and accessibly.

Sustainability
Would these changes significantly improve sustainability? The UN’s Sustainable Development Goals (SGD) framework might offer a robust starting point, even though we should probably aim higher given the political (and real!) climate.

Will it solve a real issue, improve the life for citizens?
Is this initiative going to solve a real issue and improve lives meaningfully? This is often going to be tricky to answer, but if there’s no really good reason to believe it’s going to make a meaningful positive impact then it’s probably not a good idea to pursue. The old editors’ mantra might come in handy: If in doubt, cut it out. There are obvious edge cases here: Sometimes, a pilot project is necessary to explore something truly new; in those cases, there must be a plausible, credible, convincing hypothesis in place that can be tested.

Are there safeguards in place to prevent things from getting worse than before if something doesn’t work as planned?
Unintended consequences are unavoidable in complex systems. But there are ways to mitigate risks, and to make sure that the fallback for a failed systems are not worse then the original status. If any project would be better while working perfectly but worse while failing, then that deserves some extra thought. If it works better for some groups but not for others, that’s usually a red flag, too.

When these basic goals are met, and only then, should we move on to more traditional measurements, the type that dominates the discourse today, like:

  • Will this save taxpayers’ money, and lead to more cost-effective service delivery?
  • Will this lead to more efficient service delivery?
  • Will this make urban management easier or more efficient for the administration?
  • Will this pave the way for future innovation?

These success factors / analytical lenses are not grand, impressive ideas: They are the bare minimum we should secure before engaging in anything more ambitious. Think of them as the plumbing infrastructure of the city: Largely unnoticed while everything works, but if it ever has hiccups, it’s really bad.

We should stick to basic procedural and impact driven questions first. We should incorporate the huge body of research findings from urban planners, sociologists, and political scientists rather than reinvent the wheel. And we should never, ever be just blinded by a shiny new technological solution to a complex social or societal issue.

Let’s learn to walk before we try to run.