Our Data, Our Privacy. Part 2.

Last week we looked at how our lives are made more convenient all the time by companies and organizations that provide services and then gather data about our activities. We mentioned that in the past, private businesses and government gathered information separately. Today we’re beginning to see pressure to combine these public and private efforts, the beginnings of a sort of cooperation.

It is unclear what specific information is gathered by the City, what is done with it, who it is shared with and how safely it is being guarded by those to whom we entrust our safety. There is no Department of Data Transparency at City Hall.

Now, this is not to suggest that in real life our city government assembles information with bad intentions – far from it. We all navigate within powerful streams of data, information that the City can use to improve our lives and do its job better. Santa Monica’s City Manager wrote a couple of years ago that “the greatest potential benefit to residents is to better utilize data to improve our quality of life by making government far more effective in the 21st Century.” Data is neither benign nor malicious; it is neutral. But how this information is used is critically important. There are already controversies among some residents about how the City’s Wellbeing Project and Santa Monica Malibu Unified School District (SMMUSD) obtain and use information about residents. This trend will continue.

There is little we can do to control what private companies do with our information, other than refuse their services or products, but it’s a different matter where it pertains to the City. Here, there is a great deal we can do to protect information about us that is obtained, used and stored by the City. We can take our cue from Europe which is way ahead of the U.S. on this problem.

The European Union has created a strong set of rules to protect the data privacy of individuals. The rules control how data is obtained, when it can be processed, who is accountable for its safety, and the privacy rights of citizens. The basic principle is that privacy should be available by design, and by default. Consumers cannot be denied a service because they refuse to allow collection of unnecessary data and, importantly, a citizen whose privacy rights have been violated by the city has a right to compensation. Cities in Europe, such as Dublin, Ireland have adopted these standards and put them into effect. It’s worth reading Dublin’s concise presentation of the rules, here: https://tinyurl.com/y94uaame

Dublin can do it, why not Santa Monica? We need safeguards in place to protect personal data compiled by the City. We also need some kind of oversight by a third party to make sure the data is used with care and only when necessary. A few critical steps should be considered by our City Council:

  1. Create a “Privacy Czar” at City Hall with express responsibility for citizens’ privacy rights. In effect, a Chief Data-Protection Officer.
  2. Identify “choke” points in the system where data is obtained. Establish “privacy champions” who will act to preserve and protect data in those departments. Examples include housing, finance planning and development and transportation.
  3. Create a public commission of citizens to oversee satisfactory performance by the city on data privacy matters.
  4. Incorporate these rules into an amendment of the City Charter. Make sure that data privacy protection becomes embedded deeply within the city government’s structure and properly implemented.

We are still early in the era of the Data Tsunami, but not so early that we should ignore the warnings that became so plainly clear in the last elections. There are many good reasons for the City to compile information about its residents and citizens. But there should be safeguards in place to make sure the data is secure and used appropriately by the City. A few years ago few would have blinked at the idea of a parking garage that reads license plates, but now we’ve seen the scandals that result from improper use of data. That’s why it is so important to introduce safeguards wherever we can – before it is too late.

We rely on the City to protect us in many different ways. The City’s fundamental obligation is to use data responsibly, and protect our data privacy. Let’s take the right steps to make that happen today.

Daniel Jansenson Architect, Building and Fire Life-Safety Commissioner, for SMa.r.t.