Smart Communities: A Conversation with Kelsey Finch


One of FPF Policy Counsel Kelsey Finch’s areas of focus is Smart Communities, a field which draws from many of FPF’s issue areas. From her Seattle office, she has the opportunity to do hands-on work with cities in the Pacific Northwest. Last year, she worked with city officials on Seattle’s first Open Data Risk Assessment, which she hopes will be a model for other municipalities seeking to develop a thorough, transparent data policy that maximizes the utility of public data to its residents while minimizing privacy risks to individuals and following the highest ethical standards.

A new generation of tech-savvy city leaders is increasingly turning to better uses of data to solve problems of equity, responsiveness, traffic, and environmental protection in their communities. For example, neighborhoods with limited public transportation options could benefit from a more integrated mobility ecosystem, while better use of data could help with crime detection and efficient deployment of resources. This “Cities as Platforms” approach holds exciting possibilities, as long as municipal governments are guided by sound privacy practices.

Kelsey Finch recently discussed her work on Smart Communities and how we can expect cities to be further transformed by data collection and sharing.

How did you come to work on Smart Communities for FPF?

I had been working on Smart Cities as a Westin Fellow at the International Association of Privacy Professionals, where I collaborated with [Current FPF Senior Fellow and Israel Tech Policy Institute co-Founder] Omer Tene on a research paper dealing with privacy protections in a “hyperconnected” town. When I joined FPF, it was a natural fit to continue our collaboration. I love working in this area because it pulls together so many different threads in privacy debates: location data, sharing data for research purposes, mobility, ethics and algorithms, you name it!

What kind of work has FPF done in this area?

We’ve done everything from speaking engagements, academic papers, convenings of stakeholders – that’s chief privacy officers, city policymakers, community organizers, tech contractors, and the like – to interactive infographics that show all the various ways data is collected and integrated throughout a city. You really can’t think of any of these technologies as being siloed from other sites of data collection; it’s all connected.

I’ve also had the chance to work directly with cities like Seattle to consult on their open data programs, ensuring that they make data as transparent and accessible as possible without sacrificing privacy or ethics. We also help train them in using data portals to evaluate the performance of city policies. Those portals help cities measure things like emergency response time, congestion, and more. Our hope is that by optimizing open data programs in flagship cities, we can create models other communities can follow.

Additionally, I’ve filed comments and provided advice on a range of initiatives, including Chicago’s “Array of Things”, the New York City Mayor’s Office of Information Privacy, the City of Portland’s privacy principles, and the Networking and Information Technology Research and Development’s (NITRD) Draft Smart Cities and Communities Federal Strategic Plan. We’re also launching an initiative of our own, Smart Privacy for Smart Cities, which is supported by the National Science Foundation through a nationally competitive grant process. This 2-year effort will see FPF and our partners collaborate to host workshops, create privacy impact assessments, and create a Privacy Leaders Network for local government officials to navigate emerging privacy issues, connect with their peers, and promote responsible data practices.

What are some of the current debates in the world of Smart Cities?

One of the most important conversations in the smart cities space today is about community engagement and participation in decisions about data and privacy. Privacy is usually thought of as an individual preference, but cities and communities need to make collective decisions – so how do we ensure that individuals’ voices will be heard? We should strive to give individuals choices about how their data is collected and used whenever possible, but when that isn’t possible, what democratic processes do we set up to ensure the legitimacy of these systems? And how do we make sure new technologies and data tools do not advantage one population at the expense of another? This is all relatively new, but we’re seeing a lot of innovation in local privacy governance. For example, Oakland has established a permanent Privacy Advisory Commission to evaluate surveillance technologies, Seattle relied on its Community Technology Advisory Board when developing Privacy Principles, and New York City has created a task force on automated decision-making systems. FPF has also recently published a toolkit to guide state and local officials through privacy stakeholder engagement and communications.

Another big discussion in smart cities is about how to protect personal privacy without losing out on the promises of data- and evidence-based policymaking. Cities often promote Open Data programs, for example, in order to make their activities more transparent and accountable to the public. But lot of the data that cities might want to share through open data is sensitive, and can create serious privacy risks. Part of my job, both as the leader of our smart cities work and our de-identification work, is to help cities evaluate these kinds of risks and get access to new tools in order to serve the public interest in an ethical, privacy-conscious way.

An equally important but less visible issue is ensuring that local governments start investing in and developing sustainable privacy programs – including Chief Privacy Officers, citywide privacy awareness and training efforts, and routine privacy and surveillance impact assessments. Many cities already operate on a shoestring budget, so it’s especially important that we help officials to make the most of their resources and see privacy as a competitive advantage. While private-public partnerships with technology providers and consultants can bring immediate privacy expertise to data-driven projects, it’s important for cities to start building those muscles as well.

What can we expect to see from Smart Cities in the future?

I would say more of what we’re already talking about; we’re still so early in the development of formalized privacy programs for local governments. Over the next few years, I hope to see smaller communities learning from today’s leaders and talking with their own communities about what kinds of privacy safeguards and data uses are right for them. Privacy concerns exist no matter how big or small a community is, and the challenge is creating tools that can work for any community. It will also be interesting to see how cities decide to invest in privacy resources and personnel.

Beyond the particulars of data collection, though, we really need to step back and consider the broader philosophical and political implications of smart communities. What does data justice and equity look like within a city? Which privacy harms should communities be protecting themselves against? Which secondary uses are appropriate for civic data? Should other jurisdictions and branches of government have access to city data, and be able to perform their own analyses? The answers will likely differ from city to city. In order to get to that point, though, we need to continue laying a foundation of responsible data practices and meaningful public engagement in order to earn the public’s trust in smart city technologies and in their local government.

FPF will be holding its 10th Anniversary Celebration on April 30th in Washington, DC! Ticket and registration information can be found here.