Skip to content

Brought to you by

Dentons logo

Privacy and Cybersecurity Law

Coverage and commentary on developments in data protection.

open menu close menu

Privacy and Cybersecurity Law

  • Home
  • About Us

Privacy issues in smart cities – Lessons learned from the Waterfront Toronto – Sidewalks project

By Chantal Bernier
June 29, 2020
  • Canada
  • Privacy Rights
  • Smart Cities
Share on Facebook Share on Twitter Share via email Share on LinkedIn

Dentons has had the privilege to act as privacy counsel to Waterfront Toronto in the development of the smart community Quayside project with Sidewalk Labs. The experience made clear that no smart city can proceed without social license and that there is no social license without addressing privacy risks.  

Risk #1: Surveillance both from the State and surveillance capitalism.

Digital solutions generally create the risk of law enforcement access to the data they collect. Risk mitigation includes publicly available guidelines to assess law enforcement agencies’ access requests and public transparency reports on how many requests were received, granted or rejected.

Capitalist surveillance particularly arose around the Quayside project because of the link to Alphabet and Google. This must be addressed with procurement contract terms restricting the use of the personal data.    

Risk #2: Collection without valid consent.

Smart cities digital solutions often collect data without consent. To respect the right to privacy, this must be restricted to public sector digital solutions that are demonstrably necessary and private sector solutions with a reasonable business purpose and prominent signage. Otherwise, the collection must be optional, for example through an app.

Risk # 3: Excessive collection of personal data.

The breadth of personal data collection in digital solutions in smart city projects makes it difficult to contain it to what is necessary for specific purposes. To address this risk, Sidewalk Labs had proposed privacy protective technology that “locked” personal data into specific purposes and retention times.

Risk #4: Data breach.

Through intensive public consultations by Waterfront Toronto, we heard the acute concern about data breach. Barcelona, to name one smart city, chose block chain to secure its digital solutions and reassure citizens.

Risk # 5: Data Monetization.

Akin to the issue of surveillance capitalism, the P3 structure generally supporting smart cities creates concerns that the private partner may monetize the personal data collected through the digital solutions. This must be addressed through the procurement contract.

Risk #6: Lack of anonymity for differently abled persons 

Waterfront Toronto had the wisdom of consulting differently abled persons.  In relation to privacy, they made us realise how a solution that may appear anonymous – for example, one that only captures movement in a residential building – may actually be identifying for the one person who moves differently. The privacy lens in a smart community must reflect varied experiences.

Risk #7: Loss of data sovereignty

With exceptions, Canadian privacy law does not prohibit cross border data transfers. In the Quayside project, however, the idea that a city’s data, through a foreign private partner, would be hosted in a foreign jurisdiction under different privacy laws was identified as a significant privacy risk. Mitigation meant requiring storing personal data in Canada.

In short, as privacy counsel, we learned how pivotal privacy is in realizing a smart city project and how integrating privacy to a smart city opens up its extraordinary potential. 

For more information on privacy issues in big cities, please watch our recent webinar “Global Smart Cities & Connected Communities Think Tank Virtual Roundtable: Future of Privacy Concerns” by clicking on this link.

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Chantal Bernier

About Chantal Bernier

Chantal Bernier leads Dentons’ Canadian Privacy and Cybersecurity practice group. She is also a member of the Firm’s Government Affairs and Public Policy group. Chantal advises leading-edge national and international companies as they expand into Canada and Europe, enter the e-commerce space, adopt data analytics and roll out data-based market initiatives. Her clients include ad tech companies, financial institutions, biotech companies, data analytics firms and government institutions.

All posts Full bio

RELATED POSTS

  • Canada
  • New and Proposed Laws

Québec’s new privacy bill: a comparison of Bill 64, PIPEDA and the GDPR

By Chantal Bernier, Kirsten Thompson, and Olivia D'Souza
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Europe
  • General
  • New and Proposed Laws
  • Privacy Rights
  • United Kingdom
  • United States

The new SCCs and what you need to know

By Tatiana Kruse
  • Privacy Rights

Privacy and Data Usage in Hong Kong : An Overview and Update

For anyone interested in privacy and data usage in Hong Kong, here is an overview of current privacy and data […]

By Julianne Doe

About Dentons

Dentons is designed to be different. As the world’s largest law firm with 20,000 professionals in over 200 locations in more than 80 countries, we can help you grow, protect, operate and finance your business. Our polycentric and purpose-driven approach, together with our commitment to inclusion, diversity, equity and ESG, ensures we challenge the status quo to stay focused on what matters most to you. www.dentons.com

Dentons boilerplate image

Twitter

Categories

  • Accountability
  • Asia Pacific
  • Canada
  • Cloud Computing
  • Consumer Protection
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • Europe
  • General
  • Government Information
  • Health Information Privacy
  • Latin America
  • Marketing, Cookies & Spam
  • New and Proposed Laws
  • Privacy Notices
  • Privacy Rights
  • Record Retention
  • Smart Cities
  • United Kingdom
  • United States

Subscribe and stay updated

Receive our latest blog posts by email.

Stay in Touch

Dentons logo

© 2023 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site