With the latest cybersecurity law proving futile in securing privacy, Fan Yang asks whether smart city campaigns are as benign as they claim to be.
In China, smart tech is tackling everything from resource management, environmental issues and traffic congestion, to welfare systems and the lack of social trust. Connected, next-generation vending machines, smart lockers in high-rise/multi-tenant buildings, Wi-Fi trackers, surveillance cameras, a social credit system, and QR-code transactions characterise China’s ‘smart cities’.
This definition of a smart city from the Smart Shanghai 2011-2013 Construction Plan emphasises the ‘smartness’ and ‘connectedness’ of the contemporary urban space:
“Innovative and transformational development requires an international-level information infrastructure system, an effective information-sensing and intelligence application system, a next-generation IT industry, and a trusted and reliable regional information security system… To give full play to the role of the market, and following government guidance, a smart city needs to carry the key features of digitalisation, networking, and intelligence to raise the city’s all-round modernisation level and let the citizens share the benefits.”
It throws light on the capacity of citizens, empowered by the Internet of Things (IOT), to partake in the system of urban governance. In this sense, the city is seen as an open, dynamic and incomplete space, within which urban residents are involved in city redesign and restructure through data generation.
In recent decades, the Chinese Government has considered smart city endeavours as a universally accepted road to urbanisation and optimising services. The origins of China’s smart cities project can be traced back to the mid-1990s, when the urban ‘Eight Gold Plan’ (八金计划) was launched, and a nationwide informational infrastructure developed.
In 2011, smart city initiatives were officially set out in China’s 12th Five Year Plan, a guideline for China’s economic development. A year later, a series of policies advancing smart city campaigns followed: the Notice of Implementing the National Smart City Pilot; the National Interim Measures for Smart City Pilot; and the Guidance on Promoting the Sustainable Development of Smart Cities; with the approval of 90 smart city pilot projects across China.
In 2018, China has about 500 smart city pilots, outnumbering all other countries combined.
Making cities safer is one of the key drivers of smart city practices. In Longgang, a district in Shenzhen which used to be known for its high crime rates, theft and robbery cases dropped by more than half thanks to the deployment of 7,000 new high definition cameras – fitted with artificial intelligence software – across the district.
Amid such benefits, ethicists voice this concern: how can citizens protect their privacy when sensor boxes are collecting data on everything around them? In March, Baidu CEO Robin Li’s statement on Chinese citizens’ data protection and privacy sparked an outcry: “Chinese people are relatively more open and less sensitive about the use of personal data… If they are able to exchange privacy for safety, convenience, or efficiency, in many cases they are willing to do that…”
This is not necessarily the case. At the beginning of 2018, when online shoppers using the Sesame Credit company, a financial service group collaborating closely with China’s smart cities, checked their annual transaction records, they noticed that their confidential information was being shared without proper consent. The fears about the possibility of state surveillance have also been amplified by Apple recently handing over management of the Chinese portion of its cloud computing services to companies run by the state.
Given the popularisation of smart city initiatives and the pervasiveness of data collection and surveillance in China, there is a need to assess the adequacy of the latest cybersecurity law which came into effect on 1 June, 2017. The law innovatively proposes the protection of personal information online as a fundamental civil right. It states that “personal information of natural persons is legally protected by Cybersecurity Law. No organisations or individuals can abuse or misuse personal online information.”
Service providers are obliged to protect the personal data of individuals by collecting and managing it responsibly. But the government’s role in protecting the privacy of its citizens is not explicitly stated.
The politics and governance of data generated from interconnected digital devices in cities remain absent from this legal framework.
The issue of media convergence in the context of smart cities also complicates things. A range of new and innovative services for mobile platforms is being developed. The wide coverage of Wi-Fi networks, the use of smart phones, and the incorporation of building sensors into new and existing urban infrastructures are all enabling pervasive digital connectivity and data aggregation. So, while the cybersecurity law establishes a need for proper data management, the question of who precisely is responsible is yet to be answered.
At an individual level, the problem is that increasingly detailed methods of data aggregation may enable the re-identification of individuals from collected and anonymised data. Algorithmically determined decisions may make design and policy choices that are unseen by the public.
Cities in China have become much more technologically sophisticated in a short period of time. There will be an ongoing battle between the rapid expansion of smart cities and the privacy issues created by these campaigns.
To date, China’s approach to privacy and security has been haphazard and uncoordinated. Instead of sloganeering proclaiming the smart city as the solution to all urban ills, a more targeted and systematic approach that aims to minimise the potential risks of smart tech should be adopted.
This article is based on the author’s paper ‘Privacy concerns in China’s smart city campaign: the deficit of China’s Cybersecurity Law’, co-written with Jian Xu and published in Asia & the Pacific Policy Studies in May 2018. All articles in the journal are free to read and download.