Anthony M. Townsend - Smart Cities - Big Data, Civic Hackers, and the Quest for a New Utopia

Nothing short of a crisis will force us to confront the risk of smart cities’ brittle infrastructure. The first mayor who has to deal with the breakdown of a city-scale smart system will be in new territory, but who will take the blame? The city? The military? Homeland security? The technology firms that built it? Consider the accountability challenge Stuxnet poses—we’d likely never have known about it were it not for its own bug. Carried out of Natanz by some unsuspecting Iranian engineer, the worm failed to detect that it had escaped into the open, and instead of deactivating its own reproductive mechanisms, like a real virus it proliferated across the globe.30

Bugged

When sensors are used without our knowledge or against our will, they become instruments of surveillance. Most of the sensors to create a seamless snooping system are already in place, but the data—credit-card transactions, passport scans at borders, e-mails, and phone calls—are held by a scattered array of organizations. Linking it all together, sifting through it and assembling dossiers is, for government intelligence agencies and law enforcement, a killer app for smart cities.

If that wasn’t yet clear, it became abundantly so when Vice Admiral John Poindexter returned to public service in 2002 to launch Total Information Awareness (TIA), the Pentagon’s effort to data-mine the global war on terror. Poindexter was an odd choice to head the program—his conviction in 1990 for lying to Congress about the Iran-Contra affair, while later reversed, subjected the program to increased scrutiny by civil-rights watchdogs.

Total Information Awareness was just as ominous as it sounds. At its heart was an effort to build what the Defense Department described as a “virtual, centralized, grand database” of government records, commercial transactions, and intercepted private communications. This data would be used to compute risk profiles of foreign visitors and American citizens alike, and mine it all for patterns of terrorist activity. Under intense scrutiny over another aspect of the program—a virtual market for trading predictions about geopolitical events, which people believed terrorists might use to profit from their own crimes—Congress defunded the project just as it was ramping up in 2003.31

In the meantime, however, much of the technology agenda of Total Information Awareness has been implemented by other governments and private firms around the world. In an odd geographic reconfiguration of power and control, every move, transaction, and message of city dwellers is now secreted away by fiber optics to become feedstock for pattern-matching algorithms grinding away in exurban server farms. Once havens of anonymity, big cities are fast becoming digital fishbowls. But while TIA’s grand database sought to find traces of terror cells in big data, the real value of all this covert watching is more mundane. It’s about money.

It starts in our pockets. Mobile devices, like the iPhone, keep a running record of where we’ve been. Apple quietly disclosed this practice in 2010, but it didn’t make headlines until a year later when security experts Alasdair Allan and Pete Warden created a tool for users to easily access and map it. The data wasn’t just comprehensive and detailed; it was unencrypted and copied to every machine you synced with. Owners of non-Apple smartphones smirked, but a half-year later, another scandal broke over the widespread use of Carrier IQ software on other manufacturers’ devices. And Carrier IQ didn’t just track location. As documented by Trevor Eckhar, a systems administrator living in Connecticut, it also tracked dropped calls and every single click and keystroke made by the owner.53 Wireless companies claimed this data was indispensable for troubleshooting technical problems, but privacy watchdogs were stunned by its level of detail.

Most phones allow you to turn off location tracking, but mobile devices can also be used to track us passively, without our knowledge or consent, through systems that monitor the unique wireless beacons phones send out as they communicate with nearby towers. One such system, called FootPath, is sold by Portsmouth, England- based Path Intelligence. As the 2011 holiday shopping season approached, American consumers were surprised to learn Forest City Commercial Management, an operator of shopping malls, had deployed FootPath to track shoppers in California and Virginia.54 To map our movements, FootPath relies on a carefully placed array of listening posts to track mobile devices as they wander around a building. By triangulating the beacons sent by our phones to nearby cell towers, our location can be pinpointed with an accuracy of “a few meters” (the company doesn’t publicly specify beyond that), enough to know how you move from store to store, your “dwell time” spent inside, the sequence of shops visited, and even movements between sections inside large department stores. FootPath probably gets paid on both sides—it can sell the demographics to retailers, as well as to mall operators who can use it to negotiate higher rents. Other than a sign at the mall entrance inviting shoppers to opt out by turning off their phones, the system is invisible, passive, and undetectable. Google and Nokia are also working on their own indoor positioning systems, and wireless chip manufacturer Broadcom is building features to support it in its products. “Acting like a glorified pedometer,” one tech blogger explains, “this Broadcom chip could almost track your movements without wireless network triangulation.” Using a navigational technique known as “dead reckoning” (the same way your car updates your position in a tunnel when it can’t receive signals from GPS satellites), “it simply has to take note of your entry point (via GPS), and then count your steps (accelerometer), direction (gyroscope), and altitude (altimeter).”35

Despite Congress’s objections to Total Information Awareness, law enforcement is finding the honeypot of personal data wireless carriers is accumulating irresistible. According to information filed in response to a congressional investigation in 2012, AT&T alone received over 260,000 requests for subscriber location data from American law enforcement organizations in 2011, compared to just over 125,000 in 2007—more than doubling while the company’s subscriber base grew by less than 50 percent over the same period. The company now employs more than one hundred full-time workers to respond to law-enforcement requests.56 As the New York Times reported, “the widened cell surveillance cut across all levels of government—from run-of-the-mill street crimes handled by local police departments to financial crimes and intelligence investigations at the state and federal levels.”57

In many parts of the world, mass urban surveillance is overt and often welcomed. In recent years Chinese authorities have implemented two of the largest urban surveillance projects ever attempted. In November 2010, without public objection, the city of Chongqing launched an effort, inauspiciously dubbed “Peaceful Chongqing,” to install some five hundred thousand video cameras that will soon watch every street corner and plaza in the giant metropolis, keeping an eye on more than 6 million people. No doubt the municipal government (under the thumb of law-and-order mayor Bo Xilai, who has since been removed from power on suspicion of corruption) was inspired by the success of a similar network of over twenty-five thousand cameras in the Arab Emirate of Dubai that revealed frame-by-frame how foreign assassins infiltrated the Al Bustan Rotana Hotel to kill Hamas leader Mahmoud al-Mabhouh in January 2010. From the first known use of closed-circuit television cameras to monitor crowds in London’s Trafalgar Square during a state visit by the king and queen of Thailand in 1960, urban video surveillance has come a long way.39 The Brookings Institution calculates that today it would cost S300 million in storage capacity to capture a year’s worth of footage from Chongqinq’s vast camera network. But by 2020, thanks to the steady decline of cost for digital storage devices, that figure could be just $3 million per year. “For the first time ever,” they warn, “it will become technologically and financially feasible for authoritarian governments to record nearly everything that is said or done within their borders—every phone conversation, electronic message, social media interaction, the movements of nearly every person and vehicle, and video from every street corner.”60 What’s worse is the active involvement of American firms like Cisco, which is supplying the city with network technology optimized for video transmission for an undisclosed sum 61 Other Chinese cities have their own ideas about tracking citizens’ phones and, as with so many things, intend to do it on a scale unmatched by any nation. In March 2011 city officials in Beijing announced that a comprehensive program for tracking the populace’s 17 million mobile phones would be put in place for real-time traffic management. Perhaps reflecting the greater global scrutiny of China’s new would-be world capital, or shifting values among its new middle class, the Beijing project was greeted by Chinese newspapers as an invasion of privacy.