'Smart Cities' Raise Novel Issues and Novel Risks
The advent of “smart cities”—made possible by the burgeoning “Internet of Things” (IoT)—presents revolutionary opportunities for municipal planners and developers, and the private business enterprises partnering with them.
October 24, 2018 at 01:00 PM
8 minute read
The advent of “smart cities”—made possible by the burgeoning “Internet of Things” (IoT)—presents revolutionary opportunities for municipal planners and developers, and the private business enterprises partnering with them. Along with those opportunities, however, come new types of risks that should be taken into account by governments, businesses and affected interest groups.
By one estimate, the market value of investments in IoT tools and platforms to modernize cities around the world will exceed $2 trillion by 2025. See James Bourne, “Smart cities market value to hit $2 trillion by 2025, says Frost & Sullivan,” IoT news, (April 4, 2018)). Connected devices can improve traffic control by easing traffic flow through traffic signal controls and providing access to “smart parking.” Utilities can take advantage of remote sensors to measure and direct power flow and water usage, and can use motion sensors to provide “smart lighting.” Connected devices are available to signal when industrial and institutional waste receptacles are full and in need of collection, reducing waste management costs. Sensors in public works such as bridges can be used to detect stress issues, seismic activity and other public safety parameters. See Michael Miller, “The Internet of Things: How Smart TVs, Smart Cars, Smart Homes, and Smart Cities are Changing the World” 265-79 (2015). Not only can connected devices be used to improve public utilities and public works, but the measurements they provide can in turn be used to guide decisions about development and investment. See Steve Olenski, “The Dos and Don'ts of Building a Smart City,” Forbes, (Oct. 26, 2017). The result is better and more efficient management of traffic, public spaces, and public utilities, and more responsive policing and emergency services.
But there are challenges as well. The development of smart cities by their nature will involve new modes of interaction between private enterprise and public entities. As IoT devices become ubiquitous in public spaces, the stakes are raised for issues of privacy and security, particularly given the “political” dimension of much of the data that such devices generate. And the intersection of software with the physical world raises the specter that software glitches or hacking could result not just in devices that don't work the way they should, but that cause serious property damage or injury to life and limb.
Ownership and use of data generated by smart city technology will be a hot-button issue as public/private partnerships generate more and more data. Cities have data about all kinds of subjects, including income, crime, traffic, fires and emergencies, land use, parking citations, waste removal and so on. When government entities rely on private actors to generate or collect data in the context of a smart city, questions about ownership and use of such data become acute. Needless to say, the data generated by a smart-city network can provide valuable insights into population patterns, consumer behavior, demand for services and other parameters that could easily be monetized—or misused. That such data are generated by or through a public entity sharpens the issues that surround data use and ownership, particularly in cases where there is a possibility that individualized data may be used for surveillance rather than serving individuals' needs. See Liesbet van Zoonen, “Privacy concerns in smart cities,” 33 Government Information Quarterly 472-80 (July 2016)). Evolving technology—such as cameras embedded in light bulbs mounted on street lights—render the issue more than hypothetical. Stakeholders include the government entity, the private actors participating in shaping the IoT network and gathering the data, the individual citizens whose behavior generates the data, and intermediary citizens' organizations such as condo associations or homeowners' groups.
As one example, consider a dispute that erupted when the city of Toronto partnered with a Google entity called “Sidewalk Labs” to create a 12-acre high-end waterside development (Quayside) as a prelude to developing a much larger 800-acre tract (Port Lands). The aim is to build an “advanced microgrid” to power electric cars, design “mixed-use” spaces to reduce housing costs, and employ “sensor-enabled waste separation” to aid in recycling and “use data to improve public services”—in other words, a cutting-edge “wired” development with multiple IoT applications. See Brian Barth, “The fight against Google's smart city,” Washington Post (August 8, 2018). But activists pushed back, seeking information about who would control the data generated by the enterprise, and what would be done with it. The activists objected to “public” data being harvested for private corporate purposes, and argued that “surveillance capitalism” should not be the norm, ultimately obtaining a victory when the municipality negotiated a second, more government-friendly agreement with the private business enterprise. We may expect public-private smart city partnerships to engender similar reactions in other locales.
The risk of catastrophic liability is another issue that smart cities bring to the forefront. When the integrity of physical-world objects comes to depend on software, there is an increased risk that software failures will cause real-world injuries to property and persons, potentially in large numbers. One commentator has posited the specter of a “cyber Love Canal” in which buildings or entire neighborhoods are rendered “uninhabitable” for extended periods of time (as might occur, for instance, if a software bug were to shut down heating systems in the midst of a winter freeze, resulting in burst pipes and flooding). See Sean Smith, The Internet of Risky Things: Trusting the Devices that Surround Us 2-4 (2017)). The possibility of small bugs causing massive harm is, again, more than hypothetical—a massive power outage in 2003, caused when a software bug disabled a critical power grid alarm resulting in a cascading failure, ended up costing a total of $4 billion
The scenarios for personal injury and property damage in a “smart cities” setting are legion. Failure of sensors designed to protect infrastructure could result in the collapse of a building or a bridge (or a dam). Badly designed traffic systems or ancillary software could result in automobile accidents. Power outages may render homes uninhabitable, or worse. Sadly, hostile actors have come to view such vulnerabilities as an opportunity to wreak havoc, such that smart cities need to protect not only against accidental casualties, but volitional cyberharms as well. See Arthur House, “We'd be crippled by a cyberattack on our utilities,” Washington Post (October 14, 2018). And even where harms seem to result from an “Act of God,” the involvement of IoT systems may yield claims that the harms could have been prevented or mitigated had the systems been better designed. For all these reasons, the advent of smart cities presages a whole new era of tort litigation at the intersection of products liability and municipal liability.
In recognition of the novel risks arising from the new technologies and relationships in the burgeoning smart cities marketplace, investors and businesses considering participation in the market can and should take measures to protect themselves to the extent possible in connection with issues concerning data ownership/use and potential casualties/liability, among others. With respect to data use and rights, an initial decision is whether the data generated from smart cities initiatives is integral to the business model, or merely a byproduct. If the former, then negotiated terms must provide clarity about the business' rights to collect and use the data, while also ensuring conformance with applicable privacy and security regulations (which are increasingly stringent, viz. the European General Data Protection Regulation). Otherwise, protections need to be in place to prevent the company from inadvertent entanglement in privacy/security issues. With respect to potential casualty events, businesses should, where possible, seek robust indemnification provisions to protect themselves from the sort of “public liability” tort scenarios that government entities may face, and should consider dispute resolution provisions that would protect against “hometown” bias in the event the relationship with the government entity goes awry. It is also important to ensure that insurance coverage is available, with a sufficiently broad scope and high policy limits, to respond to casualty events that may not be subject to indemnification. In general, businesses involved in these ventures should be aware of and sensitive to the “public” dimension of these sorts of projects, from not only the legal standpoint but also the political and public relations perspectives.
Mark S. Raffman, a partner in the Washington, D.C. office of Goodwin Procter, practices in litigation, products liability and mass torts, class actions and a range of other areas.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All'Appropriate Relief'?: Google Offers Remedy Concessions in DOJ Antitrust Fight
4 minute read'Serious Disruptions'?: Federal Courts Brace for Government Shutdown Threat
3 minute read‘It's Your Funeral’: On Avoiding Damaging Your Client’s Case With Uncivil Behavior
Practice Tips From—and About—the New Judges on the Northern District of California Bench
Trending Stories
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250