Smart cities are rarely built smart from scratch. For most cities, "smart city" signifies the presence of several smart city projects that emerge over time from various actors. These projects rely on extensive data and algorithms whose use in urban spaces and/or decision-making processes can impact the enjoyment of fundamental rights in cities. Spatially-grounded and socio-economic rights may be particularly affected. This paper explores the issue of cumulative effects on fundamental rights that may arise from the gradual accumulation of smart city projects in modern cities. It argues that in such a complex landscape of multiple actors, projects and rights, important fundamental rights impacts may be incremental and inconspicuous, and thus, difficult to detect and to stop. It advocates for a fundamental rights-oriented impact assessment process that would enable local authorities to understand and mitigate cumulative effects on fundamental rights. Drawing from the environmental law area and the examples of Cumulative Effects Assessments and Strategic Environmental Assessments therein, it provides concrete recommendations for smart city stakeholders on the essential elements needed for such a process.
Issue 1This paper is part of Future-proofing the city: A human rights-based approach to governing algorithmic, biometric and smart city technologies, a special issue of Internet Policy Review guest-edited by Alina Wernick and Anna Artyushina.1. This stems from article 52(1) of the EU Charter of Fundamental Rights, provisions of the European Convention of Human Rights (e.g. articles 8(2) and 10(2)) and fundamental rights case law.
The development of smart cities has several privacy implications and it challenges the application and enforcement of data protection law. The SPECTRE project looks at these challenges through the lens of the disciplines of law, social science and economics. The main focus of the project is to make data protection great again by moving towards greater responsibilisation in the smart city environment and by increasing participation of different stakeholders through the development of a collaborative, cost-efficient Data Protection Impact Assessment (DPIA) methodology. Furthermore, the potential of using public procurements rules to incorporate this new method for a DPIA to effectively deal with the privacy impacts of smart cities will also be explored.
This chapter examines the interplay between the GDPR and parallel private regulation in the form of privacy-related standards adopted by the International Organisation for Standardisation (ISO). Focusing on the understanding of ‘risks' in the GDPR and ISO respective ecosystems, it compares the GDPR requirement for Data Protection Impact Assessments (DPIAs) with ISO/IEC 29134:2017, a private standard on Privacy Impact Assessment explicitly referred to by EU Data Protection Authorities as relevant in the context of DPIA methods. The resulting gap analysis identifies and maps misalignments, critically reflecting on whether the parallel form of ISO regulation, in the context of DPIAs, could support or rather blurs GDPR's objective to protect fundamental rights by embracing a risks-based approach.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.