A proposal to transform a rundown section of Toronto’s waterfront into a tech-connected community continues to be wracked with contention, concern and high-profile resignations. Google sister company Sidewalk Labs has partnered with Canadian government agency Waterfront Toronto to hatch the futuristic Quayside redevelopment plans and “fundamentally refine what urban life can be.” However, concerns around data protection, privacy implications and the cyber liability of such a connected community continue to dominate debate.
Ontario’s former privacy commissioner Ann Cavoukian is one of the latest to distance herself from the project. She resigned from Sidewalk Labs in October, claiming a privacy framework she developed for the project, called Privacy by Design, was being overlooked by the Alphabet Inc.-owned firm.
A key feature of Cavoukian’s Privacy by Design is that when personally identifying data is collected by surveillance cameras and sensors, it is immediately removed or “anonymized”. While Sidewalk Labs “committed to implement” Privacy by Design, the firm said: “The question of whether other companies involved in the Quayside project would be required to do so is unlikely to be worked out soon, and may be out of Sidewalk Labs’ hands.”
According to the Canadian Press, Cavoukian resigned to pressurize Waterfront Toronto to honour the principals of Privacy by Design and protect people’s personal information. In response to Cavoukian’s plea, Waterfront Toronto said it would “recognize and respects the obligation to adhere to Canadian privacy laws, which go beyond Privacy by Design.”
However, the data privacy question has caused trouble within the ranks of Waterfront Toronto as well. Prominent Toronto developer, Julie Di Lorenzo, resigned from the Waterfront Toronto board over the project, posing the question: “How can [Waterfront Toronto], a corporation established by three levels of democratically elected government, have shared values with a limited, for-profit company whose premise is embedded data collection?”
Marcyn Weryk, senior cyber underwriter at AXA XL, commented: “I do think the Toronto waterfront redevelopment plan presents a new set of privacy exposures for everybody involved. However, over the last few years there has been growing public understanding and acceptance of what privacy really means, and a lot of people are now willing to share information about themselves with providers – as long as they know what data is being collected and how it’s being used.”
Others have highlighted the opportunities that such a high-tech project brings to Toronto. Adam Vaughan, a federal lawmaker whose district includes the Quayside development, said debate around big data is hitting cities across the world and he’s glad Toronto is at the forefront of discussion. He
added: “Google is ahead of governments globally and locally. That’s a cause for concern but it’s also an opportunity.”
“I don’t disagree with [Vaughan’s] statement that Google is ahead of governments in terms of privacy, knowledge and how best to manage big data. They’re one of the largest collectors of data in the world and they’re very smart when it comes to understanding the edifications of all things privacy and data collection,” commented Weryk.
“At AXA XL, we personally meet with Google / Alphabet Inc. on an annual basis and we learn a lot from them. There’s a circle of communication that needs to exist between providers like Google, the insurance industry and end-users, so that everyone can learn from each other. I think the insurance industry is also fairly well prepared, but when it comes to comparing our overall knowledge of privacy to a giant like Google, I think it would be foolish to say the insurance industry knows more.”
Sidewalk Labs chief executive Dan Doctoroff has brushed off privacy concerns associated with the Waterfront redevelopment. The firm’s data and privacy proposal says it will relinquish control of data gathered in public spaces to an independent organization to be set up and called the Civic Data Trust, which will then police rules around data use and privacy protection.
David Derigiotis, corporate vice president and director of professional liability at Burns & Wilcox, told Insurance Business: “The Internet of Things (IoT), connected devices and smart cities are all capturing enormous amounts of data across all industry sectors. Anything that’s connected - whether it’s an autonomous car, a water leak detector or a heat-sensing pavement – is extrapolating and pulling data, so there are going to be more privacy exposures tied in with that.
“Data is king. We’re going to see a lot more push and pull between data collection and privacy rights in the near future and it’s important for insurers and brokers to be prepared. At Burns & Wilcox, we’re preparing by focusing on privacy law and regulation, and making sure we’re aligning ourselves with strong risk management firms and cyber security companies that can offer services in addition to a cyber policy, so that our clients can properly assess their risk and purchase the appropriate limits.”