In 2019, Facebook confirmed that its own unsecured databases resulted in a data leak of 419 million users. The passwords and phone numbers of these users were completely unencrypted. As the global trend to create “smarter” social infrastructures grows, the need for effective privacy-enhancing technology is greater than ever. Not only is this necessary for social networks like Facebook, but for critical infrastructures as a whole.

The ADSC team, collaborating with TUMCREATE, National University of Singapore, Nanyang Technological University, and De Montfort University, is developing a tool, called Privacy Modelling Language or PrivML for short, that models the smart city system, but works with a particular emphasis on the lifecycle of data and associated privacy risk.

A smart city is a system of modernized critical infrastructures. This could include energy, transportation, agriculture, manufacturing, construction, smart homes, and many other common systems. In order to protect our privacy on these systems, it is necessary to understand and assess potential privacy risks in the early design phase. Steps must also be taken to mitigate risk if a system is compromised. ADSC researcher Daisuke Mashima said the data collected in smart cities may pose a threat beyond general security.

“Healthcare information could do harm to someone’s reputation if it exposes them for having a disease like HIV for example,” said Mashima. “Exposing this data could also cause monetary loss if insurance information is misused.”

According to Mashima, PrivML and associated tools are designed to help system developers and operators implement “privacy by design”.. A major inhibition to comprehensive assessment of privacy risk is the lack of a standardized way to describe the architecture of a system from a privacy perspective. With this blueprint, all engineers in the process would be able to properly assess the risks of a given system, including potential privacy risk at the points where data is collected, stored, and/or processed in the system.

“Often, privacy and security design are bolted on after the fact, but this makes updates difficult or costly,” said Mashima. “Privacy by design is crucial.”

Mashima says the intended users of this project will be designers and developers of systems consisting of smart city infrastructure. This technology can be used to evaluate privacy risk and mitigations in a quantitative manner. It can also be used for auditing or assessment of a critical infrastructure system. Above all else, this technology contributes to the privacy and assurance of all users who benefit from smart city systems.