Privacy
Governance Policy and Process
This document provides a framework within by which our Research Team at the University of North Carolina at Charlotte (operators) will implement and manage the SmartSafe StreetScapes (S4) research program in Charlotte by 1) defining the initial scope of the program, 2) establishing the roles and responsibilities of program partners; and, 3) describing the process by which decisions about the program will be made.
The S4 program is term-limited, and will be conducted from 10/2018 to 10/2022, with a possibility for extension. This Governance Policy and Process document will thus be in full effect until that time when the budget is exhausted, or research is completed, whichever comes first.
This document is complimented by the S4 Privacy Policy, which sets forth requirements regarding Personally Identifiable Information (PII). Policies set forth in this document will remain in effect in perpetuity.
Guiding principle
We value privacy, engagement, and objectivity.
Program overview
With the new wave of growth in urban areas and demand for more walkable community environments, addressing threats to citizens from distracted walking and driving, as well as street-based crime, have become important community concerns. Recent advances in information processing and communication technologies have opened the path to address the safety and security of our community and making it a safer place for the residents. To effectively apply technology to community problems, domain experts, community partners, and computer scientists and engineers need to work closely together.
In October 2018, the UNC Charlotte Research Team was awarded funding from the National Science Foundation (NSF)’s Smart and Connected Communities (S&CC) program to co-develop technology to support public safety. The $1.9 million, 4-year grant will develop an optical sensing platform that uses artificial intelligence (AI) to detect and prevent street crime without the use of profiling. The goal of this research is to work with law enforcement, community members, and researchers to create an autonomous camera system capable of detecting common street- and parking lot-based crimes, such as theft from auto. The S4 program operators will deploy an urban-scale research instrument comprising of pole-mounted video cameras each equipped with a microprocessors and software trained to identify behaviors consistent with common street crimes. The types of crime monitored, as well as the modality of alarm, will be co-developed with direct assistance from the communities in which they are deployed.
During the planning for S4, funded by the National Science Foundation (NSF), we convened representatives from the City of Charlotte’s Office of the City Manager, Office of Sustainability, and Planning Department to describe our technology and research objectives. We then delivered a presentation and community survey on the proposed technology. The survey asked residents their preferences regarding which crimes and risks to guard against, attitudes towards privacy issues associated with monitoring, and recommendations on how best to tune monitoring to specific geographic context (e.g., commercial thoroughfares, residential streets, etc.). These initial survey results revealed the community was very concerned about pedestrian safety and criminal activities (more than 90% of participants). The community was highly receptive to edge video analytics (more than 80% found video processing without storing actual video data unless an important event of interest detected), a solution to maintain their privacy.
These results established the relevance of the proposed technology to local community challenges, and garnered a conditional acceptance to proceed with a platform that did not store data. To support this effort, we applied for and received further funding from NSF to co-develop the S4 technology with the community, and deploy it in series of phased “testbeds” on the UNC Charlotte campus and in Charlotte’s North End District.
The program operators will develop functionality to enable research, application development, education, prototyping, or demonstration projects. Research and application is only conducted after approval by UNC Charlotte’s Internal Review Board (IRB), a process that ensures no harm will be done to the public or protected populations. Senior design students under the direction on Dr. Hamed Tabkhi began developing the software algorithms needed to direct S4 in Fall of 2018. The development of prototypes and demonstration is expected to be completed by late Spring 2019, and shared with communities for evaluation and feedback for incorporation into each successive technology generation. The location of testbeds will be determined via the process identified later in this document (§4.3).
S4 will operate as an instrument, involving an infrastructure and related services for research, development, education, prototyping, and demonstration of both open and proprietary technologies and services aimed at improving public safety and livability of cities. In short, S4 will support “Smart City” research, development, and education. S4 will be designed to support specific instrument use: the collection of video data about public urban spaces, and support for research in software and services.
Support for Evolving Technologies over Time
The development of the S4 hardware/software platform involves engineering and placing a network of physically secure enclosures with power, Internet access, and standard specifications that will allow for efficient installation/replacement of those devices by Duke Energy technicians. Duke Energy owns and operates streetlight infrastructure in Charlotte. These devices must operate for period of months without physical intervention, and must be provided with adequate environmental protection. The program operators and Duke Energy will cooperate to enable nodes to be repaired and replaced in case of damage or loss.
Support for Software and Serviced Projects
Though the pace at which information and communication technologies evolves is rapid, there is a much larger potential research and education community focused on new software and services, harnessing existing hardware technologies. To support such projects will require that the S4 allow controlled access to shared programmable devices within the nodes. Once this functionality is available, changes may be required to S4 polices and processes to prevent misuse and ensure reliable and usable functions for provisioning and scheduling resources, validating and loading custom software, and restoring the devices to a known state between experiments.
Program Operators
The UNC Charlotte S&CC Research Team will manage and operate the S4 program, in partnership with the City. The program operators are responsible for the design, development, repair, replacement, and support of camera platforms and the technical infrastructure.
The program operators will leverage strategic partnerships with outside entities, including but not limited to industry, academia, and not-for-profits, as well as the increasing availability of open source tools and frameworks that can be adapted to or applied directly to the instrument, to support program goals.
The City will support the operators by providing program oversight; policy guidance; installation and maintenance support; and technical assistance to ensure that resulting data is publicly accessible.
Executive Oversight Council
An executive oversight council (EOC) will oversee the S4 program, and is responsible for setting policy and establishing processes and procedures related to system operation, configuration, and capabilities, access to data and other resources, and communication and interactions with the City and community.
The council will be co-chaired by a representative of the City of Charlotte’s Office of Sustainability and the Lead PI for UNC Charlotte’s S&CC Research Team, with additional members selected from academia, industry, not-for-profits, and the community. These members will be invited based on recommendations from S4 partners and others who work with community groups, or solicited via public meetings and the S4 website.
The EOC will meet quarterly or as needed.
A set of policies and processes is required to ensure that S4 operates according to the program’s guiding principles and within the established scope and budget. These policies and processes must protect the privacy and security of Charlotte residents and visitors, ensure accountability and transparency, and consider education and proactive communication.
Policy
This policy document, and associated data management and privacy policy documents, will be reviewed annually.
Transparency
The S4 program operators will maintain a public website with current information on the project (smartsafecharlotte.charlotte.edu), including educational materials regarding the hardware and software technologies and capabilities associated with S4, a directory with detailed information on all components, experiments, and projects supported by S4, all policies and procedures for S4 operation.smartsafecharlotte.charlotte.edu), including educational materials regarding the hardware and software technologies and capabilities associated with S4, a directory with detailed information on all components, experiments, and projects supported by S4, all policies and procedures for S4 operation.
The program operators will produce an annual report, which will be published to its website and will summarize any legal request or changes made to policies, processes, node locations, or capabilities made throughout the year.
Locations
The locations selected for S4 deployment will maximize the positive impact that city residents, policy practitioners, and researchers can obtain from the project. S4 will only be located in areas that meet community approval (below), as decided by the EOC.
S4 locations will be selected with the goal of enabling the following benefits within a geographic area:
- Deployment can provide data relevant to developing or refining S4 platform algorithms and architectures
- Further development and refinement of the instrument could be optimized, measured, or informed based on use.
In addition, neighborhood density, the location of partner institutions within a geographic area, and the availability of traffic lights or alternative structures (e.g. a building wall) required to mount S4 will be considered.
Prior to deploying S4 in a given geographical area, the program operators and/ or representatives from the City of Charlotte will:
- Meet with community leaders to discuss the objectives of the project and the policies and processes in place regarding issues such as privacy, coordinated by the UNC Charlotte;
- Hold community meetings with residents, where the goals and details of the project will be discussed, including an emphasis on policies and procedures regarding safety, security, and privacy of the network, and on the benefits to the neighborhood associated with the network. Local media will be invited to cover these workshops
- Post the privacy policy online prior to community meetings for residents to provide comments and questions.
Security
The S4 hardware and software design and operation procedures follow security practices developed by and for UNC Charlotte.
Capabilities
S4 platform capabilities will be maintained on the SmartSafeCharlotte website. Changes to the node capabilities (i.e., changes to existing sensors and introduction of new sensors) that require a change in the privacy policy must be first reviewed by the IRB.
Updates
This policy will be reviewed annually at minimum by the program operators and the EOC for possible changes. Others may request a review of this policy or submit a question to the operators of smartsafecharlotte.charlotte.edu.
Privacy Policy
The purpose of this policy is to disclose the privacy principles and practices for the SmartSafe StreetScape program. It is complemented by the SmartSafe StreetScape Governance Policy and Process document, which defines how decisions about the program will be made. The privacy policy sets forth how the operators of the S4 program will manage data, some of which may include personal information or Personally Identifiable Information (PII). The operators of the S4 are defined as the Smart and Connected Communities Research Group at UNC Charlotte.
We value privacy, engagement, and objectivity.
Personally Identifiable Information or PII[1] is any information about an individual, including “(1) any information that can be used to distinguish or trace an individual’s identify, such as name, social security number, date and place of birth, mother’s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.” As noted in NIST 800-122, this includes the following:
- Names
- Personal identification numbers
- Email or street address information
- Personal characteristics, including photographic images of face or other identifying characteristic), fingerprints, handwriting, or other biometric data (e.g., retina scan, voice signature, facial geometry)
- Information about an individual that is linked or linkable to one of the above (e.g., date of birth, place of birth, race, religion, weight, activities, geographical indicators, employment information, medical information, education information, financial information)
This policy also recognizes the sensitivity regarding location information, electronic device identifiers, or vehicle license plate information and thus considers these in its policies.
[1] 1 “PII” has been defined in accordance with the National Institute of Standards and Technology’s Special
Publication 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII). Updates to the NIST guidelines will be reviewed as part of the regular review of this policy.
A SmartSafe StreetScape annual report will be published each year, beginning in June 2019, outlining the achievements of the program, as well as any updates or unintended deviations from the privacy policy. Due to cybersecurity threats, we will not publish hardware and software specifications, design, and locations of S4 deployments until the research is concluded.
S4 technology is designed and operated to protect privacy. S4 will use five types of data, each with their own storage considerations. For the purposes of instrument calibration, testing, and software enhancement, images and audio files that may contain PII will be periodically collected to improve, develop, and enhance algorithms that could detect and report on conditions such as noted above. This raw calibration data will be stored in a secure facility for processing only by authorized researchers during the course of the S4 project, including for purposes of improving the technology to protect PII. All image processing operations involving proposed publication of information that would affect the privacy policies will be subject to approval by UNC Charlotte IRB. Any such data, such as could be found in images or sounds, will not be made public.
Data in the form of video recordings will be collected in sequential phases.
- Phase 1 – Pre-recorded video of common crime behaviors made available by local police departments. This data will be used for initial training of AI algorithms and may be stored indefinitely.
- Phase 2 – At the UNC Charlotte Campus, in cooperation with Campus Police, we will capture video of crime-indicated and non-crime indicated behaviors demonstrated by actors recruited for the purpose of creating AI training data. Signed release agreements will be secured in advance of any recording, including protected classes such as students if they are employed. This data may be stored indefinitely.
- Phase 3 – At the UNC Charlotte Campus, in cooperation with Campus Police, we will capture video of crime-indicated and non-crime indicated behaviors exhibited in parking lots. As this data will be used to calibrate and assess the accuracy of the AI, all data will be stored and reviewed. This data may be stored indefinitely.
- Phase 4 – We will used trained and calibrated AI to record crime-indicated behavior in public street and parking lot settings. In real time, video will be analyzed at the hardware/software platform node, at which non-crime recording will be automatically deleted. Crime-indicated recording will be saved by researchers for accuracy assessment and be made available to relevant authorities.
This project will also collect anonymous survey response data as community input to co-design and co-create S4 technology. To do this, program operators will periodically conduct voluntary, IRB approved surveys and interviews community stakeholders and residents as part of the co-design process.
In all cases, access to collected data is restricted to operator employees, contractors and approved scientific partners for instrument design, calibration and testing. All individuals with access to this data will be subject to strict contractual confidentiality obligations and will be subject to discipline and/or termination if they fail to meet these obligations.
Support for Evolving Privacy Policy Over Time
As the program progresses, the EOC reserves the right to modify Phase 4 data storage procedures, based on community feedback, to better reflect geographic context or other salient factors.
This policy will be reviewed annually at minimum by the operators for possible changes. Others may request a review of this policy or submit a question to the operators through the project’s public website (http://smartsafecharlotte.charlotte.edu). Any proposed changes to the policy will be posted online for public review and comment prior to their incorporation. Notifications of these and related actions will also be disseminated through the project’s social media account (@smartsafecharlotte in Twitter).