The Downside to Smart Cities

I read almost daily about another smart city initiative somewhere in the country as cities implement ideas that they think will improve the quality of life for citizens. I just saw a statistic that says that over two-thirds of cities have now implemented some form of smart city technology. Some of the applications make immediately noticeable differences like smart electric grids to save power, smart traffic lights to improve traffic flow, and smart streetlights to save electricity.

But there are a few downsides to smart city technology that can’t be ignored. The two big looming concerns are privacy and security. There was an article in Forbes earlier this year that asked the question, “Are Privacy Concerns Halting Smart Cities Indefinitely?” Citizens are pushing back against smart city initiatives that indiscriminately gather data about people. People don’t trust the government to not misuse personal data.

Some smart city initiatives don’t gather data. For instance, having streetlights that turn off when there is nobody in the area doesn’t require gathering any data on people. But many smart city applications gather mountains of data. Consider smart traffic systems which might gather massive amounts of data if implemented poorly. Smart traffic systems make decisions about when to change lights based upon looking at images of the cars waiting at intersections. If the city captures and stores those images, it accumulates a massive database of where drivers were at specific times. If those images are instantly discarded, never stored and never available for city officials to view then a smart traffic system would not be invading citizen privacy. But the natural inclination is to save this information. For instance, analysts might want to go back after a traffic accident to see what happened. And once the records are saved, law enforcement might want to use the data to track criminal behavior. It’s tempting for a city to collect and store data – all for supposedly good reasons – but eventually, the existence of the data can lead to abuse.

Many people are very leery of systems that capture public video images. If you look at smart city sales literature, it’s hard to find sensor systems that don’t toss in video cameras as part of any street sensor device. I just saw a headline saying that over 400 police departments now partner with Ring, the video cameras people install at their front door – which allow police to have massive numbers of security cameras in a city. It’s incredibly easy for such systems to be abused. Nobody is uncomfortable with using surveillance systems to see who broke into somebody’s home, but it’s highly disturbing if a policeman is using the same system to stalk an ex-wife. Video surveillance isn’t the only sensitive issue and smart city technology can gather all sorts of data about citizens.

What I find scarier is security since smart city systems can be hacked. Security experts recently told Wired that smart city networks are extremely vulnerable to hacking. Municipal computer systems tend to be older and not updated as regularly. Municipal computer systems have the same problems seen in corporations – weak passwords, outdated and ignored security patches, and employees that click on spam emails.

Smart city networks are more vulnerable to attack than corporate networks that sit behind layered firewalls because a smart city network can be attacked at the sensor edge devices. It’s well known that IoT devices are not as rigorously updated for security as other components of computer networks. I’ve seen numerous articles of hackers who were able to quickly defeat the security of IoT devices.

While there might be a concern that city employees will abuse citizen data there is no doubt that hackers will. It’s not hard to envision hackers causing mischief by messing with traffic lights. It’s not hard to envision terrorists paralyzing a city by shutting down everything computer-related.

But the more insidious threat is hackers who quietly gain access to city systems and don’t overtly cause damages. I have one city client that recently found a system they believe has been compromised for over a decade. It’s not hard to envision bad actors accessing video data as a tool to use for burglary or car theft. It’s not hard to imagine a bad actor selling the data gathered on city networks to players on the dark web.

I’m not against smart city technology, and that’s not the point of this blog. But before a city deploys networks of hundreds of thousands of sensors, they need to have planned well to protect citizen data from misuse by city employees and by abuse from hackers. That sounds like a huge challenge to me and I have to wonder how many cities are capable of doing it right. We’ve seen numerous large corporations get hacked. Smart city networks with huge numbers of sensors are far less secure and look to be an open invitation to hackers.

Investing in Fiber

fios vanThere is a recent short article in Forbes titled, To Evade the Wheeler Tax, Capital is Fleeing Digital Infrastructure by Hal Singer. The premise of the article is that the FCC’s move to regulate broadband under Title II has somehow driven the large ISPs to stop investing in broadband. He cites the fact that Verizon has used their excess cash to buy content and software rather than invest it in infrastructure. Just in the last year Verizon has bought AOL for $4.4 billion, Fleetmatics (connector of smart devices) for $2.4 billion and recently announced the purchase of Yahoo for $4.8 billion.

But Singer couldn’t be more wrong. It’s obvious that Singer has a bias against broadband regulation by the title of his article, and certainly Forbes is in generally favor of the unregulated marketplace. But for his premise to be true, Verizon would have to be stopping its expenditures for broadband and instead be choosing these new paths. And that has not happened.

Verizon stopped building FiOS fiber well over a decade ago. It’s been clear for a long time now that Verizon doesn’t think their future is in landlines. For a very long time they have considered themselves as a wireless company. One only has to look at their annual report to understand that somebody who didn’t know the company might barely realize they are in the wireline business. Those reports talk almost entirely about cellular, which makes sense since the wireless business dwarfs the broadband business.

Singer is right that Verizon has been ditching landline properties. But these were mostly in areas away from Verizon’s northeast core and included both copper and fiber assets. But it’s also clear that Verizon hasn’t given up broadband in the northeast. They are currently in the process of buying XO for $1.5 billion, one of the larger fiber-based CLECs that’s centered in the northeast. Verizon also recently announced they were going to bring broadband to Boston, and it now looks like this will become a test bed for using millimeter wave radios as a fiber-to-the curb deployment, rather than building traditional FiOS networks. My guess is that Verizon sees wireless local loops for broadband as their next big use of their cellular spectrum and existing fiber assets, and if Boston proves the new technology then Verizon will probably begin making huge investments again in broadband.

The problem with articles like Singer’s is that rich people that make big investments read Forbes and might decide that investing in broadband is a bad idea. Before they do that I hope that they look at broadband investments with the right perspective. Investing in broadband is an investment in infrastructure. And that means that such the investment is going to earn infrastructure-like returns. Anybody that builds broadband networks is likely looking at long-term returns of 10% to 20%. The returns can be a little higher for cherry-picking only the best neighborhoods. And the returns will probably be higher if wireless local loops can save on capital expenditures.

But infrastructure returns are not venture capital returns. Investments today in software and content are seeking returns of at least 30%. But such investments are a lot riskier than investing in broadband – and thus the relative returns.

The fact is that for the last ten years almost nobody has invested in broadband in this country. Most of the new construction since Verizon stopped building FiOS has come from independent telephone companies, municipalities and cooperatives. Today we are seeing more activity with the two biggest players being Google and CenturyLink, along with a dozen or so smaller urban fiber builders. We also now see the cable companies making significant investments to move cable modems to the next generation DOCSIS 3.1.

So the decision by the FCC to regulate ISPs under Title II has changed almost nothing because big telcos like Verizon were not investing in landline broadband before that decision. Certainly that decision might eventually put a cap  on the returns of the largest ISPs like Comcast and Verizon. But mostly the FCC rules are going to stop the large ISPs from ripping off the public with data caps or by raising the rates through the backdoor by inventing imaginary fees. But the FCC rules are not going to change the fundamentals of the marketplace that understands that investment in broadband is infrastructure investing. Companies that make such investments will still make infrastructure-like returns, like has been true during all of my career. The much more fundamental question that Singer ignores is, why aren’t there more companies looking to make 10% to 20% infrastructure returns? Answering that question might require a book rather than a blog or a short article.