As cities today are becoming more intelligent with the ability to collect massive amounts of data, data ownership is a debated topic. With the Internet of Things (IoT) and data from connected sensors, cities can provide better services that improve citizens’ lives. All of the data being collected leaves citizens and government leaders wondering who owns the data? What are best practices for data ownership and data governance in smart cities today? By better understanding what it means to have data ownership and establishing best practices in data governance we can identify standards that can be adopted by cities everywhere. Data ownership will enable cities to focus their attention on how decisions are made and how the public is engaged.

I will start by defining what data ownership means. Techopedia states, “Data ownership is the act of having legal rights and complete control over a single piece or set of data elements. It defines and provides information about the rightful owner of data assets and the acquisition, use, and distribution policy implemented by the data owner”.

Ownership of data creates challenges that present themselves when working with a wide range of stakeholders and managing a citywide data infrastructure. Cities are responsible for managing multiple sources of data that have to be protected, maintained, and used in a transparent way. That is why Fybr believes that the client (the city) should always own the data. The city then has the legal authority and power to control who shares, monetizes, and uses the data collected.

Looking into this topic a little deeper I asked Fybr’s CEO, Bob Glatz to weigh in on how Fybr approaches data ownership in regards government contracts. He stated, “We have always done the same deal with respect to data ownership. The client owns the data. Fybr requests a license to use the data for internal business purposes.”  He goes on to define what ‘business purposes’ mean.

“The definition of ‘Fybr’s business purposes’ may have been modified a bit from time to time, but in general we’ve tried to be very broad. What we’ve had in mind with respect to our business purpose is building a comprehensive database that would answer the questions about how effectively our solution(s) work for clients in terms of results of individual business cases. The idea is that we want to be able to say that if San Francisco raises rates by X it has Y impact on congestion. So, it is really the use of our sensor data and the clients modification of business processes and/or rules and the result of the business decisions and how those rule changes impact outcomes.”

There are a number of ways for cities to approach data ownership and data governance, so I have developed a list of four steps to serve as a guide for government leaders.

Clearly define and be transparent about the use and ultimate goals of smart city data being collected.

What we know today about smart cities is there is not a “one size fits all“ solution due to the wide range of problems that can vary city to city. This is also true for data ownership as well as data governance. You can start by identifying where you want to focus and address the problems by clearly defining the desired outcomes and manageable goals you wish to achieve with the data. It is crucial to actively involve citizens in this process with local meetings, sharing information on social channels, as well as keeping your cities website up-to-date.

Create a standard “data ownership” clause in procurement contracts to ensure access and ownership of all data produced under third party service contracts.

Cities need to have full ownership of their smart city data in order to ensure that they have full access and control. Cities can identify and negotiate terms on a case by case basis when dealing with multiple stakeholder or develop a data trust. By taking ownership the cities can define such terms that will have the greatest benefit for citizens and their community.

Develop a set of standard data principles for building new or improving upon existing IoT smart city platforms, services, and applications. 

SmartImpact published a list of seven data principles that were developed in cooperation with a range of partners working with the city of Eindhoven. The principles include:

  • Privacy first
  • Open data and interfaces
  • Embrace open standards
  • Share where possible
  • Support modularity
  • Maintain security
  • Accept social responsibility
Build a holistic approach to data management that keeps your city protected from cybersecurity threats.

Managing “big data” can be a daunting task with a huge amount of responsibility and accountability. It is important to build an approach to data management that works best for your cities needs. Historically, departments within city government have been siloed, but now with smart city data can we bridge the gaps in communication by establishing how that data is shared across all departments. This will lead to better decision-making and gives you the tools required to maintain citizen privacy. This approach also facilitates mitigating risks involved in cybersecurity. We can think of this in the context of the “the human factor” where would a hacker have the highest impact or disrupt city services? By identifying the weaknesses you can build in security measures needed to ensure your city is protected now and in the future.