The information cycle and its dependencies in DSC are summarized in Figure 1. A business cannot be established without providing attractive services to service providers, and for this purpose, highly valuable information is necessary. The use of public information, such as social capital information, is essential for DSC; however, the use of private information directly generated by individuals and companies is essential to provide highly accurate, personalized, and thorough services such as trend research, marketing, and recommendation. On the other hand, opt-in is required to provide private information, and the information must be anonymized if necessary so that individuals cannot be identified. Anonymization allows the unique elements in the information to be fused, deleted, disrupted, or otherwise generalized or cluttered so that the provider of the information is not uniquely identified.
In this discussion of anonymization, we often encounter a disagreement on the recognition of its assumed technology, so we will clarify this point. When dealing with private information, there is an argument that anonymization is not necessary if, for example, cryptography is used or if secret computation technology, which has attracted attention in recent years, can be used to calculate numerical information while it is encrypted, but these are not essentially measures against the leakage of private information. However, these technologies do not essentially prevent the leakage of private information. They are technologies to keep information secret, and they are useless from the viewpoint of providing private information safely to a third party. Since the information cannot be processed as it is ciphered and the unprocessed information which can identify individuals can be retrieved by breaking the cipher, it cannot be a privacy protection measure from the viewpoint of information providers. Anonymization technology is indispensable to make it difficult to identify the information provider and to disclose the information with distribution conditions if necessary. When anonymization processing is outsourced, it is generally necessary to hand over the original information in its unprocessed form and request processing. In order to avoid this uncertainty, we have already developed a technology to perform the anonymization process in cryptography by efficiently using secret calculations such as secret sharing and fully quasi-homomorphic cryptography. This merit is described in detail in the section on information encapsulation below.
Fig.1 Dependencies and metrics in data smart cities
Issues in Data Smart Cities
While DSC-related efforts and technological maturity are progressing, the speed of its diffusion is slow. The reasons for this are summarized in the following three issues, and the ways to deal with them are presented. First, we consider the information provided and usage patterns in DSC. As mentioned earlier, there are various methods for anonymization, but what is more important is the degree of anonymization. The higher the degree of anonymization, the lower the risk of identification, but the value of the information decreases because it is far from the original information, and the entropy and the degree of information loss increase. In other words, the quality of the service using the information decreases. The higher the service quality, the more profit can be expected. Therefore, the profit can be returned to information providers as an incentive to encourage the provision of data with a small degree of anonymization. Thus, there is a trade-off between the degree of anonymization of private information and the return of profit to the information provider, and it is desirable for the information providers to decide the trade-off while considering the incentive. In addition, it is essential to consider the effort involved in obtaining opt-in, determining the trade-off, and changing the trade-off, and it is necessary to do these things in a transparent and flexible manner. The lack of such considerations is one of the reasons why the speed of DSC diffusion has been slow. This is referred to as the data infrastructure problem.
As for the permanence of DSC, there is another point of view. Local governments have a responsibility to provide and maintain essential infrastructure for residents fairly, and stable tax revenue is essential for this. But what about the information infrastructure? It is one of the essential infrastructures of daily life, but is it possible to secure adequate local tax revenue from it? For example, let’s say you shop online at home using electronic money, and a delivery truck from a neighboring town uses the roads in your town to deliver the goods and leaves them at your door. From the local government’s point of view, this transaction does not generate any tax revenue because the information of residents is used, the city’s roads and other infrastructure are used for free, and there are no stores or distribution centers in the area. In other words, it may not be possible to say that this business transaction is paying appropriate taxes to the residential area. This situation becomes more serious as the importance of the information infrastructure increases, and many similar cases can be found elsewhere. And the solution to this situation is also information and communication technology. It can be said that the problem can be solved by ensuring the exchange of information that leaves the region and the means of taxing related commercial transactions. There may be some objections to this, but can it not be considered a normalization of the current situation where only information is a special exception? If information cannot be taxed in the same way as roads and commercial activities, won’t the globalization of information lead to the collapse of local autonomy? In order to solve this problem, a fair taxation system that is fairer, more reliable, and based on the premise of social return and regional perpetuation is required, and a theory for its construction is also necessary. We call this the information taxation problem.
Solution by Information Banking and Edge Computing
An information bank handles open information, but it is also a system or an entity that centrally manages the provision of information that is entrusted to it and linked to an individual or corporation, matched with other businesses, or anonymized. As the name “trust” implies, it is also an important role to convert the information into cash. We will consider the solution to the above problem by looking at the information management mechanism of the “Information Common Platform Saitama Version”, which Saitama City started to operate in 2014. In addition, Saitama City is promoting the construction of the Smart City Saitama Model, and as part of this, the construction of an information distribution platform is being carried out. As a result of these efforts, Saitama City was awarded the Grand Prix in the Municipal Category of the Impress DX Awards. Moreover, Misono Data Smart Town Project in 2019 was ranked first overall in Japan’s SDGs Advancement Ranking of cities and wards nationwide in January 2021. We believe that this is the first example of the construction and demonstration of an information distribution system centered on an information bank in Japan.
First, based on the Personal Information Protection Law, opt-in is essential as the basis of the law. Secondary use of data is possible if appropriate anonymization is performed; however, what is the appropriate anonymization and which anonymization method is recommended are unclear and not given as national standards. Of course, theoretically, there is no perfect anonymization that can withstand all kinds of attacks. Therefore, at present, anonymization should not be regarded as a means of omitting opt-in. It has to be regarded as a leakage-risk reducing method for information providers. Even if we are reluctant to provide personal information, we may be able to accelerate the distribution of information if provided in an anonymized form.
Fig 2. Service vendors and consumers in a data smart city
As mentioned, there is a trade-off between the degree of anonymization and the value of the information. Therefore, users can freely choose the level of anonymization in addition to whether or not to provide information, taking into account the degree of trust in the service provider and the value of the service. This mechanism is realized by Vender and Consumer Relationship Management (VCRM) in the case of Saitama City (Figure 2). First, in general CRM, service providers manage consumers, who are both information providers and service users, through service use contracts and collection of usage fees. VCRM manages both CRM and VRM and all kinds of information, such as the flow of information and service. It can also manage the linkage, the service contract, and the degree of anonymization as a relationship. For example, when consumers consider using a certain service, they may want to receive a more reliable service by providing information with a smaller degree of anonymization if it is reliable. VCRM would allow consumers to change the degree of anonymity of the information provided or to stop the provision of information at any time, and the service provider would offer a service usage fee that takes into account the incentive for providing information. The service provider can also offer a service fee that takes into account the incentive for providing information and stop providing the service according to the contract. By equipping city OS and information banks with VCRM, the data infrastructure problem can be solved.
An important role for an information bank is to play a platform for service provision and to be a professional who realizes secure information distribution. They are responsible for monitoring the illegal acquisition of information from the perspective of security, including measures to prevent information leaks. In particular, a regional information bank in cooperation with a local government can be a trustworthy entity for the residents of the relevant region, as they are a community of fate living in the same region. If the residents of a region recognize that they can safely provide services and use information through an information bank, and if the information distribution mechanism can be upgraded so that the platform receives data from the information bank, it will be possible to fairly and clearly tax transactions at the information bank. This would solve the problem of information taxation.
As a pioneer of the same type of service in Japan, Saitama City has been participating in international activities such as the action cluster of the Global City Team Challenge by the U.S. National Institute of Standards and Technology (NIST) and a member of the Urban Technology Alliance. It has also been referred to as a use case in related technology standardization. As shown in Fig. 3, Saitama City conducted an experiment to acquire various information and provide services using the information.
Fig. 3: Example of Data Platform in Saitama City
Two advanced initiatives demonstrated in Saitama City are described as a further technological development of the information bank. When DSC services are provided, information is acquired by IoT devices and sent to the cloud for processing. It is desirable to process the information and provide the service within the IoT device as the most localized form. In this form, the problem of private information leakage is greatly improved. However, such devices are generally subject to severe cost and size constraints, and it is often difficult to ensure sufficient computing power. A possible solution to this problem is to outsource the processing to the edge as close as possible. Similarly, more complex processing or processing that deals with much information cannot be done at a nearby edge. Therefore, it is possible to anonymize the IoT or the nearby edge if possible and use the edge or cloud with high performance higher up in the network hierarchy for specific processing. This is a mechanism to provide services by using various devices in the network hierarchy in the right places. In addition, we can construct network and data regions; if the region is nearby the residents, it becomes closer to the original information, and the information is limited. If it becomes higher in the network hierarchy, the anonymization level becomes higher. We have constructed an information encapsulation technology that confines personal information to a region.
The second is the expansion of safety and information distribution management. When private information is leaked, if it is possible to trace where the information was leaked from, it will be possible to compensate the information provider for the information leak and to clarify the scope of responsibility of the information provider and the information user. As one of the tracing technologies, we have developed a technology that uses the diversity of anonymization to watermark information such as the information provider, the information user, and the purpose of information used as a digital watermark, and uses this watermarked information to clarify where the responsibility lies in the event of a leak. By linking with the edge, the information flowing in the network itself can be directly monitored, so it is possible to build a system to monitor the flow of information handled by the information bank itself, such as when, who, by what route, to whom, and what information is passed in order to provide what services. It is important to note that IoT devices in the region are constantly sending information to their final destination, e.g., the cloud. Even if the node that uses the information changes, we have built a transparent add-on technology that can process the information at the edge without changing the destination of the information. Using this technology, we can freely use the edge in the middle without adding a function to rewrite the destination for existing IoT devices. Furthermore, even if the information is encrypted, it can be authenticated by the cloud, which is the final destination, and the encryption key held by the cloud can be shared to decrypt and process the information. In Saitama City, the construction and demonstration of such an advanced local information infrastructure and a system linking it with the local information bank are underway.
Fig. 4: Supporting dynamic data in the Saitama City data platform
Although it is not defined as an information bank, there have been attempts to handle and provide various types of information in a city district at once. If Saitama City is a data smart city led by a local government, Tsunashima Smart Sustainable Town (TSST) is a data smart city led by a private company. TSST is promoting urban development in cooperation with Obayashi Corporation, Nomura Real Estate Development Co. As its information platform, SCIM (https://tsst.scim-service.jp) is open to the public, and various city block information can be obtained immediately. The provision of fusion services using this mechanism is also being considered. However, at this point, services that go into private information have not yet been developed, and services that are attractive to residents have yet to be provided. On the other hand, since the building is also equipped with commercial facilities, new attempts are being made to use its ability to attract customers to estimate the social capital index of the surrounding area. In addition to the aggregation of these various types of information, the construction of infrastructure similar to that of Saitama City can be achieved if flexible functions are provided for its management and operation. In this way, from the perspective of private sector initiatives, information is either enclosed or mixed with multiple corporate services. Following Shonan Fujisawa, Panasonic’s Smart Sustainable Town project is now expanding to Tsunashima Town and Kadoma City, and can be seen as one of Panasonic’s key strategies for the future. In Toyota’s Woven City, as in Saitama City, an example of health management for residents using sensors and artificial intelligence was introduced, and NTT presented a proposal for technological innovation mainly related to information and communication networks in smart cities such as IOWN. In this way, the movement toward data smart cities has become more active and full-fledged in the past few years, and it is hoped that mutual cooperation and development will continue in the future.
In this paper, we have discussed the provision of services through information banks in data smart cities and how to remove obstacles to the spread of these services through various innovations associated with them. It is hoped that the spread and development of information banks will improve the quality and promote the use of services for local residents, increase the QoL and community satisfaction of residents, and contribute to the perpetuation of local communities and help solve social problems.
About the author
- Professor, Faculty of Science and Technology, Keio University
- Representative Director, Misono Town Management Representative, Misono Town Management Association
- President, Omotenashi ICT Consortium
- Director, Edge Platform Consortium
- IEEE P21451-1-6 WG Chair
- Sub-Program Director, SIP Physical Space Digital Data Processing Infrastructure
- Technical Advisor, Smart City Institute