PRIVACY + TRANSPARENCY
City IoT deployments must protect and respect the privacy of residents and visitors. The City is committed to being open and transparent about the “who, what, where, when, why and how” of data collection, transmission, processing and use.
SHARE THIS GUIDELINE
1.1: The City should make processes and policies related to IoT and IoT-related data publicly available in an up-to-date, clear and comprehensive manner. IoT principles, guidelines, operational policies and responsibilities should be transparent and made public via a City government website.
1.2: IoT data should only be collected, transmitted, processed and used for specified, explicit and legitimate purposes. The purpose of data collection (e.g., a use case such as monitoring air quality), what data is collected (e.g., particulates in the air) and how data is being collected (e.g., pollution sensor on a light pole) should be transparent and made public via a City government website or other public notice.
1.3: Data and information collected by IoT devices should be classified and treated accordingly, per the City of New York’s Data Classification Policy, as Public, Sensitive, Private or Confidential. All personally identifiable information (PII) should be classified at a minimum as private. All data that is classified as being confidential, or personally identifiable, should be protected from unauthorized use and disclosure.
New York City Data Classification Policy
1.4: PII should by default be anonymized before being shared in any way that could make the information publicly searchable or discoverable. Any copies and reproductions must have the same or higher level of classification as the original. Any combinations of data should be reclassified according to the City’s Data Classification Policy.
New York City Data Encryption Policy
1.5: PII data types should have a clearly associated retention policy and disposal procedure. Sensitive, private or confidential data should be kept for no longer than is operationally necessary or required for the specified, explicit and legitimate purposes.
New York City Digital Media Re-use and Disposal Policy
1.6: Before any sensitive, private, or confidential data is shared outside the originating City agency, the agency should ensure that the need cannot be met by using anonymized or aggregated data and that the appropriate protections are in place to preserve the confidentiality of the data.