PUBLIC TESTIMONY
Testimony by Kate Kaye, Deputy Director of World Privacy Forum on MyCity Portal Privacy Concerns
3:04:02
·
3 min
Kate Kaye, Deputy Director of World Privacy Forum, testified about privacy and security concerns regarding the MyCity portal. She emphasized the need for transparency, documentation, and proper safeguards to protect user data and prevent discriminatory practices.
- Highlighted risks including unconsented data sharing, exposure of sensitive information, and potential misuse by bad actors or for discriminatory algorithmic decisions
- Called for scrutiny of all system connections, limitations on secondary data uses, and appropriate data purging practices
- Urged the creation of a task force including civil society groups and potential users to provide recommendations for transparency and safeguards
Kate Kaye
3:04:02
Cherokee Terrace and members of the committee.
3:04:04
Thank you for the opportunity to testify about my city.
3:04:08
My name is Kate Kaye.
3:04:09
I'm Deputy Director of World Privacy Forum.
3:04:12
We're a nonpartisan 501c3 public interest research group focused on data use and privacy in complex technical and data ecosystem.
3:04:21
Systems such as AI, mobile apps, identity systems, and more.
3:04:26
Expanding access to city services is a laudable goal, but without incorporating privacy and security by design would throughout my city development to prevent unintended uses of data from my city.
3:04:40
It could introduce data privacy risks and negative impacts for everyone using it, especially vulnerable communities.
3:04:48
These risks include unconscented or undesirable sharing or exposure of data related to people's identity, housing, health, employment in income immigration status, or business operations.
3:05:04
Users' data could be accessed by bad actors or used for discriminatory algorithmic scores or decisions.
3:05:12
To understand how policies and regulations apply, transparency and documentation are needed in the following areas.
3:05:20
What specific city services and data systems will be integrated into my city?
3:05:24
What vendors will enable technical processes such as identity identity verification, social media logins, AI chatbots, or payment systems.
3:05:36
What information such as identity data, biometric data, or mobile location data will be used or shared through my city, why, and for how long?
3:05:46
What m o user agreements such as data sharing agreements exist for MyCiti?
3:05:52
And here are a few suggestions to ensure MyCiti does not create privacy or discriminatory risks.
3:05:58
All connections to systems, including identity verification and social login systems, should be scrutinized according to privacy data and AI governance policies.
3:06:09
Secondary or downstream uses of my city data, including my vendors, should be limited or prevented.
3:06:16
Some digital banking and wallet systems offer people a false ticket or leave a choice between permitting secondary use or of sharing or sharing of their data and not getting the service at all.
3:06:30
My city data with my city data with no reason to be stored should be purged from all data systems.
3:06:37
Without appropriate data agreements and use in sharing limits, Connections between my city and external systems like identity or AI systems or social media platforms could allow unwanted data sharing or exposure of identity.
3:06:52
World privacy forum urges the technology committee to launch a task force, which includes civil society groups and the people who will use the portal or app.
3:07:04
The task force should provide recommendations for appropriate transparency disclosures and guardrails.
Sarah Lorya
3:07:11
Ask him
Kate Kaye
3:07:12
to answer any questions you may have.
Sarah Lorya
3:07:14
Thank you.
Kate Kaye
3:07:14
And I'll be submitting written testimony.