Public Safety Landscape 2022

More than 9 months have passed since my last article, "Moving Ahead Together, Facilitating Public Safety". I said then I would explain what is Collaborative C4ISR, or C-C4ISR. Not only I will explain it here, I will also attempt to predict what lies ahead in public safety over the next five years.

Social-Enabled Policing

Let's turn back the clock first. In 2013, I introduced the concept of Social-Enabled Policing, a concept I feel strongly policing and law enforcement agencies should adopt in this age of social networking and crowd-sourcing. Modern day policing started in the 19 century when Sir Robert Peel, United Kingdom’s Home Secretary, created the London Metropolitan Police. A guiding principle adopted by Sir Robert was “the police are the public and the public are the police.” It was about a good relationship and trust between the public and the police, working together to prevent crime and disorder. And, the test of police efficiency should be the absence of crime and disorder, not the visible evidence of police action in dealing with it. That was the beginning of community policing. Social-Enabled Policing is community policing in the age of social networking. More details can be found in this and subsequent articles in my LinkedIn.

Collaborative Public Safety

Just like Social-Enabled Policing is community policing in the age of social networking, Collaborative Public Safety is public safety in the age of digital transformation. In 2016, I published the paper, "The Road to Collaborative Public Safety", where I addressed the 'why' and 'what' of Collaborative Public Safety. Huawei was very supportive of this thought leadership piece, and even developed the suite of C-C4ISR solutions ('how'), which was launched during the Huawei Global Safe City Summit 2017 on 26 April in Dubai. This unique and innovative C-C4ISR was even granted 10 years international trademark, including from the European Union.

Huawei's C-C4ISR? Collaborative Public Safety Solutions

Let me very briefly explain these solutions:

• Collaborative Command & Control (C-C2): Enabling a converged and visualized command center, allowing multiple agencies to work together through a single emergency number with automatic call analysis, filtering and distribution, and with visualization beyond mapping, such as real-time video surveillance and social media integration. It supports multi agencies, multi roles, command chain, and even community collaborations.
• Collaborative Communication (C-C): An enterprise LTE-based broadband critical communication trunking system that allows voice, video and mobile apps on a single device, and with the ability to interoperate with other and legacy systems. It must have a rapid version for fast deployment in areas with no coverage. It supports multi agencies, multi network, and multimedia collaborations.
• Collaborative Cloud (C-C): An OpenStack-based scalable and elastic platform that maximizes computing resources, supports information exchange, allows user-centric apps, provides dynamic resource allocation when demand surges, and facilitates agile deployment of new services. It supports multi agencies, multi users, and multi applications collaborations.
• Collaborative Intelligence (C-I): Using Big Data technologies including massively parallel processing database and analytical algorithms, to discover unknowns and to connect the dots. It supports multi datatypes and multi agencies collaborations.
• Collaborative Surveillance (C-S): A two-tiered intelligent video surveillance cloud for effective analysis and efficient archival, with virtualized processing at the edge nodes, and super-fast transfer of high resolution video between edge nodes and central node. It supports multi sites, multi video analytics, and multi agencies collaborations.
• Collaborative Reconnaissance (C-R): A secured IoT cloud platform, with unified API interface for sensors from various suppliers that supports massive concurrent processing. It supports multi sensors, multi analytics, and multi agencies collaborations.

I am very honored that since introducing Collaborative Public Safety, many experts globally from different organizations have expressed similar views, particularly on the need for 'collaboration' and 'platform'.

Public Safety Landscape 2022

While I am the father of Social-Enabled Policing and Collaborative Public Safety, I am no oracle (pun intended). I guess it is safer then to bet on what lies ahead over the next five years. By 2022, the C-C4ISR solutions are likely to be supplemented by Drone, AI, Robot, Blockchain, AR and VR. For example, officers in patrol car using AR on the windscreen alerting suspicious people and vehicles. Emergency call taking to dispatching may be automated using AI, and Drone and Robot may be dispatched. Beyond 2022, likely with 5G widely adopted, a commander off-site may use VR to immerse himself into a virtual command center without wasting time commuting. This is crucial too during an epidemic. But with the bad guys adapting and getting smarter, public safety agencies will have new requirements too.

Evolving Threats to Public Safety

Terrorism remains the top concern for most public safety agencies globally. The defeat of ISIS in Raqqa is like an ant nest being destroyed with the ants (especially the foreign fighters) going places in the region and beyond. Just recently, ISIS has recaptured Albu Kamal in eastern Syria to save its “caliphate”. Furthermore, ISIS operates like a platform and its influence extends beyond its physical organization; lone wolf attacks will continue. Such extremism ideology will continue to develop and promote ecosystem of terrorists globally. By 2022, we may see variants of ISIS, or totally new terror cells with most of them having terrorists from returning fighters, or even people from involuntarily migration. Some of these terror cells will go high-tech, using drones as weapons or even hacking into driverless vehicles making them into weapons.

While many cities, particularly those who invested well in safe city technologies, will see reducing crime rates, traditional crimes (e.g. theft, robbery, burglary, extortion, kidnapping) will persist especially for cities with high unemployment rate and high dispersion wealth distribution. Criminals will evolve their behavior to counter the use of safe city technologies, such as avoiding surveillance cameras and not carrying any electronic devices on the body. With a city becoming safer, criminals will travel to neighboring cities with lesser safe city technologies to commit crimes. Organized crime groups, especially those involved in transnational crimes, will widen their reach through the use of digital platforms. Terrorists, especially those from disbanded terror cells, are likely to be associated with organized crime groups. Such groups’ illicit gains are mainly through smuggling, drug, production of synthetic drug, illicit trade of natural resources, cyber-crime, etc.

INTERPOL categorized cyber-crime into cyber-enabled crime and high-tech crime. Cyber-enabled crime refers to traditional crime that has taken a new turn with the advent of technologies, such as crime against children, cheating, financial crime, etc. With cities becoming safer through the use of technologies, criminals will venture into cyber-space to continue their illicit activities. Many tools are cheaply and easily available to them. As an extreme example, a murderer in Florida asked Apple Siri (AI) where to hide the body, and Siri replied, “Swamps. Reservoirs. Dumps”. High-tech crime refers to sophisticated attacks against computer hardware and software, likely to be conducted by both organized crime groups and lone attackers. In this hyper-connected world, IoT, drone, driverless vehicle, robot, etc. can be hacked. Such attacks can be for financial gains and terrorism related. Cloud and XaaS providers are likely to be held ransom with their infrastructure attacked. Attack on cryptocurrency can make the currency valueless. Terrorist can attack critical infrastructure, such as power grid and intelligent transportation, to bring about physical world harms.

Cyber-space and technologies will increasingly be used to spread fake news and rumors, and even to instigate violence. By 2022, we are likely to see more social instability and public disorder, especially in cities with underperforming economy and multi-racial/cultural population, worsened by corruption. This is mainly due to the complex dynamics of societies in the age of digitization: as technology empowers citizens to find information, connect with others and organize, those citizens feel disenfranchised by distant elites, leading to protests and public disorder. Switching off public network, such as the case during the Arab Spring protests, will become more difficult as seen during the 2014 Hong Kong students riot: the rioters communicated through the use of mesh network technology. In addition to such mass gathering of people becoming violent, they can become target of terrorism too.

The Middle East respiratory syndrome (MERS) and Ebola crisis will not be the last serious epidemics the world faces. Just recently, the plague death in Madagascar killed more than 165, and scientists fear that the deadly virus will reach US and Europe. The World Economic Forum opined that public health outbreaks are likely to become ever more complex and challenging. Cities will become increasingly dense and shanty towns – with inadequate housing and a lack of basic services such as water, sewerage and waste management – will swell. Other contributing factors include increase in global travel, new or resurging infections, and the spread of drug resistance diseases. There is also fear of bio-terrorism. All epidemics are likely to lead to public disorder too. During the recent Madagascar’s plague, the police had to seize the corpses of the victims to prevent further spread of the disease. With the increasing risks, it is not unlikely that another global epidemic, such as SARS in 2002, will happen within the next 5 years.

Tighter regulatory control (e.g. building code, fire safety) and safer machines (e.g. car, aircraft, production plant) should keep manmade major accidents in check. But they will continue to happen. The Grenfell Tower fire in UK on 14 June 2017 killed 71; the rapid growth of the fire is thought to have been accelerated by the building's exterior cladding. The main trend to watch out is the increase use of IoT, drones, robots, AI, etc. It is estimated that by 2022, there will be seven billion IoT devices. Be it willful cyber-attack, rash act, negligent act, or software bug, accidents may increase due to the use of such technologies. In 2015, a new Airbus A400M military transport plane crashed in Seville killing four Spanish air force members; a software bug was identified as the cause. In 2017, a drone crashed into a commercial plane in Canada. Recently, a candy-carrying drone crashed into the crowd, injuring six in Gifu, Japan. If left unchecked, such technology-facilitated accidents can be catastrophic.

From manmade catastrophes to natural catastrophes, including flooding, drought, wildfire, earthquake, tsunami, hurricane, etc. On one hand, urbanization will see more casualties during such catastrophe, and on the other hand, some extreme weather events can be attributed to global warming. Climate change is expected to amplify existing security problems and create new ones, affecting many countries, especially those already grappling with poverty, and ineffective governance. In addition to causing catastrophes, extreme weather events will impact crops production and disrupt critical transport infrastructure. The latter two outcomes can result in public safety problems too.

Challenges to Upholding Public Safety

On the one hand public safety agencies have to deal with the evolving threats, on the other they have to manage various challenges. A key challenge such agencies have to balance is on privacy protection. Different countries/cities have different privacy laws; some agencies can access external data real-time, while some can only access their own data. For example, UK agencies under the governance of the Surveillance Camera Commissioner are allowed to have their own surveillance systems, while Hong Kong Police Force is generally not allowed to use video surveillance. Saga such as Snowden and WikiLeaks dent people’s confidence about how their privacy is being managed. This situation is likely to worsen with the spread of fake news mentioned earlier. In the coming years, there will be greater demands for privacy protection, making public safety work even more challenging.

With a good privacy protection framework, there is still a need for laws and regulations requiring other government agencies and private sector entities to share data with public safety agencies. Such sharing can be either on a case-by-case, batch, or real-time basis. China, for example, requires hotel operators to provide guest registration data near real-time to public security agency. In Middle East, some countries require private buildings to provide real-time video surveillance to their relevant authority. In Singapore, registration of pre-paid SIM card is transmitted real-time to the Ministry of Home Affairs. As the data comes from different sources, the challenge of not having data standard needs to be resolved too.

Yet another challenge relating to data is they are unavailable! This is particularly so in poor and developing countries, where many day-to-day transactions are done manually. In 1998, China started the Golden Shield Project (金盾) and in the initial phase there was a lot of focus on the development of the eight major operational databases (业务资源库), and external data sources that are needed. As part of strategic public safety and safe city planning, it is crucial to look at data strategy, architecture, sources and availability.

Who will pay for data from external entities to public safety agencies? For decades, government pays for the Call Detail Record (CDR) retention and transmission by Telcos. In China, some of the surveillance cameras at petrol kiosks are installed and paid by the public security. And then there is a need to pay for infrastructure, data center, software, services, devices, etc. Budget is a major challenge; in some cities, the government is even unable to pay the police’s salary! It is also naive to think that public safety projects can be money-generating, such as traffic violation detection systems.

Information is power. It is unfortunate that the tens of agencies responsible for public safety in a city or country will continue to build and maintain their systems and databases in silos. There is no sharing of resources (resulting in higher overall budget) and no sharing of information. While everyone agrees that sharing and connecting the dots are crucial in upholding public safety, silos will remain. Indeed, it may get worst especially since some such segmented organizations are politically motivated, with different agencies “controlled” by different factions of the government. Coups d'état seen in different countries in recent years will make transparency and sharing between agencies a continuous challenge. A super platform connecting all systems and centralizing all databases is unlikely to overcome this challenge.

One other reason for not sharing information between agencies is operational secrecy. This is a valid concern. With increasing investment in ICT, agencies themselves are subject to more cyber-attacks, from both external and internal. A major challenge is on cyber-security to provide the right data to the right person, at the right time, at the right place, with the right device. In addition to cyber protection, such requirements are needed to facilitate information sharing and upholding privacy too.

Agencies are likely to deal with heterogeneous systems from years of implementation. With tight budget consideration and data locked-in by some of these legacy systems, the agencies will be challenged to continue to use them, to make them interoperate with others, and even to give them a new lease of life.

Currently a lot of policing relies on human to human interaction and undercover work. Social media is effectively killing off real undercover work, because you cannot construct a lifetime of fake social media presence for an undercover officer. Similarly, when the bad guys want to check a legend they can use social media facial identification tools to do it. So, this critical aspect of policing needs tools to both create a false legend and hide real profiles – that will be a challenge across the whole Internet.

The bad guys will become better in countering technologies to catch them. From avoiding video analytics to turning stealth in cyberspace to feeding fake intelligence to big data systems to using untraceable cryptocurrency. The future of cyber-attack may include feeding fake data to machine learning systems.

Humans are using technologies and producing data exponentially, such as mobile device, drone, IoT, driverless vehicle, robot, etc. Public safety agencies are also increasingly using technologies, including video surveillance and sensors. The rapid growth of digital evidence will be a challenge if not managed properly, from extraction, preservation, analysis to safeguarding the chain of evidence.

Faced with human resource (and budget) issues, public safety agencies will outsource some of their non-core non-sensitive work, or hire contract staff. In order to retain talents, the fulltime staff are likely to be rotated more frequently. There will be issues on more regular training for such liquid workforce, and the retention of knowledge and experience. On a related note, people over dependence on technologies will lead to public safety operations being impacted whenever technologies go offline.

Additional/New ICT Requirements by Public Safety

I feel that the above threats and challenges will lead to these additional and/or new ICT requirements for public safety agencies over the next five years. Of course some are already implemented or being considered by agencies who are more advanced. On the other hand, some of these ICT solutions may not be available yet.

• Border Surveillance: Use of sensors, cameras, electro-optics, drones, robots, etc. to detect and provide early warning of illegal crossing of borders. Probably a mix of fixed and mobile infrastructure, requiring fixed and wireless communication. One critical success factor is to reduce false positive caused by wild animals; may involve AI and machine learning.
• Risk-Based Border Control: A traditional border control system connected to INTERPOL’s databases and Big Data based risk profiling intelligence system, with data from past travel records, watch lists, social media, etc.
• Anti-Drone: Using cameras and radar to detect and track drones, and the use of offensive methods to take down the drones safely. There is also a demand to track down the person controlling the drone.
• Dynamic Algorithms: Algorithms on Big Data platform or video analytics platform that can be dynamically changed to counter the avoidance techniques by the bad guys; likely to involve AI and machine learning.
• Regional Intelligence Sharing: Neighboring countries sharing intelligence is not new. But most such initiatives became white elephant due to lack of trust. In addition to enhancing the cyber security, including Role Based Access, such sharing platform will be supplemented with AI to suggest to one agency seemingly unrelated information they may be interested based on the original search or inquiry pattern. Because of cyber security, the full information may not be disclosed, but with limited contents and the contact person from the other agency.
• Cyber Intelligence: Just like video surveillance for the physical world, there is urgent need for surveillance and intelligence on the cyber world. Depending on the local privacy law, this may involve both metadata and the actual cyber contents. Technologies include DPI router, probes, crawler, Big Data analytics, AI, etc. As part of such systems, there will usually be an integrated cyber operations center at the city level.
• Critical Infrastructure Protection: Not new, and similar to Border Surveillance. Sensors and IoTs depend on the nature of the critical infrastructure under protection. Involves the use of Physical Security Information Management (PSIM), which increasingly needs to be more intelligent, likely through the use of AI and machine learning.
• Social & Sentiment Monitoring: Monitoring of social media and sentiment analysis. It is easy on public social postings. For private social postings, there is a need for search warrant and interception technologies for private postings. Again, AI and machine learning are important since the bad guys will not use standard language knowing they are being monitored.
• Contact Tracing: This is needed specially to counter epidemic, and possibly even terrorism. Through the use of video analytics, mobile phone, and other data (e.g. travel, public transport), to establish people and even objects that have come into contacts.
• Rapid Exclusion Zone: Be it for an epidemic quarantine zone, or manmade accident/terror attack exclusion zone, it is labor intensive to cordon and guard the zone. Technologies, similar to those for Border Surveillance, are needed for such purpose. Since such zoning must take place quickly and at an ad-hoc basis, there is a need for mobile version for rapid deployment.
• Licensing & Mobile Enforcement: Traditionally public safety related licensing covers from building code to HAZMAT (hazardous material). With more autonomous self-moving technologies, such as drone, driverless car, and robot, there will be a need to license their safe usage. Such licensing is useless if there is no enforcement; public safety officers need to have mobile real-time capability to inspect such licensed items, possibly in the future with automatic enforcement. An extreme example could be a public safety drone inspecting ordinary drones for any violation.
• Early Detection & Simulation: This is mainly for epidemic and natural catastrophe. It uses data from sensors, IoT, social media, etc. for early detection. Simulation is further done taking into consideration weather forecast and/or people movement. In line with Collaborative Public Safety, and to reduce costs, the future may see a common platform integrating relevant sensors from different entities, coming from both public sector and private sector.
• Public Warning: Not many countries are rich enough to deploy citywide or even nationwide public warning system. The way forward is through mobile devices. But currently this is achieved through proprietary apps built by different entities. Ideally all mobile phone manufacturers can incorporate such all-hazard warning feature through the use of standards. One example is the Common Alerting Protocol (CAP) by OASIS.
• Independent Data Custodian: For countries with very strict privacy laws, one solution is the setting up of an independent data custodian agency, which is neither an intelligence nor law enforcement agency. It serves as a trusted repository of data coming from multiple sources (see New Data Sources below). The access to such data will follow strict judiciary process. To uphold privacy, the technologies and databases here must be extremely secured.
• Swift Search Warrant Application: The moment there is a justifiable reason to search for particular data, and even to do a Big Data analysis across data sets, there must be a swift way to reach a judge or gazetted officer to get a search warrant. With such warrant, the data owner or Independent Data Custodian must immediately provide the data. Time is of the essence especially when dealing with terrorism related events. It is envisaged that the entire process here is electronic.
• End-to-End Cyber Security: This is particularly critical with the use of IoT, including surveillance cameras. Currently most public safety agencies operate a hardened perimeter model. The introduction of hundreds of thousands or even millions of external devices, makes the traditional model much more difficult to manage. Security of platforms and infrastructure, especially in those countries with legal requirements on data integrity and security, will need careful consideration. It will be possible to make IoT connections secure through platforms like Huawei's OceanConnect, but one needs to start thinking about securing data at the record or even field level. It is vital for such end-to-end cyber security to include early detection of abnormal behavior at every layer of the system.
• ETL & Data Fusion: In situation where public safety agencies do not have real-time access to data, they will only obtain the data following certain judiciary process, as described above. Unless such data sources are pre-determined, with owners pre-identified, and data having to follow certain standards, the agencies are going to receive data that needs cleansing. It is crucial for the platform to support very fast loading, ETL process, fusion, and Big Data analytics.
• New Data Sources: In addition to traditional data sources (e.g. hotel, airline, urban transport, bank, social media), the age of digital transformation will bring about even more data sources. Examples include bicycle sharing (e.g. Ofo), online delivery, and utility company. The solution to connect, extract data, transmit, and store the data, is dependent on the local privacy laws and practices, such as the Independent Data Custodian mentioned above.
• Federated Sharing: Ideally all public safety agencies can consolidate and share their data under Collaborative Public Safety. But in reality, this may be quite impossible. One option is for agency-to-agency sharing on a need-to basis, possibly using Blockchain technology. Such sharing can even be triggered off through machine learning.
• Virtualization & Cloud: With the cloud hype now, many government agencies including those in public safety, are considering using cloud too. But they need to be aware of restrictions such as data sovereignty and privacy laws. A best fit solution is needed to solve basic problems such as islands of IT infrastructure, no sharing of compute resources, no sharing of information, and rigid infrastructure not supporting agile deployment of new services. Cloud providers pushing different platforms with different commercial models will cause future lock-in and incompatibility. There is a need for a platform of platforms. The future of cloud may be similar to telco operators today – true number portability, no lock-in by single operator.
• Informant Protection: To support Collaborative Public Safety, agencies need more people, either own undercover officers or external informants, to be their eyes and ears, particularly for counter terrorism and organized crime. Clearly such people will be under very high risks. In this world of social media, there is a need for end-to-end protection of such people, including creation of fictitious but believable identity and profile. Background screening is crucial too since there is a possibility of planting fake intelligence by the bad guys.
• Digital Forensic: Digital Forensic is required by any industry any organization that is using ICT. Particularly public safety agencies require end-to-end solution covering network forensic, computer forensic, database forensic, cloud forensic, mobile device forensic, and even IoT forensic. Preserving the chain of evidence is crucial for the subsequent judiciary process.
• Intuitive Mobile Apps: By 2022, with dedicated wireless broadband, very few public safety agencies will develop apps for desktop computers. They will mainly be mobile apps. But with high turnover of officers, and even outsourcing of non-core functions, learning curve of such apps has to be very short. The look and feel of such apps need to learn from successful intuitive apps, such as WeChat and Facebook. But such apps require an integrated and robust backend platform that comes with common components for agile and quick development.
• Knowledge Management: With high turnover of officers, public safety agencies need to retain their knowledge and experience. One example is the use of protocol systems (e.g. Medical Protocol, Fire Protocol, Police Protocol) in more advanced Computer Aided Dispatch (CAD) centers. But those knowledge management systems tend to be static and even rigid. In the near future, AI based systems will be more important. It learns the situation the officer is in, and offer real-time recommendations for the officer to better carry out his/her duty.

Commercial Considerations

Those countries with mature public safety approaches will not see substantial increases in funding. They will continue to upgrade and improve legacy systems, with an increasing emphasis on convergence and information repurposing. Those countries with a less matured approach are likely, over the next five years to have implemented a public safety platform with capabilities in most of the C-C4ISR areas. The challenge to vendors is to integrate parts of their total offerings into these platforms. Understanding customer architectures to prevent new capabilities becoming disruptive will be key to future business success.

Mainly due to budget consideration, there is a strong move from CAPEX to OPEX. All public safety solutions must be cloud ready so that they can be hosted by a third party and offered as XaaS. The choice of this third party depends on data sovereignty, privacy, cyber security, cost, etc. Furthermore, public safety agencies may not be footing the bills for some projects, which may be funded by city councils, other government agencies, or even the private sector such as malls and stadiums.

The inter-usage of technologies between public safety and commercial world will help drive the costs down. For example, Public Safety LTE critical communication, which has the same underlying technologies as commercial LTE, will over time be cheaper than proprietary technologies such as TETRA and P25. Indeed, costs of TETRA and P25 will increase with smaller user base. Likewise, commercial use of video analytics (e.g. Huawei Mate 10 AI, Apple iPhone X) will help to drive the costs down for public safety usage.

Let's move ahead together, and facilitate public safety collaboratively!

With inputs from my team of global public safety experts in Huawei: Andrew Watson, Augustine Chiew, David Webber, Nadim Abdulrahim, Peter Goulding, and Pierre Perron.