C. Technology in support of green and social values
The stronger our dependence on digital systems, the greater the disruption if these systems fail or are hacked. In order to protect resilience, we should think twice before completely digitising the systems that keep our societies running, such as the payment system.
If we maintain cash currency for smaller transactions – also at public administration service points – we can save ourselves for a while if the payment system is down due to a cyberattack, a power outage, or a banking crisis. Maintaining cash not only protects societal resilience, but also the self-reliance of individuals: children, elderly people, and persons with disabilities, for instance. Some of them do not have a payment card, find it difficult to use such a card, or lose the overview of their finances when they make digital payments. A cashless society would also make life (even) harder for undocumented migrants who do not have access to a bank account, a payment card, or a payment app.
“Cash payments facilitate the inclusion of the entire population in the economy,” according to the European Central Bank. It has warned municipalities that they are in breach of European rules if they adopt a no-cash policy.
Resilience includes both the ability to withstand disruptions and the ability to adapt to changing circumstances, such as climate change. Resilience benefits from diversity: analogue components that enable key facilities to function when digital control fails, renewable energy sources and energy carriers that can (partly) fill in for each other. Resilience also benefits from modularity: it is desirable for subsystems to have a certain degree of autonomy, so that they can continue to function if there is a disruption elsewhere in the system. A local smart grid that can continue to supply power from local energy sources and batteries if the main grid has gone down is resilient.
Strengthening resilience necessitates investments in cybersecurity. A smart city sets high security requirements for suppliers of digital applications, from 'security by design' to fast and adequate security updates. It avoids becoming dependent on a single supplier and shuns the use of hardware and software from countries such as China and Russia for critical infrastructure, in view of the risks of digital espionage and sabotage. It exclusively uses domestic or European cloud services. It not only trains its employees to be alert to digital threats such as phishing emails, but also solicits them to signal security risks. It invites security researchers, including ethical hackers, to discover and report vulnerabilities in its ICT systems. It simulates crises in which multiple digital systems fail or are held ransom, and shares the results with others.
Cybersecurity also includes data minimisation: you can't leak personal data if you do not have it. For example, it is not always necessary to register national identification numbers for communications between municipalities and citizens.