Amsterdam City Council has decided to stop promoting the large-scale use of smart traffic lights in the local area due to concerns about possible personal privacy leaks. These smart traffic lights can identify commuters by communicating with an app installed on a person’s phone to determine who is driving on the road, thereby adjusting the signal to make traffic flow more smoothly.
Smart Traffic Lights Can Collect Personal Information at Scale
Van der Horst, the Amsterdam City Council member responsible for traffic, announced that the city council will not promote the use of smart traffic lights for the time being. “Recently, the Dutch Data Protection Authority has expressed concerns about personal data protection issues with smart traffic lights.” Previously, the Amsterdam City Council installed smart traffic lights at two local intersections for testing, but the lights installed in the trial had a limited effect on improving traffic flow, and the cost of maintaining them was significantly higher than conventional lights.
The decision marks a change in attitude by Amsterdam City Council towards the promotion of smart traffic lights. In December 2023, the city council announced that the city’s traffic lights would soon be upgraded to smart traffic lights, saying that this decision would make traffic at local busy intersections more efficient. The city council also said at the time that smart traffic lights would “lay the foundation for smart and sustainable cities”.
Smart traffic lights communicate with an app on a road user’s phone, often without them noticing, allowing it to collect people’s personal information at scale, such as digitally mapping a driver’s journeys, including travel dates, time and speed.
Traffic Lights Have Serious Flaws
Since authorities know where the smart traffic lights are, they can use them to monitor road users. Especially after installing cameras for smart traffic lights, it seems that the Amsterdam City Council has not properly considered the privacy risks of these traffic lights. Because they communicate via short-range radios, tens of thousands of smart traffic lights will be easily hacked once they are widely used. Due to a serious vulnerability in the traffic light control system, hackers can easily remotely control these signals and switch them to red or green from kilometers away.
The vulnerability was discovered by ethical hacker Alwin Peppels, who accidentally discovered the problem while investigating a system connecting traffic lights to emergency services. The system was originally designed to prioritize switching traffic lights to green to allow for faster passage when the police, ambulance or fire brigade respond to an emergency. Public transportation also utilizes this system to speed up vehicle passages and report estimated arrival times. However, Peppels found that hackers could easily exploit this vulnerability to control traffic lights on various traffic arteries in the Netherlands from kilometers away. The Dutch Ministry of Infrastructure and Water Management soon confirmed that the solution was to replace the traffic lights entirely. However, there are tens of thousands of traffic lights, so the process will take time – traffic light replacement is planned to be completed by 2030. The new traffic lights are called “Talking traffic”. The ministry said the beacons are connected to the network and are not vulnerable to this specific radio attack. But in fact, it is obvious that new risks will also appear.
Cybersecurity expert Dave Maasland expressed serious concerns about this vulnerability, stating: “This is a very dangerous vulnerability that exposes a fundamental problem in our digital society: many systems were built when the digital world was not yet hostile. Now, in a context of geopolitical instability and tension, these systems are particularly vulnerable. This time it was a traffic light, next time it might be a lock or a dam.” Fixing this security flaw is not simple and can only be accomplished by physically replacing the traffic light. Finish. Relevant departments in the Netherlands are working hard to deal with this problem, but it is not expected to be completely resolved until at least 2030.
Vanderhorst responded that the risk is actually very low and that the safety of smart traffic lights will be “significantly improved” after working with suppliers, but this requires a lot of time, technology and specialized equipment. She also said that so far she has not found any leaks of personal information.
Traffic Lights Will Continue to be Upgraded
Although the Amsterdam City Council has stopped promoting smart traffic lights, similar devices have been put into use in large numbers in other parts of the Netherlands. In places such as Flevoland, Den Bosch, Haarlemmermeer and others, cyclists can use an app to enter their details and negotiate intersections more quickly. Vanderhorst said that in the future these traffic lights will continue to be upgraded and become truly “smart”. However, upgrades will only be made if it is proven that the latest technology does not pose a threat to privacy.
In urban life, people often rely on traffic lights to ensure travel safety. However, when the control of traffic lights becomes unreliable, traffic safety hazards ensue. The importance of network security in today’s society has become increasingly prominent, and the security of infrastructure should attract wider attention. Without fundamental technological changes, ensuring the safety of transportation systems will become very difficult.