The Chinese city of Hangzhou may not be one of the country's largest, but it certainly could be deemed the most willing to embrace technology. The city has - since 2016 - been run [in part] by the Artificial Intelligence project "City Brain" which was put together by the tech giant Alibaba - also headquartered in Hangzhou.

The project has seen everything from traffic lights to the social media accounts of it's population being fed into, aggregated and analysed by a central system that uses this data to make real-time decisions and automate responses.

In downtown Hangzhou, public transport is monitored to determine capacity requirements and predict delays so additional trains and buses can be dispatched or recalled as the need arises.

The identification of "hazardous vehicles" is calculated and preventative measures enacted to save the local populous from potential danger.

The traffic lights are controlled based on the real time data from street cameras to ensure there is a constant flow of traffic and fewer bottlenecks, which has resulted in halving the journey times for both commuters and emergency services, potentially being the difference between life and death.

These and other feeds from cashless shopping malls, utilising the data held by Alibaba's "Alipay" payment platform, running facial recognition on the countless cameras deployed by local Hangzhou Hikvision Digital Technology Co., the partially state-owned CCTV manufacturer banned in the US and individual tracking from AutoNavi, the Alibaba-owned equivalent to Google maps, providing location tracking for individuals across the city.

It appears to be a real-world proof of concept and is being heralded as a success, a demonstration of what is possible when AI is entrusted with managing an entire city. The target of complete automation maybe a popular option for the Chinese provinces and the communist ideal; with party control over every aspect of daily routine and governance, using a machine to enforce it rather than relying on possible insubordinates, but what about Western democracy?

It seems unlikely that this level of data being freely handed over without a choice to opt-out would be tolerated in many Western communities, but could we be halfway down the road towards this future already?

In the security industry these types of converged systems started emerging nearly 20 years ago, with a lot of buzz around the Physical Security Information Management or "PSIM" systems being able to provide a platform linking systems across an organisation's physical and digital estate.

These systems' popularity may have waned - largely due to the open-ended complexity they tend to offer - but as the functionality has continued to mature and with more integrations into a wider array of partners, the sort of pre-emptive measures City Brain is currently enacting could be replicated even today…

Let’s take "Example Electronics" a manufacturer of cutting edge IoT agriculture sensors, capable of adjusting nutrients in soil to create the perfect environment for crops. Proprietary technology worth a great deal.

Paranoid about their tech being leaked, they have invested in "Converged R Us", a technology platform that allows for integrating multiple systems. They have chosen to integrate;

• The office access control system, logging in and out times for all employees

• The office CCTV system, capturing the likenesses of all employees

• Twitter, using the API to monitor all accounts tied to employees using string-matching and any account sharing an employee's name

• Inescam.org, a website providing access to 1000's of live video streams for unsecured CCTV cameras across the globe

As part of the rules engine they have configured the following;

• Suspicious activity - internal systems - employee - an alert level that logs unusual activity on the office access control system for each employee; if someone who only ever works 9 - 5 starts working late this would increase their alert level

• Suspicious activity - external systems - employee - an alert level that logs suspicious activity from external sources for each employee; if an employee's likeness is detected in a country with "questionable diplomatic relations with the UK" [either through the inescam streams or from Twitter via check-ins / images posted / name tagged with blacklisted countries] this would increase their alert level

• High alert - close employee monitoring required - employee - if an employee [through the 2 rules above] scores a high enough alert level they should be tracked closely and their IT access should be scrutinised, with anything unusual triggering an intervention by management.

Considering the above as an entirely plausible and relatively basic configuration, the company could be tempted to add more "integrations" to provide even more personal data about their employees. Facebook profiles and photos are freely available for anyone who hasn't locked down their privacy settings, and given the rabbit-warren of menus required to access them it’s no surprise that many remain public.

Transparency is often the watchword here - giving everyone the information about what a system will be doing and why - but with deliberately vague language around things like "increasing tracking in times of elevated risk", etc. there is a danger that this status of "elevated risk" is deemed the new norm and allows for loopholes to be exploited without further discussion with those being monitored.

Maybe "City Brain" isn't automating our traffic lights, or sending the thought police to arrest likely offenders just yet, but these systems are out there and while their features may have no limits, the way they are utilised certainly should.