Dr. Hamza Alakaleek

There are defining moments in the evolution of cities when major technological decisions are presented as symbols of progress, yet quietly place long-term bets on uncertain ground. The recent announcement by Greater Amman Municipality to deploy 5,500 cameras across the capital for traffic control is one such moment. The issue is not the cameras themselves, but a deeper and more consequential question: who ensures that the eyes watching Amman will never be turned against it?

This is not an abstract concern. It reflects lessons learned, often the hard way, in cities that discovered too late that surveillance infrastructure can evolve far beyond its original purpose.

In today’s technological landscape, shaped by artificial intelligence and advanced computer vision, any camera connected to an integrated network becomes a powerful data node. It does not simply record events; it continuously collects, processes, and interprets information in real time.

Modern camera systems can map behavioral patterns with remarkable precision. Over time, they can reveal when a vehicle leaves home, where it travels, how long it remains at certain locations, and how its routines evolve across days and weeks. When such data is combined with facial recognition technologies, the result is the ability to construct what security professionals describe as a complete pattern of life for individuals moving within monitored spaces.

This capability is not theoretical. Investigative reporting on intelligence operations, including those associated with Mossad, has demonstrated how data derived from civilian infrastructure can be aggregated and exploited. Targets are not identified randomly; they are built through layered data, often sourced from systems never intended for intelligence use.

Against this backdrop, several critical questions emerge. What verifiable assurances exist that Amman’s camera network is free from hidden vulnerabilities or external access pathways? Have the selected technologies undergone independent, nationally supervised security audits? Most importantly, who ultimately controls the data generated by this system?

The challenge is not technological but institutional. Cities that struggled with digital transformation did not fail because of inadequate tools, but because of weak governance frameworks. Effective governance requires clear answers to fundamental questions. Who owns the data—the municipality, the vendor, or the system operator? How long is data retained, and under which legal framework? Who is authorized to access it, and under what conditions? Is all data stored within national borders? What protocols regulate external requests for access?

These questions define the boundary between a system designed to serve citizens and one that risks monitoring them on behalf of others.

International comparisons illustrate the gap. Tallinn, widely recognized as one of the most secure digital societies, relies less on dense surveillance and more on sovereign data infrastructure, ensuring that government data remains within national jurisdiction and undergoes independent annual audits. Likewise, Singapore expanded its surveillance capabilities alongside the establishment of a robust and independent data protection authority with real enforcement powers.

Cybersecurity experts typically frame the risks of large-scale surveillance systems within three overlapping domains. The first is external threat exposure. In a geopolitically sensitive environment, any breach would provide hostile actors with immediate, real-time visibility over an entire city. This is not hypothetical; similar scenarios have been documented in multiple regions.

The second is internal misuse. Without strict legal and institutional controls, access to surveillance data can be extended beyond its intended purpose. These risks emerge not from external adversaries, but from within institutions when oversight mechanisms are insufficient.

The third is data integrity risk. Without robust verification protocols, surveillance records can be altered, manipulated, or selectively used, undermining both trust and accountability.

The appropriate response is not to halt the project, but to fundamentally redesign its governance architecture. Independent and transparent security audits must precede deployment. A sovereign data infrastructure must be established to ensure that all collected data remains within Jordan’s jurisdiction. In parallel, a specialized cybersecurity unit, equipped with advanced capabilities and operating around the clock, should be embedded within the municipality.

In an era where data has become a strategic asset and digital sovereignty a core dimension of national security, the deployment of 5,500 cameras in Amman is no longer a routine municipal initiative. It is a strategic decision with long-term implications that extend well beyond traffic management into the very fabric of trust, governance, and national resilience.