Digitalisation, technology and AI are transforming how we develop, operate and deal with real estate. Nowhere is this seen more clearly than in the living sectors.

In this article, we look at how the living sectors are making increasing use of technology and AI to drive performance and customer experience, and we identify some key risk areas associated with the use of these tools.

Examples of digital tools in the living sectors

Tech applications are being used to support the whole lifecycle of living assets at single property and portfolio levels.

  • Digital sales journey: Digital property marketing, chatbots, virtual and video tours, online referencing and resident onboarding apps are just some of the tools being used to enhance the sales process.
  • Integrated digital systems: Buildings use integrated digital systems such as entry systems, CCTV, ANPR, environment monitoring systems, connectivity, and Wi-Fi.
  • Digital experiences: Digital experiences for occupants can be wrapped around buildings enhancing the user experience for residents. Apps can deliver information about an estate or facilitate interactions like booking appointments or submitting maintenance requests. Sensors can monitor residents' wellbeing.
  • Property management systems: Landlords and operators use digital systems to manage their properties. Building management systems record asset inventory, anticipate maintenance needs, and make responding to maintenance more efficient. Energy data from smart meters is essential for measuring sustainability and green credentials.
  • Wearables: From healthcare orientated smart watches to personal alarms, with the rapid growth of the Internet of Things there is increasing take up of wearable devices, which can be integrated into the systems in a living scheme.

To engage in these digital systems, developers and asset owners must understand risks when buying IT systems and how to make the most of the data they produce.

How to make the most of your data collection and technology

Here are ten tips for real estate developers, operators and owners who procure, manage, and operate digital systems and data in the living sectors:

1. Duff gen in, duff gen out

Data insights and analysis are only as good as the quality of the data they rely on. It is vital to have a single source of truth, such as a data lake or warehouse, where all data is pooled centrally to ensure you do not create inaccuracies between different systems. Mixing up a tenant's details can result in wrong rents being collected, data being disclosed to the wrong person, or not knowing the height of properties, which could affect building safety compliance obligations. When collating data, also bear in mind security and the potential risks, especially for data sets attractive to cyber criminals!

2. Artificial intelligence

genAI has rapidly moved the goalposts on the usability of this technology in a wide range of contexts and use cases. Whilst there is general agreement on what 'good' AI looks like (transparent, fair, inclusive, ethical), the legislative landscape is moving fast and in different directions and the risks around IP, privacy, discrimination and transparency are still emerging. Engaging with this technology requires a clear analysis of the legal and operational risks, as well as specialist contractual terms.

3. Knowing who can use the data

Legally, there is no such thing as 'ownership' of data. Parties can have rights over data, which (other than confidentiality and privacy) primarily derive from contracts. So, being clear in your contracts about who can do what with what data within your ecosystem is essential. For example, smart meter data is helpful for landlords and tenants looking to understand energy efficiency and carbon reporting. Still, without clear contract rights, tenants could argue that the landlord has no right to access or use it.

4. Big Brother is watching

Just because you can collect data and monitor tenants does not mean you should! Ethics is becoming an increasingly significant part of data collection and usage where the law does not prohibit data usage in a particular way, but social values shy away from it. Facial recognition technology lets you identify undesirable characters entering your space – but is it acceptable to deny them entry, just in case?

5. Transparency

Whatever you want to do with data, personal or not, you need to be transparent with your tenants about what you are doing and why. Even if your actions fall on the right side of the law, the negative publicity can halt services and do real reputational harm. The London bins that collected Wi-Fi data of people who passed by met with such public outrage that they were quickly 'binned'. Tenants who are suspicious about what a landlord does with their data will be less willing to share and more likely to complain to regulators.


Privacy regulation is becoming increasingly sophisticated and the living sectors need to ensure they keep up. The law requires privacy notices telling tenants who is doing what with their data. It requires written agreements between organisations processing data setting out their processing obligations. Does your property management agreement clearly distinguish who is responsible for GDPR compliance as the controller? Do you have a data protection impact assessment for CCTV?

7. Security

Rich pools of data will always attract malicious actors. Any perceived weakness in any industry or type of system will quickly draw attention from hackers, especially if a threat actor believes their target is good for money demanded by way of ransom, and an attack will cause significant business interruption. Looking at your cyber security and ensuring that contracts contain appropriate and effective security obligations, that suppliers are audited to check the implementation of their policies, and that regular penetration testing is carried out are core fundamentals.

8. Knowing your audience

Having a rich pool of tenants, effectively a captive audience who you know a lot about, creates a reasonable basis for marketing complementary services, and marketing can be lucrative. However, there are a number of regulatory hurdles, not least consent, which need navigating to ensure that this type of activity is done compliantly and avoids regulators' attention.

9. Jargon-busting

IT is full of jargon. If you don't know your service as a software (SaaS) from the cloud and your UAT from your EULA, then the danger is that the solution you buy may be inappropriate for your needs. Whilst prevalent and long-used, terms like 'cloud' are not terms of science and they cover many different structures. Understanding the difference between those from a technical point of view and being able to translate that into legal risks to be then managed is essential to ensure you do not create risk through choice of systems.

10. Becoming a service provider

If you install tech solutions in your properties that provide services that a tenant consumes (think broadband, entertainment), you need to decide whether you want to be contractually responsible to your tenants for delivering those services. This could be good for relationship building and understanding more about tenants, but riskier as you take on liability for failures in service delivery. Do you want to be a one-stop shop for your tenants (enabling you to learn more about them and provide a very joined-up service), or would you instead introduce but have no liability for those services? Are you responsible for connected devices with increased cyber risks alongside the benefits of evolving how we live?

Read the original article on

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.