Skip to content
Citizen’s Perspectives on Data Privacy in Smart Cities
Joe Appleton2. November 202010 min read

Citizen’s Perspectives on Data Privacy in Smart Cities

As smart cities get smarter, citizens have begun to express concerns about the use of their data, and whether their privacy is being sacrificed for the benefit of big data.

Ever since the concept of a smart city first emerged, it has been clear that technological innovation, intelligent systems, and big data would be three key ingredients to a city’s success. While there’s no clear-cut definition of what a smart city is or has to include (see also our article Redefining the Smart City Concept: A New Smart City Definition), it has been universally acknowledged that the purpose of a smart city is to improve the lives of its residents.

New technologies now streamline otherwise laborious tasks. Greener materials now reduce the carbon footprints of our cities. And smart information systems, such as Big Data and AI, have been rolled out to collect information and help us develop sustainable infrastructure that serves and protects citizens. 

While very few urban residents complain about streamlined services and sustainable materials, there are many who question the ethics behind the gathering, storing and implementation of private data.

Citizen’s Perspectives on Data Privacy in Smart Cities

The Benefits of Big Data

Smart information systems are the key to driving smart city innovation. Thanks to countless data logs, local governments can enact smart and informed decisions to help their communities. Concrete data can save money, increase sustainability, and provide accurate solutions to troubling problems. 

To gather and process that data, cities are using Internet of Things (IoT) systems and advanced Artificial Intelligence (AI) tools. By leveraging these tools, cities are able to closely connect with their citizens and govern more effectively. IoT and AI technology can boost citizen engagement, make energy usage more sustainable, cut pollution, reduce traffic, improve security, and streamline city services.

Modern cities use vast networks of sensors and smart programs to collect data about anything that can be successfully measured. This can include anything from air quality readings in certain city districts to the overall energy efficiency of certain buildings. Traffic signals can count the number of cars that use certain routes, footfall counters can count pedestrian numbers, and ticket sales can give accurate passenger numbers on public transport. These are just some of the many ways that governments are collecting data.

With so much data, AI programs are required to process the information in order for governments to unlock its true potential. Unfortunately, it’s this very data that has some citizen groups concerned. Many activists are concerned that this data is being gathered without permission or being used for purposes that citizens haven’t consented to. There’s also a growing fear that these vast repositories of citizen’s personal data aren’t being protected well enough from nefarious hackers and other bad actors.

Citizen Concerns

Inter-connectivity may be able to improve citizen’s lives. Security agencies may be able to connect to CCTV devices across the city and use facial recognition algorithms to identify criminals. But on the other hand, that very same level of inter-connectivity and data processing could lead to abuse and a loss of privacy. Currently, we don’t live in a dystopian future riddled with Big Brother-like surveillance technology, but there are many citizens who believe that it’s possible in the future.

At the moment, most cities are working hard to implement new disruptive technologies to promote sustainable service infrastructure that benefits all sectors, from economical, ecological, political, social, and cultural standpoints. To make these revolutionary changes, governments are harvesting a lot of data, and some methods of data collection are more aggressive than others. Examples of this include non-consensual surveillance, or the denial of access to services if certain terms and conditions aren’t agreed to.

For many IoT services to work to their full potential, they require active citizen or user participation. Real-time traffic apps detailing road closures or congestion are often built around user-submitted information, with the service requiring access to more information and data in return, such as regular driving habits or preferred destinations. These data streams are generally not used for nefarious purposes, but as governments and tech companies begin to harvest more data, they can unwittingly (or knowingly) build vast catalogs of personal information.

Data as a Commodity

Personal data is a valuable asset, and even if data is harvested for the right reasons, there is a danger that it could be used to exploit the people it was designed to protect. One current debate on this surrounds the proposed EU Electronic Health Record exchange. This is touted as a safe and secure way for citizens to share their health records with medical professionals to digitally streamline care, eliminating long waits for records and other bureaucratic hold-ups. It also allows citizens to access their own personal information in-line with the EU General Data Protection Regulations (GDPR).

Like with many innovative interconnected ideas, governments lack the technological know-how to develop and implement these ideas. Instead, they often must rely on a third-party development team or tech company to bring these ideas to life. While citizens may agree to share data with their governments and healthcare workers, they may not agree with sharing their data with third-party companies.

While this is a hypothetical example, there is growing distrust toward tech companies and how they process, manage, and sell users’ data. Unfortunately, governments must work with these third-party companies to make progress, but they must do so in a way that won’t erode trust.

Cyber Attacks

The threat of a cyber attack is another cause for concern among citizens. As cities collect more and more data, they become prime targets for hackers. Attacking large repositories of data is low-risk/high-reward activity for modern cyber criminals. This is largely due to the fact that cities currently lack the resources for adequate cyber protection, and a quick internet search of successful cyber attacks on cities will yield an astonishingly high amount of results.

The data that cyber criminals are looking for is particularly valuable too. As city governments and third-party companies collect more and more personal data from citizens, hackers can gain access to key pieces of information, including names, addresses, tax information, financial transaction histories, and more. This information can then be used to exploit citizens directly, or sold to companies who can profit greatly from the data.

In the example of medical records, it could be possible for hackers to sell information to scammers who prey on the sick, hard-selling them fake medicines, or worse.

Hacks on cities have happened, and unless cities start taking cyber security seriously, many more will happen in the future, putting citizen data at risk (read more in our recent article on The Importance of Cyber Security and Data Protection for Smart Cities).

Surveillance States

The loss of data is one thing that concerns citizens, but the sheer amount of it that is being collected is another. So far, studies have shown that consumers are willing to share their data, providing that their personal data is being used to benefit them in some way. However, in a smart city context, things are different. As more data is being collected by sensors that don’t ask for consent, many citizens feel unable to “opt-out” of aspects of modern data collection and wonder what it’s all being used for and why. Can they be identified by their data? What is it being used for? Who has access to it? What will happen to it in the future?

This leads to a more alarming problem: how much data is too much data? Collecting information to improve public services is one thing, but if left unchecked, there is a risk that some cities could turn into surveillance states, bringing personal privacy and freedom into question. We’re a long way from the world of Orwell’s 1984, but these concerns are real and will need to be assuaged if smart cities are going to evolve to the next level.

Privacy, data use, and other citizen’s concerns could put the breaks on smart city evolution, if governments don’t work to address these concerns. Toronto’s Sidewalks Labs is a prime example of how ambitious plans can easily be derailed.

The Failure Of Sidewalk Toronto

Sidewalk Toronto was an innovative experiment conducted by Sidewalk Labs (part of Alphabet—the parent company of Google) and Waterside Toronto to create an urban smart district that was climate positive, affordable and inclusive for residents, created jobs, and operated as an innovation testbed for smart city experiments. It was an exciting project that abruptly came to an end in May 2020, with leaders claiming that economic uncertainty brought on by the Covid-19 pandemic had forced the project to shut down.

While the economic downturn was a factor, other sources claim that it was stiff resistance from citizen groups that really put an end to the plan. 

From the beginning, the project was under scrutiny from citizens who were worried about how Alphabet would collect, protect, and use their data. And of course, residents also wondered who would own their data. Privacy groups were quick to draw parallels with living in a surveillance state, with one coalition, named Block Sidewalk, labelling the project as a corporate takeover of the city. Block Sidewalk’s main concern was that the implementation of these smart city ideas lacked transparency and that citizens weren’t being properly informed of how their data was being handled.

This smart city experiment eroded citizen’s trust in smart government. The lesson that can be learned from Sidewalk Toronto’s failure is that transparency is key, and no project can succeed without the trust of local residents.

Tackling Trust Issues

In a survey conducted by Vrge Strategies, it was revealed that 66% of Americans would not want to live in a smart city. The reasons listed by survey participants include a deep concern about cyberattacks and fears about mass data collection and surveillance. These concerns are understandable after data losses and cyber attacks—such as those from Facebook, CapitalOne, and Equifax—have damaged the public’s trust in the past.

To bridge the trust gap, governments must work hard to promote citizen awareness and encourage citizen participation. Smart cities are designed to serve the citizens, so they must be built with citizen’s concerns in mind. Currently, awareness of the global smart city agenda is relatively low, and without promoting how smart cities can truly benefit citizens, any major developments will be met with resistance.

Getting the public on side is key. However, it’s imperative that any smart city innovation that depends on data collection, AI, and IoT, is properly explained to citizens in a clear and transparent manner. It’s important that the following concerns are addressed, with strict rules and security measures in place:

Addressing Privacy Concerns

  • Clearly underline any rules that concern how data is processed and aggregated, with a focus on data anonymity. Be transparent about what data is used, and whether there is any identifiable data in the mix.
  • Highlight how any data will be used by third-party contractors. It’s important to focus on who has access to that data, who owns it, and who is accountable in the event of data loss.
  • Emphasize how long data will be retained and what it will be used for. Data that is held for longer periods of time is more at risk.

Addressing Security Concerns 

  • Ensure that all IoT devices, data banks, and connected platforms have high-level cyber security.
  • Strictly ensure that no personally identifiable information is accessible to the general public.
  • Limit access to data, giving privileges only to those directly responsible for it.


For a successful urban transformation, smart cities must serve their citizens. The engagement, satisfaction, and overall happiness of residents are the only metrics that really matter. To ensure that smart cities can continue to serve their citizens, it’s essential that governments adopt a transparent, citizen-centric approach that takes citizen’s concerns and fears into account at all times. A transparent policy with a focus on data security is the best way forward for all.

Explore more solutions to increase cyber security and to deal with citizen concerns in smart cities in the world's largest smart city solution network and community. Join now for free and connect with thousands of members and potential partners on bee smart city.


Read related articles:

Image Sources:

iStock, ID: 932380846, Credit: guvendemir
iStock, ID: 514571236, Credit: Kirill-Savenko


Joe Appleton

Joe Appleton is a content strategist, editor and writer at bee smart city. He is particularly interested in the topics of smart and sustainable cities and urban mobility.