Smart City Transportation: Privacy and Equity Among Key Stakeholders


            As society’s ability to harness technology continues to grow at an exponential rate, many have already foreseen the great potential for benefit or great harm that may be produced as a result. One major area that this dichotomy can be seen is with the continued development of smart cities. Smart cities are “urban areas that widely employ information and communication technologies (ICT), such as different types of sensors collect data in order to manage resources and improve the quality of life in the city.”[1] Several of these technologies include drones, phone trackers, cell-tower-mimicking technologies, facial recognition, and license plate readers that are available to the police as well as private individuals.[2] However, others have been quick to note that these technologies “are the future.”[3] Climate change, population movements, and the need to better process movement of individuals within the city make these technologies necessary for a city to reach its full potential.[4] This requires a balancing of the benefits these technologies may grant a city, with the significant risks of privacy and security violations taking place.

This paper will analyze how the key stakeholders in smart city transportation technology can provide discourse and protections for all the stakeholders, rather than small portions of the populace. This paper will then briefly discuss how these privacy and security protections can be put into place while still allowing smart city transportation technology to flourish.

Key Stakeholders

The key stakeholders for smart city transportation design are the Users, Drivers, Resource Providers, and Framework Enablers.[5] The Users are the active participants and users of the goods and services and typically are the citizens, tourists, NGOs and public interests groups in the city.[6] The Drivers are the individuals and organizations that build the sustainable solutions, such as technology based businesses, manufacturing, utility, consulting, and business firms.[7] The Resource Providers conduct research, push innovation, and supplement the process with new knowledge.[8] This group is typically represented by universities and their faculty, urban planners, think tanks, and technology companies.[9] Lastly, the Framework Enablers create the vision, enable resources, and promote an environment for change.[10] This group is represented by city officials, city councils, standards committees, and financial organizations.[11] It is also important to keep in mind that a person or organization can exist in multiple roles at the same time.[12]

            The goal for these stakeholders should be to work together to provide access to the data being collected while simultaneously allowing innovation and progress to flourish.[13] Each stakeholder has a different reason for their involvement in the process, as well as different goals. For example, a self-driving vehicle company, has goals to provide car services to individuals while also making a profit for their innovation. These companies require constant data streams to operate at peak efficiency and efficacy. However, commercial success is not the only factor; Users, Drivers, and Resource Providers must also work with Framework Enablers to ensure that their technology is seen through the lens of the whole city system, and not merely their own individual goals. Collaboration may even enhance the commercial goals of the self-driving vehicle company since Framework Enablers can work with Drivers and Resource Providers in the transportation industry to allow them to create new rules or even roadways for self-driving vehicles.

This emphasizes the need of all stakeholders to consider how each group operates within the greater system of smart city transportation. Here, the stakeholders can borrow from such models as Privacy by Design or the National Institute of Standards and Technology’s (NIST) Privacy Risk Model.[14] Under these models, engineering methodology is used to bridge the gaps between laws, principles, and technologies.[15] These models place privacy as an integral part of any systems development, and creates controls, risk assessment, management processes, and assurance activities to ensure compliance with privacy laws and principles.[16] When an individual’s data is collected, the systems that are put in place can be used to ensure protection of the rights and dignity of the Users, while still allowing the growth of innovation.[17] This innovation can even be in the field of creating greater privacy and security through Privacy-Enhancing Technologies (“PETs”). The growth of smart city transportation technology can coincide with greater PETs, so long as the stakeholders recognize the needs of each other. Communication between the stakeholders as well as their awareness of being a part of the greater system will help ensure the balance between protecting the citizenry’s privacy and security with the need for innovation and efficient smart city transportation design.


            The Users, Drivers, Resource Providers, and Framework Enablers need to understand their fit within the larger system that makes up smart city transportation. These groups should recognize their own goals but in the larger context which includes other stakeholder’s positions to create a framework which ensures the greatest protection of individual rights while allowing for the maximum level of efficiency and innovation.

            Abuses of the system could lead to privacy violations, physical and dignitary harms to individuals, distort local democratic processes, and even lead to significant human rights violations.[18] One startling example is the current oppression of the Uyghur Muslims in China.[19] The Chinese government has created facial recognition systems to identify Uyghur Muslims and detain them in internment camps.[20] Chinese police even have an app that can track the Uyghur Muslims to be better able to detain them and send them to the camps, where further human rights violations are committed.[21]

Clearly there is great potential for devastating human rights violations and suppression with these smart city technologies. Each group of stakeholders needs to reflect on the gains and potential evils that arise through these technologies. The systems created to allow for the greatest efficiency in smart city transportation must also include grounds and measures for potential city inhabitants to access, participate, co-manage, and co-own the technology and the data collected and processed about them.[22] These individual access rights will not only open new pathways to transparency and accountability in the transportation systems, but it will also help build public trust in the technologies the stakeholders are implementing into the smart cities.[23] Personal information is a valuable resource that smart city transportation Users, Drivers, Resource Providers, and Framework Enablers can use for the betterment of their city.[24] When these groups share common goals of privacy enablement, security design, and innovation in the smart city transportation field, the theoretical potential of smart city technology can be fully unleashed.

[1] Hussein T. Mouftah, Connected and Autonomous Vehicles in Smart Cities (2020).

[2] Woodrow Hartzog, Privacy’s Blueprint: The Battle to Control the Design of New Technologies (2018).

[3] Janine S. Hiller & Jordan M. Blanke, Smart Cities, Big Data, and the Resilience of Privacy, 68 Hastings L. J. 309, 312 (2017).

[4] See id.

[5] Rohan Dasika, Smart City Stakeholders, Urbanloop (2018),


[7] Id.

[8] Id.

[9] Id.

[10] Dasika, supra note 5.

[11] Id.

[12] Id.

[13] Kelsey Finch & Omer Tene, Welcome to the Metropticon: Protecting Privacy in A Hyperconnected Town, 41 Fordham Urb. L. J. 1581, 1607 (2014).

[14] Janine S. Hiller & Jordan M. Blanke, Smart Cities, Big Data, and the Resilience of Privacy, 68 Hastings L.J. 309, 352 (2017); see Ann Cavoukian, Ph.D., Privacy by Design: The 7 Foundational Principles Implementation and Mapping of Fair Information Practices. The 7 Foundational Principles include: 1. Proactive not reactive; preventive not remedial; 2. Privacy as the default setting; 3. Privacy embedded into design; 4. Full functionality – positive-sum, not zero-sum; 5. End-to-end security – full lifecycle protection; 6. Visibility and transparency – keep it open; 7. Respect for user privacy – keep it user-centric.

[15] Id.

[16] Id.

[17] See Janine S. Hiller & Jordan M. Blanke, Smart Cities, Big Data, and the Resilience of Privacy, 68 Hastings L. J. 309, 336 (2017).

[18] Martha F. Davis, Get Smart: Human Rights and Urban Intelligence A Response to Givens & Lam, 47 Fordham Urb. L. J. 971, 974 (2020).

[19] Zack Whittaker, Security Lapse Exposed a Chinese Smart City Surveillance System, TechCrunch.

[20] Id.

[21] Id.; Who are the Uighurs and why is China being accused of genocide?, BBC News. The Chinese government is accused of committing genocide, forced sterilization, sexual torture, and forced labor against the Uyghur Muslims.

[22] Christian Iaione et. al., The Internet of Humans (Ioh): Human Rights and Co-Governance to Achieve Tech Justice in the City, 13 Law & Ethics Hum. Rts. 263, 269 (2019).

[23] See Kelsey Finch & Omer Tene, Welcome to the Metropticon: Protecting Privacy in A Hyperconnected Town, 41 Fordham Urb. L. J. 1581, 1609 (2014).

[24] Id.