Smart cities generally rely on real-time data processing and visualization tools to inform decision making. This usually means gathering and analyzing data from smart sensors installed across the city and connected through the Internet of Things to address issues like vehicular traffic, air pollution, waste management, and physical security.

Data collection in smart cities also provides a feedback mechanism to strengthen the relationship between citizens and local government when accompanied by transparency measures, such as making public information about official budgets and resource allocations. However, the misuse of sensitive personal data can alienate citizens and reduce trust. A detailed, rights-respecting data-management strategy can help ensure citizens understand (and consent to) how their data are collected, processed, and stored, and how they will be used to benefit the community.

Cities are extremely diverse, and the implementation of smart-city solutions will vary depending on location, priorities, resources, and capabilities. Some smart cities are built by overlaying ICTs on existing infrastructure, like in Nairobi, while others are built “from scratch,” like Kenya’s “Silicon Valley,” Konza City. Alongside technological development, other non-digital elements of smart cities include improvements to housing, increased walkability, the creation of new parks, the preservation of wildlife, etc. Ultimately an emphasis on improved governance and sustainability can generate better outcomes for citizens than an explicit focus on technology, digitization, and growth.

• Financing capacity of the government
• Regulatory environment that citizens and investors trust
• Technology and infrastructure readiness
• Human capital
• Stability in economic development
• Active citizen engagement and participation
• Knowledge transfer and participation from the private sector
• Ecosystem that promotes innovation and learning

• Budget constraints and financing issues
• Lack of investment in basic infrastructure
• Lack of technology-related infrastructure readiness
• Fragmented authority
• Lack of governance frameworks and regulatory safeguards
• Lack of skilled human capital
• Environmental concerns
• Lack of citizen participation
• Technology illiteracy and knowledge deficit

Below is an overview of technologies and practices common to smart cities, though this list is by no means exhaustive or universal.

Open Wi-Fi: Affordable and reliable internet connectivity is essential for a smart city. Some smart cities provide free access to high-speed internet through city-wide, wireless infrastructure. Free Wi-Fi can facilitate data collection, support emergency response services, and encourage residents to use public places.

Internet of Things (IoT): The Internet of Things is an expanding network of physical devices connected through the internet. From vehicles to refrigerators to heating systems, these devices communicate with users, developers, applications, and one another by collecting, exchanging, and processing data. For example, data collected from smart water meters can inform better responses to problems like water leaks or water waste. The IoT is largely facilitated by the rise of smartphones, which allow people to easily connect to one another and to other devices.

5G: Smart city services need internet with high speeds and large bandwidth to handle the amount of data generated by the IoT and to process these data in real time. The increased connectivity and computing capacity of 5G internet infrastructure facilitates many of the internet-related processes needed for smart cities.

Smart Grids: Smart grids are energy networks that use sensors to collect real-time data about energy usage and the requirements of infrastructure and citizens. Beyond controlling utilities, smart grids monitor power, distribute broadband to improve connectivity, and control processes like traffic. Smart grids rely on a collection of power-system operators and involve a wide network of parties, including vendors, suppliers, contractors, distributed generation operators, and consumers.

Intelligent Transport Systems (ITS): Through intelligent transport systems, various transportation mechanisms can be coordinated to reduce energy usage, decrease traffic congestion, and decrease travel times.. ITSs focus on “last mile delivery”, or optimizing the final step of the delivery process. Autonomous vehicles often are associated with smart cities, but ITS goes far beyond individual vehicles.

Surveillance: As with connected objects, data about residents can be transmitted, aggregated, and analyzed. In some cases, existing CCTV cameras can be paired with advanced video-analytics software and linked to the IoT to manage traffic and public safety. Solutions for fixed video-surveillance infrastructure account for the vast majority of smart city surveillance globally, but mobile-surveillance solutions are also growing fast. The expansion of surveillance to personal identification is a hotly debated topic with significant ramifications for civil society and DRG actors.

Digital IDs and Services Delivery: Digital-identification services can link citizens to their city by facilitating the opening of a bank account or access to health services. Digital IDs centralize all information and transaction history, which is convenient for citizens but also introduces some security concerns. Techniques like minimal disclosure (relying on as little data as possible) and decentralized technologies like self sovereign identity (SSI) can help separate identity, transaction, and device.

E-government: Electronic government—the use of technology to provide government services to the public—aims to improve service delivery, enhance citizen engagement, and build trust. Making more information, such as government budgets, public and available to citizens is a primary element of e-government. Mobile smartphone service is another strategy, as mobile technology combined with an e-government platform can offer citizens remote access to municipal services.

Chief Technology Officer: Some smart cities have a Chief Technology Officer (CTO) or Chief Information Officer (CIO), who leads the city’s efforts to develop creative and effective technology solutions in collaboration with residents and elected officials. The CTO or CIO studies the community, learns the needs of the citizens, plans and executes related initiatives, and oversees implementation and continued improvements.

Interoperability: The many different services and tools used in a smart city should be able to function together, to communicate with each other, and to share data. This requires dialogue and careful planning between business suppliers and city governments. Interoperability means that new infrastructure must be able to function on top of a city’s existing infrastructure (for example, installing new “smart” LED lighting on top of existing city streetlight systems).

According to the OECD, modern cities use almost two-thirds of the world’s energy, produce up to 80% of global greenhouse-gas emissions, and generate 50% of global waste. Smart cities can contribute toward Sustainable Development Goal 11 on making cities and human settlements inclusive, safe, resilient, and sustainable by leveraging data to improve economic efficiency and power distribution, ultimately reducing a city’s carbon footprint and introducing new opportunities for renewable energy. Smart cities are often linked to circular economic practices, which include “up-cycling” of rainwater, waste products, and even open public data (see below).. In addition, smart city technologies can be leveraged to help prevent the loss of biodiversity and natural habitats.

Smart cities can help improve disaster preparedness, mitigation, response, and recovery. Data collection and analysis can be applied to monitoring environmental threats, and remote sensors can map hazards. For example, open data and artificial intelligence can be used to identify which areas are most likely to be hardest hit by earthquakes. Early warning systems, social media alert systems, GIS, and mobile systems can also contribute to disaster management. A major issue during natural disasters is the loss of communication; in a smart city, interconnected systems can share information about what areas need assistance or replenishment when individual communication channels go down.

Smart cities can facilitate social inclusion in important ways: through fast, secure internet access; improvements in access to government and social services; avenues for citizen input and participation; improvements in transportation and urban mobility; etc. For example, smart cities can establish a network of urban access points where residents can access digital-skills training while the digitization of health services can improve healthcare opportunities and help patients connect to their medical records. Cities may even be able to improve services for vulnerable groups by responsibly leveraging sensitive datasets to improve their understanding of these citizens’ needs—though this data must be given with full consent, and robust privacy and security safeguards must be in place. Smart city technologies can also be used to preserve cultural heritage.

An open approach to data captured by smart technologies can bring government, businesses, and civil society closer together. Public or open data—unlike sensitive, private data—are data that anyone can access, use, and share. An open-access approach to data means allowing the public to access these kinds of public, reusable data to leverage the social and economic benefits for themselves. This approach can also provide transparency and reinforce accountability and trust between citizens and government—for example by showing the use of public funds. In addition to open data, the design of software underlying smart city infrastructure can be shared with the public through open-source design and open standards. Open source refers to technology whose source code is freely available publicly, so that anyone can review it, replicate it, modify it, or extend it. Open standards are guidelines that help ensure that technology is designed to be open source in the first place.

Smart cities can encourage citizens to participate more actively in their communities and their governance by facilitating volunteering and community engagement opportunities and by soliciting feedback on the quality of services and infrastructure. Sometimes referred to as “e-participation,” digital tools can reduce the barriers between citizens and decision making, facilitating their involvement in the development of laws and standards, in the choice of urban initiatives, etc. The United Nations identifies three steps in e-participation: E-information, E-consultation, and E-decision-making.

As noted above, smart cities often rely on some level of citizen surveillance, the drawbacks of which are typically de-emphasized in marketing campaigns. A planned smart-city project in Toronto, Canada touted as a tool for addressing affordability and transportation issues in the city was ultimately derailed by the COVID-19 pandemic and significant scrutiny over privacy and data harvesting.

In many countries, individuals must give informed consent for their data to be legally collected, stored, and analyzed. Even if users blindly opt-in to providing their data to a website or app, at least there is a clear option for opting out of doing so. In public spaces, however, there is no straightforward way for people to opt out of giving their consent.. Do citizens consent to being surveilled when they are crossing the street? Have they been informed about how data collected on their movements and behaviors will be used? In democracies, there are opportunities for recourse if personal data collected through surveillance are misused, but in more illiberal settings this may not be the case. In China, for example, the use of millions of surveillance cameras that recognize faces, body shapes, and how people walk facilitates the tracking of individuals to stifle dissent.

Discrimination is sometimes made easier because of smart city surveillance and facial recognition technology. Smart city infrastructure can provide law enforcement and security agencies with the ability to track and target certain groups such as ethnic or racial minorities. This happens in democratic societies as well as non-democratic ones. A 2019 study conducted by the U.S. National Institute of Standards and Technology found that facial-recognition algorithms perform poorly when examining the faces of women, people of color, the elderly, and children. This is particularly concerning given that many police departments use facial recognition technology to identify suspects and make arrests. In addition to facial recognition,  data analytics are used to anticipate potential locations of future crime (a practice known as predictive policing ). A typical response to this analysis is an increase in the surveillance of “high-risk” areas, often neighborhoods inhabited by lower income and minority communities.

As a city becomes more digitally connected, data sharing increases. For example, a smartphone user may share geo-location data and other meta-data with multiple applications, which in turn share that data with other services. And yet as cities aggregate and process data about residents, expectations of privacy in people’s daily lives break down. The collection of some types of data, like information about where you have traveled in your car or how fast you typically drive, may seem harmless. But when paired with other data, patterns are quickly established that may reveal more sensitive information about your health and habits, your family and networks, the composition of your household, your religious practices, etc.

Personal information is valuable to companies, and many companies test their technology in countries with the fewest data restrictions. In the hands of private companies, data can be exploited to target advertising, calibrate insurance costs, etc. There are also risks when data are collected by third parties (particularly foreign companies) that might lock users into their services, neglect to share information about security flaws, have inadequate data-protection mechanisms, or maintain data-sharing agreements with other governments. Governments also stand to benefit from access to intimate data about their citizens: “[P]ersonal information collected as part of a health survey could be repurposed for a client that is, say, a political party desperate to win an election.” According to Ghanaian social innovator and entrepreneur Bright Simmons, “the battle for data protection and digital rights is the new fight for civil rights on the continent.”

In many cases, smartphones and the apps contained within them facilitate access to the full benefits of a smart city. . As of 2019, an estimated five billion people owned a mobile device, and over half of those devices were smartphones. But these numbers vary between advanced and developing economies, as well as between communities or groups within a given economy, potentially generating inequity in access to services and civic participation. Citizens with low literacy and numeracy skills, or who do not speak the language used by an application, will have further difficulty connecting through these interfaces. The reliance on apps also alienates unhoused populations who may not be able to charge their devices regularly or  be at higher risk of their devices being stolen.

The term “digital divide” generally refers to the gap between people who have access to and familiarity with high-quality and secure technology, and those who do not.  Smart cities are often criticized as being designed for the elite and privileging those who are already digitally connected. If this is the case, smart cities could exacerbate gentrification and the displacement of the unhoused.

The use of surveillance in smart cities can also be used to repress minority groups. Much has been reported on government surveillance of China’s Uyghur Muslim population in Xinjiang..

Smart cities have been accused of “data despotism.” If city governments can access so much data about their citizens, then why bother speaking with them directly? Because of potential algorithmic discrimination, flaws in data analysis and interpretation, or inefficiencies between technology and humans, an overreliance on digital technology can harm society’s most vulnerable.

Much literature, too, is available on the “digital welfare state.” Former United Nations Special Rapporteur on extreme poverty and human rights Philip Alston observed that new digital technologies are changing the relationship between governments and those most in need of social protection: “Crucial decisions to go digital have been taken by government ministers without consultation, or even by departmental officials without any significant policy discussions taking place.”

When basic human services are automated  and human operators are taken out of the transaction, glitches in the software and tiny flaws in eligibility systems can be dangerous and even fatal. In India, where many welfare and social services have been automated, a 50-year-old man died of malnutrition due to a glitch in his biometric thumbprint identifier that prevented him from accessing a ration shop. “Decisions about you are made by a centralised server, and you don’t even know what has gone wrong…People don’t know why [welfare support] has stopped and they don’t know who to go to to fix the problem,” explained Reetika Khera, an associate professor of economics at the Indian Institute of Management Ahmedabad.

These automated processes also create new opportunities for corruption. Benefits like pensions and wages linked to India’s digital ID system  (called Aadhaar) are often delayed or fail to arrive altogether. When a 70-year-old woman found that her pension was being sent to another person’s bank account, the government told her to resolve the situation by speaking directly to that person.

Like other urban projects, smart-city development can displace residents as existing neighborhoods are razed for new construction. An estimated 60% to 80% of the world’s forcibly displaced population lives in urban areas (not in camps as many would think), and one billion people (a number expected to double by 2030) in developing cities live in “slum” areas—defined by the UN as areas without access to improved water, sanitation, security, durable housing, and sufficient living area. In other words, urban areas are home to large populations of society’s most vulnerable, including internally displaced persons and migrants who do not benefit from the same legal protections as citizens. Smart cities may seem like an ideal solution to urban challenges, but they risk further disadvantaging these vulnerable groups; not to mention that smart cities neglect the needs of rural populations entirely.

Smart cities present an enormous market opportunity for the private sector, sparking fears of the “corporatization of city governance.” Large IT, telecommunication, and energy-management companies such as Huawei, Alibaba, Tencent, Baidu, Cisco, Google, Schneider Electric, IBM, and Microsoft are the driving forces behind the technology for smart-city initiatives. As Sara Degli-Esposti, an honorary research fellow at Coventry University, explained: “We can’t understand smart cities without talking of digital giants’ business models…These corporations are already global entities that largely escape governmental oversight. What level of control do local governments expect to exercise over these players?”

The important role thereby afforded to international private companies in municipal governance raises sovereignty concerns for governments, along with the privacy concerns for citizens cited above. In addition, reliance on private- sector software and systems can create a condition of business lock-in (when it becomes too expensive to switch to another business supplier). Business lock-in can get worse over time: as more services are added to a network, the cost of moving to a new system becomes even more prohibitive.

Connecting devices through a smart grid or through the Internet of Things brings serious security vulnerabilities for individuals and infrastructure. Connected networks have more points of vulnerability and are susceptible to hacking and cyberattacks. As smart systems collect more personal data about users (like health records), there is an increased risk that unauthorized actors will gain access to this information. The convenience of public, open Wi-Fi also comes at a cost, as it is much less secure than private networks. The IoT has been widely criticized for its lack of security, in part because of its novelty and lack of regulation. Connected devices are generally manufactured to be inexpensive and accessible, without cybersecurity as the primary concern.

The more closely linked infrastructure is, the faster and more far-reaching an attack can be. Digitally linked infrastructure like smart grids increases cybersecurity risks due to the increased number of operators and third parties connected to the grid, and this multiplies supply-chain risk-management considerations. According to Anjos Nijk, director of the European Network for Cyber Security: “With the current speed of digitisation of the grid systems.. and the speed of connecting new systems and technologies to the grids, such as smart metering, electrical vehicle charging and IoT, grid systems become vulnerable and the ‘attack surface’ expands rapidly.” Damaging one part of a large, interconnected system can lead to a cascade effect on other systems, potentially resulting in large-scale blackouts or the disabling of critical health and transportation infrastructure. Energy grids can be brought down by hackers, as experienced in the December 2015 Ukraine power grid cyberattack.

Barcelona is often referred to as a best-practice smart city due to its strongly democratic, citizen-driven design. Its smart-city infrastructure consists of three primary components: Sentilo, an open-source data-collection platform; CityOS, a system for processing and analyzing the collected data; and user interfaces that enable citizens to access the data. This open-source design mitigates the risk of business lock-in and allows citizens to maintain collective ownership of their data, as well as provide input on how it is processed. A digital participatory platform, Decidim (“We Decide”), enables citizen participation in government through the suggestion and debate of ideas. Barcelona has also implanted e-democracy initiatives and projects to improve the digital literacy of its citizens. In 2018, Barcelona’s Chief Technology and Digital Innovation Officer Francesca Bria commented on reversing the smarty city paradigm: “Instead of starting from technology and extracting all the data we can before thinking about how to use it, we started aligning the tech agenda with the agenda of the city.”

Starting in 2019, the Serbian government began implementing a Safe City project in the capital city of Belgrade. The installation of 1,200 smart surveillance cameras provided by Chinese tech giant Huawei raised red flags among the public, civil society, and even some European Union institutions. The Serbian Commissioner for Information of Public Importance and Personal Data Protection was among the first to sound the alarm, stating “there is no legal basis for the implementation of the Safe City project” and that new regulation was needed to address facial-recognition technology and the processing of biometric data. As Danilo Krivokapić, director of the Belgrade-based digital rights organization SHARE Foundation observed, “The public was not informed about the technical scope or price of the system, the specific needs it was meant to address, or the safeguards that would be needed to mitigate potential human rights risks.” In an effort to improve transparency around the project, the SHARE Foundation developed a crowdsourced map showing verified camera locations and their technical features, which ended up differing substantially from a list of camera locations provided by officials. Two years after the rollout of the Safe City project in Belgrade, a group of MEPs wrote a letter to the European Parliament’s Minister of Interior to voice their concerns about Belgrade becoming “the first city in Europe to have the vast majority of its territory covered by mass surveillance technologies.”

Konza Technopolis, a flagship of Kenya’s Vision 2030 economic-development plan, promises to be a “world-class city, powered by a thriving information, communications, and technology (ICT) sector; superior reliable infrastructure; and business-friendly governance systems.” Plans for the city include the gathering of data from smart devices and sensors embedded in the urban environment to inform the delivery of digitally enhanced services. According to the official website for Konza, the city’s population will have direct access to collected data (such as traffic maps, emergency warnings, and information about energy and water consumption), which will enable citizens to “participate directly in the operations of the city, practice more sustainable living patterns, and enhance overall inclusiveness.” Between the announcement of plans for the development of Konza in 2008 and a journalist’s trip to the city in 2021, little progress seemed to have been made despite claims that the city would create 100,000 jobs by 2020 and generate $1 billion a year for the Kenyan economy. Yet investment from South Korea may have given new life to the project in 2023, as new projects were set to take place, including the development of an Intelligent Transport System (ITS) and an integrated control center.

In 2021, Saudi Crown Prince Mohamed bin Salman revealed initial plans for The Line, a futuristic linear city that would be constructed vertically, have no roads or cars, and run purely on renewable energy. The Line is part of the $500 billion Neom mega-city project, which has been described not just as a “smart” city, but as a “cognitive” one. This cognitive city is built on three pillars: “the ability for citizens and enterprises to connect digitally to physical things; the ability to be able to compute or to analyze those things; and the ability to contextualize, using that connectivity to drive new decisions.” Planning documents produced by U.S. consultants include some technologies that do not even exist yet, such as flying taxis, “cloud seeding” to produce rain, and robot maids. In addition to being somewhat fantastical, the project has also been controversial from the outset. Around 20,000 people, including members of the Huwaitat indigenous tribe, faced forced relocation due to construction for the project; according to Al Jazeera, a prominent Huwaitat activist was arrested and imprisoned in 2020 over the tribe’s refusal to relocate. Concerns also stemmed from the strengthening of ties between the crown prince and Chinese Communist Party chairman Xi Jinping, who agreed to provide powerful surveillance technology to Saudi Arabia. Marwa Fatafta, a policy manager at the Berlin-based digital rights organization Access Now, warned that smart city capabilities could be deployed as a tool for invasive surveillance by state security services. This could include deploying facial recognition technology to track real-time movements and linking this information with other datasets, such as biometric information. Saudi Arabia has a demonstrated track record of using technology to crack down on online expression, including through the use of Pegasus spyware to monitor critics and the stealing of personal data from Twitter users who criticized the government.

Singapore’s Smart Nation initiative was launched in 2014 to harness ICT, networks, and data to develop solutions to an aging population, urban density, and energy sustainability. In 2023, Singapore was named the top Asian city in the Institute for Management Development’s Smart City index, which ranks 141 cities by how they use technology to achieve a higher quality of life. Singapore’s smart-city infrastructure includes self-driving cars; patrol robots programmed to detect “undesirable” behavior; home utilities management systems; robots working in construction, libraries, metro stations, coffee shops, and the medical industry; cashless payment systems; and augmented and virtual reality services. Hundreds of gadgets, sensors, and cameras spread across 160 kilometers of expressways and road tunnels (collectively called the Intelligent Transport Systems or ITS) gather data to monitor and manage traffic flows and make roads safer. Singapore’s e-health initiative includes an online portal that allows patients to book appointments and refill prescriptions, telemedicine services that allow patients to consult with doctors online, and wearable IoT devices that monitor patients’ progress during telerehab. In a country where an estimated 90% of the population own smartphones, Singapore’s Smart Nation app is a one-stop platform for accessing a wide range of government services and information.

In 2017, Toronto awarded a contract to Sidewalk Labs, a smart-city subsidiary of Google’s parent company Alphabet, to develop the city’s eastern waterfront into a high-tech utopia. The project aimed to advance a new model of inclusive development, “striving for the highest levels of sustainability, economic opportunity, housing affordability, and new mobility,” and serve as a model for solving urban issues in cities around the world. Sidewalk Labs planned to build sustainable housing, construct new types of roads for driverless cars, and use sensors to collect data and inform energy usage, help curb pollution, and lessen traffic. However, the project faced constant criticism from city residents and even Ontario’s information and privacy commissioner over the company’s approach to privacy and intellectual property. A privacy expert left their consulting role on the initiative to “send a strong statement” about the data privacy issues the project faced after learning that third parties could access identifiable information gathered in the waterfront district. Ultimately the project was abandoned in 2022, allegedly due to the unprecedented economic uncertainty brought on by the COVID-19 pandemic.