Smart cities use communication technologies to collect and analyze data to enhance services for citizens. These collected data lead to many shortcomings in user’s privacy which contains personal information.

User’s privacy in smart cities can be location, images, identity, daily activities, etc., and user does not want to leak this information for someone who not having authorization. On the other hand, in order to improve the services, the information collected by smart cities was stored to analyze to come up with the best solution.

Storing data puts privacy at high risk because the adversary can attack the system, and gather sensitive personal information from the server. E.g. Ransomware is “a type of malicious software designed to block access to a computer system until a sum of money is paid” according to Oxford dictionary; it can infect the smart cities computer system.

Smart cities need a standard security for privacy protection to build a strong public trust and confidence. This standard must focus on:

  • Limits on collection
  • Use and disclosure of personal information
  • Notice of collection
  • Privacy complaint
  • Investigations
  • Public reporting

Nowadays, privacy isn’t existing in public because of the freedom of information, freedom of speech and many other freedoms; one can take other’s picture and post it onto Facebook, Instagram, Twitter without permission so easily. Moreover, smart devices manufacture also collect data from users without their consent; after a period of time these organizations admit what they did, and the reason is just to improve their devices.

Are smart cities trustworthy without a privacy security standard? and who will be the one to take responsibility? are two main concerns.