Smartcities, Blockchain & Digital Economy


Modern urban planning faces problems that are also opportunities for development: traffic congestion that triggers new mobility, sensors that make the detail of urban activities visible, intelligible and usable, or the development of e-administrations.

Among the immediate foreseeable futures, is a future in which the city becomes sustainable, respects “human digital rights” and creates a new digital metropolitan economy.

In this future, the Digital Metropolis will produce a continuous flow of data through the interactions of its users, captured by urban installations and fed by IoT[1]. This will allow the use of anonymised data management technologies that will generate new services, such as[2] :

  • Smart supply chain services[3]
  • Predictive roadway management mechanisms that are able to modify in real time, traffic flow following incidents;
  • Optimised mobility based on commuters’ behaviour;
  • Energy micro-grids (photovoltaic, wind, thermal) and time-based rental of public or private assets (eg parking[4] …) ;
  • Optimized management of water, transport, lighting, public services…

However, to achieve these objectives, it will not be enough to stuff urban furniture with sensors and communication relays[5] to use the full potential of IoT (physical infrastructure). Above all, a digital infrastructure and regulatory framework will have to be put in place.


I. Smart City, Blockchain & GDPR

The data flow already generated by connected objects has shown its vulnerability to cyber attacks[6] and blockchain could be one way to minimize the risk of attack[7]. So blockchain technology should be bound to any Smart City project though the most relevant type of blockchain remains to be determined.

Since the management of a smart-city and the associated digital activity does not seem to require absolute decentralization, Public Blockchain won’t be a panacea. Moreover, data security requirements rather militate in favour of limiting this decentralization to secure entities representing, for various political/governance reasons[8], distinct cohorts of users (public services, users, suppliers, consumers, etc.). It is therefore the model of the “Consortium Permitted Blockchain” model [9] which should be preferred to manage the dissemination and protection of personal data, which, in addition, constitutes a meeting point with the notion of digital sovereignty and the implementation of the principles of the GDPR[10] ‘General Data Protection Regulation’

Such structures consist of [11] :

  • A database listing all transactions, replicated on the servers of the “validators”; these servers may then be located in places and belong to institutions compatible with the requirements of digital sovereignty[12]
  • Users: smart city users, institutions, service providers.
  • Smart contracts / chain code.
  • Endorsers : reliable entities representing distinct user cohorts.
  • Certificate authority that assigns users the access rights verified by the controllers. This role may, for governance reasons, be divided or delegated. But above all, it is predetermined to assume the function of “Data Protection Officer” provided for in the GDPR.

Thus, the blockchain will not only secure data against various malicious attacks but will also respect the requirements of the protection of “digital rights” of the data subject imposed by the GDPR provided that :

  • The self-executed contracts provided for by the Blockchain Protocol incorporate, as an essential clause of the membership agreement,[13]specific standard mechanisms to allow explicit notification and validation of the use of personal data in transactions.
  • A “privacy by design” data acquisition mechanism with private key signature and digital timestamping mechanisms to ensure the security and confidentiality of data.
  • A previous user consent[14] before any access to the encrypted key which is only accessible by the user.
  • A deletion mechanism enclosed in the encrypted data at the user’s request or after a fixed time.

II. Smart City & Digital Economy

The conversion of the Smart City to blockchain is therefore not only a security requirement but also a prerequisite for the development of a new “digital metropolitan economy”.

Thus the user of the smart city, by his activity in the city (movement, consumption,…), will produce a cloud of information recorded by different sensors. This information can be identified (subject, sensor…), anonymized and used. Thanks to Blockchain’s mechanisms and self-executed contracts, the user/data subject; (i) may request its deletion, (ii) may be remunerated if the storage is accepted by the data subject, and also for each subsequent use.

This implies that the “territoriality” of the data must take precedence over its volatility and that it must be subject to the law of the jurisdiction where it is produced. However, this would run counter to the current practice of “applications” that collect data and Facebook-Google-Microsoft-Twitter’s desire to be able to exchange data in a delocalized, deregulated cloud[15] or only subject to US law (?).

Moreover, the anonymization of the collected data would not make it less valuable because AI and Big Data are interested in individuals and not persons [16].

Similarly, the “sensors” could be rewarded each time the data they have collected are used.

Metropolitan institutions, research centres, companies and start-ups could access the data on payment of a fee and use this digital material to create and execute new services and thus develop a new metropolitan economy.

For instance, if we consider that in a city there are rush hour traffic jams with commuters arriving and leaving at the same time, then one solution may be to spread the working hours through a platform that pays commuters for virtuous behaviour and produces a data flow that allows the development of new services.

Thus, assuming the agreement of all stakeholders, one could imagine that each employee has an application on his smartphone on which, the day before, he chooses an arrival and departure time within a given range, as well as a route. Depending on his choices, he will receive a bonus. When on the move, his smartphone connects to different terminals. If connections are made at the terminals corresponding to the chosen route within the specified time limits, the self-executed contract shall pay the agreed bonus into his account (wallet). If he is in default, his account will automatically be debited with a penalty.

The connection data from his smartphone to the terminals are anonymized and join the global data flow that is accessible, for example, to road services that know in real time the user flows and can check if these data are consistent with the predictions generated by the application.

In the event of an incident, authorities can send a message to each user, through the application, to divert them. This message modifies the self-executed contract and the user now receives the bonus if he complies with the instructions of the road authority.

In addition, extra bonuses may be granted to promote virtuous behaviour (compliance with speed limits, carpooling, etc.).

Finally, the user could use these bonuses to: pay the cost of public or private parking (airbnbisation of private car parks…), pay fines, municipal taxes, benefit from discount vouchers in shops etc.

These bonuses can take the form of tokens and become part of the ecosystem, replacing fiduciary currencies, as well as complementary local currencies [17].

Furthermore, the token can also contribute to the formation of the smart city by raising funds to finance its structure or development (through ICO [18] ?).

Finally, the token does not only have a functional value, it also has a speculative value provided that it can be freely traded on an Exchange (Secondary Market).

And this is how a Digital city token economy can develop[19].

In order to be fully deployed, the Smart City concept cannot therefore be limited to that of a “new city” or “augmented city” generating a flow of unsecured and collated data in a database.

To be an engine of economic development, the Smart City must enhance and secure data by using Blockchain mechanisms specifically adapted to its needs. It must also, from the outset, assume its ambition as a Cité-Monde. With its economy, its currency, its “political” guarantees.

Above all, it must offer security to its users, as the first cities offered to their inhabitants through the construction of fortified enclosures[20]. In this respect, two types of protection must be distinguished: that of digital personality rights, as a corollary to the recollection and exploitation of private data, and that of digital sovereignty as a consequence of the use of a blockchain protocol, an associated crypto currency (token), and related institutions (Exchange, Custodian…). Because the question must be asked, can a territory base its development on protocols/currencies that it does not control?

Here too, the answer may consist in choosing a blockchain protocol permitted by the Consortium, an exchange or a sovereign custodian, regulated by a specific legal corpus.

And considering that it would be more secure to use a Sovereign Exchange, that would assume KYC and AML[21] control of users, or a Sovereign Custodian that would mobilize collective cyber security resources and allow the use of cold wallets on “sovereign” servers, does not mean that these entities must be public or “municipal”.

Indeed, partnerships, regulators and BOT systems (…) can offer relevant solutions.

However, embarking on this path presupposes providing a reference framework for all the participants of this new ecosystem. This framework could be private — based on a global contractual architecture of private law and “pillar” institutions (databases, controllers, messengers, administrators, exchange, custodian) incorporated into private law legal entities — or mixed by bringing together private and public operators. But in both cases, a regulatory framework for Distributed Ledger Technologies (DLT) will have to provide the predictability and security necessary for harmonious development.


III. Social and Legal aspects

The Smart City is not a technological mirage but an economic promise. That of a better organisation of transport flows, the optimisation of urban assets, the generation of energy savings, the reduction of carbon emissions[22], the enhancement of virtuous behaviour, the strengthening of productivity, the development of trade, the increase to personal safety. It is also a tool to build and strengthen social ties, interact with e-administration, and provide support for crisis communication.

The holistic and political dimension of the smart city project can be frightening because of its complexity. However, this can be resolved by emphasizing the fact that the deployment of a digital metropolis is done in successive phases: (1) installation of a connected infrastructure, (2) creation of a digital community and integration of data into a licensed and protective blockchain system, and finally (3) deployment of the smart city and a Metropolitan Digital Economy.

However, if the sequencing of the implementation of such a project can be spread over time, it is nevertheless necessary, from the outset of the project, to build its holistic representation, to place the technological cursor, that of its autonomy, its economic and political model[23].

Then to aggregate it throughout its implementation as widely as possible (public actors[24], private actors, intermediate bodies, technical operators, potential consumers/users).

It is also imperative, before the beginning of Phase 2, to have a state regulatory framework that provides a secure framework to organize the relationships between the various actors in the proposed ecosystem.

Indeed, for example, not granting a special legal regime to self-executed contracts is tantamount to making these membership contracts subject to general consumer law, which would not be without consequences for their self-execution and could even totally block the smart city.

So at the beginning of the transformation of a connected city into a real Smart City, there is the law. This regulation can be limited to proposing a “Sandbox License” or organizing and regulating the entire biotope of Distributed Ledger Technologies (DLT).

However, it could be considered that it depends on the public authority to enact a number of legal qualifications (DLT/Smart Contracts; Token/digital securitisation/digital financial assets/digital financial instruments…), to create a supervisory authority, new regulated professions (Digital Attorneys; Technical Certificates; Blockchain Controllers licensed by the Consortium) and to distinguish between regulated activities and free market activities. But above all, to allow derogation from ordinary law (consumer law, financial law, criminal law, civil law, etc.) and to provide for a specific regime governed by the special and adaptive regulations of the supervisory authority covering company law, public procurement law, tax law and also banking and insurance aspects.

However, public authorities often have the impression, as far as smart cities are concerned, that they are facing the paradox of the chicken and the egg. To create a regulation it is necessary to have use cases and to develop use cases it is necessary to have a special law that protects the project from the application of common law. And the temptation is then strong to wait for others to find the solution, to launch experiments blindly to the economic and legal consequences.

This step is being overtaken. The effervescence around crypto currencies, ICOs, experimentation around the blockchain[25], the appearance of the first complete legislation on Distributed Ledger Technologies (DLT) now provides the elements to break out of this vicious circle.

So it’s time for the Digital Metropolises!

This article had been written by Damien Concé, Doctor in Law and Simon Huxford, General Counsel. For more information, please visit our page dedicated to ICO/Blockchain's services or contact Damien Concé 



[7] Securing Smart Cities Using Blockchain Technology, Kamanashis Biswas & Vallipuram Muthukkumarasamy
[9] “Consortium Blockchains: Overview, Applications and Challenges”, Omar Dib, Kei-Leo Brousmiche, Antoine Durand, Eric Thea, Elyes Ben Hamida, IRP System X, Paris-Saclay, France
[14] cf civis-blockchain
[16] E. Housset , « La vocation de la personne. L’histoire du concept de personne de sa naissance augustinienne à sa redécouverte phénoménologique », p.22–23 :”La personne n’est donc pas un simple individu puisque l’individu comme catégorie qui s’étend à tous les étants, est ce que l’on ne peut diviser et est l’exemplaire d’une espèce. En effet, entre les individus d’une même espèce, il n’y a qu’une différence numérique, c’est-à-dire une différence accidentelle, et même si on reconnaît comme Leibniz que tout dans la nature est individué, une telle individuation demeure secondaire puisque c’est l’appartenance à l’espèce qui permet la définition. La personne ne se laisse pas comprendre comme un individu qui a conscience de lui-même, parce que son être est d’être justement relation à autre chose que soi : elle ne se définit pas comme un étant car tout son être est de se porter vers le monde, vers les autres hommes et vers Dieu. Elle est en elle-même un mouvement de transcendance et elle n’a l’intelligence d’elle-même que dans son mouvement.”
[23] Voir « La plateforme d’une ville ; les données personnelles au cœur de la fabrique de la smart city » cahiers IP, Innovation & prospective, n° 5 ; CNIL :