Smart cities lie at the evolving intersection of people and digital technologies. Establishing cross-sector cybersecurity protocols that treat the smart city as an interdependent assemblage of activities entails more than addressing the costs associated with responding to cyberattacks. This research proposal seeks to answer the question: What are the transaction costs associated with developing and implementing cybersecurity governance frameworks, such as third-party data trusts, in smart cities? Smart city scholarship includes discussions on third-party data trusts as data governance mechanisms (Andrade et al., 2020; Valverde and Flynn, 2019) and empirically, there are examples of such data trusts in practice in Spain and Estonia (Barcelona Digital City, CityOS; Digital Governance Proposals Draft Report, Sidewalk Labs, 2018). The results of this proposed study could then be used as part of efforts to estimate the total costs of smart city initiatives and contribute to more robust evaluations of cybersecurity management in urban settings. To investigate the research question, we will employ a mixed-methods case study-based approach, using transaction cost analysis (Whittington, 2012; Siemiatycki, 2011), semi-structured interviews, and document analysis. The results of this work will contribute to theory development in urban governance and cybersecurity scholarship, particularly given the understudied nature of transaction costs associated with third-party data trusts. This is all the more important as recent research regarding third-party trusts as technology governance mechanisms suggests that their presence will persist, especially in Europe and the US (Andrade et al., 2020; Cybersecurity Futures 2025, 2019).
Findings, Papers, and Presentations