Personal Data Protection as a Driver for Improved Cybersecurity Practices in U.S. Public Transit

You are here

Personal Data Protection as a Driver for Improved Cybersecurity Practices in U.S. Public Transit


Efforts to modernize public transit and provide better, more efficient services to passengers are facilitated in part by the collection of information about who, when, where, and how transit services are being used across cities.

Expanding data collection, however, increases the importance of having robust and secure data management and privacy practices in place—something lacking in many U.S. transit agencies.

Ultimately, transit agencies will be held to account just as any other business will be—regardless of industry—for the security of the data they collect, process, and leverage for service delivery or other purposes. A failure to protect personal data in the process not only has a direct impact on the data owner, but it can also have a material impact on an agency’s operations, finances, compliance status, and reputation. Fortunately, with the institution of comprehensive enterprise risk management plans, agencies can establish and mature cybersecurity policies and practices that will allow them to both collect data to inform business improvements and protect the personal information of their customers and employees.



Scott Belcher is the President and CEO of SFB Consulting, LLC, where he specializes in transportation, transportation technology, the internet of things, smart cities, and the environment. Mr. Belcher serves on a number of public and private advisory boards. Mr. Belcher holds a JD from the University of Virginia, a Masters of Public Policy degree from Georgetown University, and a Bachelor of Arts degree from the University of Redlands in Redlands, California.

December 2021



Contact Us

SJSU Research Foundation   210 N. 4th Street, 4th Floor, San Jose, CA 95112    Phone: 408-924-7560   Email: