Santa Fe Smart City Sensors - Bylaw Guide

This guide explains how Santa Fe, New Mexico staff should approach deployment, data governance, and ethical use of smart city sensors and AI. It synthesizes city code, technology and privacy policies, and operational practice so staff can plan lawful sensor installation, data handling, transparency, and community engagement. Where specific bylaw text or penalties are not published, the cited official pages are identified and statements note when an amount or procedure is "not specified on the cited page."

Overview of Legal Framework

City bylaws and ordinances apply to equipment installed on public property and to city-controlled data systems; privacy and procurement policies further govern collection, retention, and sharing of sensor data. Staff should consult the City Code for applicable ordinance language and the city privacy and technology pages for operational policies and guidance City Code - Santa Fe^[1], City Privacy Policy^[2], and the Technology Services guidance page Technology Services^[3].

Key Legal Considerations for Sensors & AI

• Data classification: identify personally identifiable information (PII) and apply minimization and retention rules.
• Recordkeeping: maintain inventories of sensor locations, data types, access logs, and retention schedules.
• Consent and notice: ensure signage or public notice where required by policy or ordinance.
• Procurement and contracting: include privacy and security requirements in vendor agreements.
• Algorithmic transparency: document AI models, training data provenance, and audit traces.

Penalties & Enforcement

Enforcement of city ordinances and unauthorized data practices can involve administrative fines, orders to cease or remediate, and referral to municipal court or civil action. The Santa Fe City Code is the primary source for ordinance language and any specified penalties; where monetary fines or specific escalation are not stated on the cited pages, that fact is noted.

• Fine amounts: specific fine amounts for sensor or data-privacy violations are not specified on the cited page for general sensor deployment; consult the City Code for particular sections that mention fines and penalties.^[1]
• Escalation: first, repeat, and continuing offence frameworks are not specified on the cited page unless an ordinance section explicitly states escalation; see City Code for any section-specific rules.^[1]
• Non-monetary sanctions: city orders to remove or disable equipment, injunctive relief, records preservation orders, and referral to municipal court or civil litigation are potential remedies under city authority.
• Enforcer and complaint pathways: Code Compliance, Technology Services, and the City Attorney's office handle investigations and enforcement; staff and public may use official complaint/contact pages on the city site for reporting.^[3]
• Appeals and review: appeal routes generally follow administrative appeal to the appropriate city hearing body or municipal court; specific time limits for appeals are not specified on the cited page and should be confirmed in the applicable ordinance or enforcement notice.^[1]

Applications & Forms

Required permits or forms for equipment on public right-of-way, excavation, or attachment to city assets are usually handled through Planning, Public Works, or Permits & Inspections. If a sensor project requires a franchise, easement, or excavation permit, staff must complete the city permit forms applicable to that department; specific form names and fee schedules are available from the relevant department pages (see Help and Support / Resources below). If no form is required for a particular sensor type, that is typically documented on the permitting page for the controlling department.

Operational Compliance Steps for Staff

• Pre-deployment assessment: complete a privacy impact assessment and data protection plan.
• Procurement clause: include data use, deletion, audit rights, and encryption standards in contracts.
• Public notice: plan outreach and signage where sensors are in public spaces.
• Logging and audits: define access controls, retention schedules, and periodic audits.
• Incident response: register incident reporting paths with Technology Services and City Attorney.

FAQ

Do I need permission to install a sensor on a city pole?

Yes—attachments to city-owned infrastructure typically require a permit or authorization from the department that manages that asset; consult Public Works or Permits & Inspections.

Where can I find city rules about data retention and privacy for sensors?

Review the City Code for relevant ordinances and the City's privacy policy and Technology Services guidance pages for retention and privacy practices.^[1][2][3]

What if a vendor refuses to include deletion or audit clauses?

Do not finalize procurement—notify Procurement and Technology Services to revise contract requirements to meet city policy and legal standards.

How-To

1. Assemble a cross-departmental project team including Technology Services, Procurement, Legal, and the affected operational department.
2. Conduct a privacy impact assessment and technical risk assessment documenting data types and minimization steps.
3. Verify permitting requirements and submit any required right-of-way, excavation, or site-attachment applications to the responsible department.
4. Negotiate vendor contracts with explicit data use, retention, deletion, audit, and security clauses.
5. Implement monitoring, logging, public notice, and a community engagement plan prior to activation.

Key Takeaways

• Early coordination with Technology Services and Legal reduces compliance risk.
• Contracts must specify data limits, retention, and audit rights.

Help and Support / Resources

• Technology Services - City of Santa Fe
• Santa Fe City Code (Municode)
• City Privacy Policy
• Code Compliance - City of Santa Fe

1. [1] City of Santa Fe Code of Ordinances - Municode
2. [2] City of Santa Fe Privacy Policy
3. [3] City of Santa Fe Technology Services