7.4 Using best-in-class resiliency and security statements. The five subsections are as follows: • “Four types of urban data”; this subsection is split into “Non- The digital systems and services proposed by Sidewalk Labs personal data,” “Aggregate data,” “De-identified data,” and for the Toronto smart city project had the potential to generate “Personal information” (Ibid., 2017b: 417); new risks: intentional actions, inadvertent disruptions, and so • “Implement the Urban Data Trust” (Ibid., 2017b: 420-423); forth. To anticipate those risks, the company planned to build on • “Establish RDU Guidelines” (Ibid., 2017b: 424) these assumptions by ensuring a reliable system that could be • “Set a clear process for urban data use or collection” (Ibid., resilient to hackers and environmental effects. The approach to 2017b: 426-427) the resilience and security of these digital services was based • “How it works: RDU Assessment case studies” (Ibid., 2017b: on three main pillars: 436-440). •Preventing disruptions to those services and the loss of their functionality; To ensure a clear strategy for urban data use or display, •The capacity to rapidly and effectively detect any loss in Sidewalk Labs defined an action plan to guarantee security and functionality; transparent data collection processes. •Being able to restore functionality to any user that experienced an issue quickly. In the first step, Sidewalk Labs claimed that the individual or entity requesting data could need to determine whether These priorities were defined according to the standard or not the proposal involved urban data (that is, information approach taken by government and municipalities to ensure collected from the public, such as pedestrian counters or traffic critical systems’ resilience. cameras), transaction data, or both types. 7.5 Creating a trusted process for responsible data use If the individual or entity requested urban data, Sidewalk Labs (RDU) proposed that the data collector would submit a Responsible Data Use (RDU) assessment to the Urban Data Trust. However, Sidewalk Labs defined its innovation plan according to no evaluation could be required for transactional data—only three steps: “open digital infrastructure,” “clear standards,” the consent of the individual or entity. Here, Sidewalk Labs and “trusted process for responsible data use” (Sidewalk estimated that the transaction data should not be under the Labs, 2017b: 277-278). To complement the flexible digital Urban Data Trusts because the data collector would already infrastructure and the published standards approach, Sidewalk be accountable under applicable privacy laws, either to obtain Labs believed that the third step would consist of instilling consent to the collection or to ensure they had the proper community trust that information collected in cities will legislated authority in the case of public entities. Furthermore, preserve individuals’ privacy and be used only for the good of this type of data is not considered as a public asset because it the greater number (Sidewalk Labs, 2017b: 408). Even though includes personal information that should not be collected by Canada recognizes privacy as a fundamental human right, a third party. the technological world is developing fast, and so the law and regulations must adapt too (“Creating a Trusted Process for The second step would have been that both public and private Responsible Data Use”; Sidewalk Labs, 2017b: 414-415). The entities seek to collect or use urban data to complete the RDU Sidewalk Toronto project has sparked significant conversations assessment (that is, in-depth review outlining the purpose of the about a new approach to digital governance in cities (Sidewalk digital proposal, type of urban data, impact on community, risk Labs, 2017a: 240-241), generating new ideas from Canadian evaluation, and potential benefits). The Urban Data Trust could experts, stakeholders, and the public (Sidewalk Labs, 2017b: use the RDU assessment to assess how the proposal conforms 414-415). to the RDU guidelines (Sidewalk Labs, 2017b: 414-441). 7.5.1 Setting a straightforward process for urban data use or 7.5.2 Detection and auditability collection To confirm the integrity and reliability of the digital system, Within Volume 2 of its publications, Sidewalk Labs included a Sidewalk Labs planned to use auditing systems for any full and long chapter entitled “Creating a Trusted Process for platforms and code it maintained, not only to verify that it was Responsible Data Use” (Sidewalk Labs, 2017b: Chapter 5 - Part consistent in running the same software but also to confirm 3: 414-441). It is hard to summarize this chapter, but its five that it met the quality expected by the Urban Data Trust (UDT) subsections’ titles give a good flavor of the firm’s policy and (Sidewalk Labs, 2017b: 438). 187 Quélin and Smadja | HEC PARIS | SMART CITIES | The sustainable program of six leading cities | 2021