Smart meter privacy

Raj Samani, CTO at McAfee, has responded to the government’s recently published decisions on rules for smart meter privacy and security.

Energy companies have always collected information about customer usage. Now with the enhanced capabilities of smart meters, customer questions surrounding this have intensified. Many have asked – How is my data being used? Who has access to my data and when? Why do you need to know?

This is a key issue. In fact, the British government has published rules around smart meter privacy, explaining that consumers will have choice on how often their energy supplier can access their energy consumption data and suppliers will not be able to use energy consumption data for marketing purposes unless they have explicit consent.

By greatly expanding the amount of data available related to energy consumption within the home through smart grid technology like smart meters, there is great opportunity, but also great risk. It is therefore imperative that not only security and privacy controls are built into smart meter systems from the design phase, but also that privacy assessments are conducted regularly to keep up with the evolving threat to landscape, research activities, and customer concerns.

Metering data is already being utilised by law enforcement for activities such as identifying suspected marijuana growers. In Ohio alone there are at least 60 subpoenas filed each month. The legality of such actions was also the basis of the court case between Kyllo v. United States, where utility records were used to develop a case against a suspected marijuana grower.

Although the legality of accessing smart meter data for law enforcement purposes is likely to come under further scrutiny, one thing is very clear, that the amount of data available through smart meters will be considerable and of value to more stakeholders than just law enforcement. Many third parties from marketers to hackers would find this data useful. Techniques known as Nonintrusive Appliance Load Monitoring (NALM) are able to identify individual appliances using libraries of known patterns. An Italian research study from 2002 using data from 15 minute intervals were able to pinpoint the use of washing machines, dishwashers and water heaters with an accuracy rate over 90%.

Utilities introducing smart meters to their customers should consider undertaking a detailed assessment to understand and analyse the privacy implications within a given system.

In the European Union, a privacy impact assessment, by following the Data Protection Impact Assessment (DPIA), is a recommended action through a number of authoritative sources.

In the United States, Volume 2 of NISTIR 7628 from The Smart Grid Interoperability Panel Cyber Security Working Group, recommends to ‘Conduct an initial privacy impact assessment before making the decision to deploy and/or participate in the Smart Grid.’

I don’t mean to suggest that these guidelines will eliminate all privacy risks of smart meter deployment. As we experience the proliferation of smart meters in our homes, it is also more than likely there will considerable research conducted to determine what additional information can be garnered. Just as we saw with the earlier example with the ability to detect what appliances are running within the home using energy signatures, there are likely to be equally surprising results in the future.

One thing for certain is that there is real concern from consumers about smart meters, with some individuals taking very severe actions to stop meters being installed on their homes. For example in Houston, Texas, Thelma Taormina recently posted signs on her home that read, ‘No smart meters are to be installed on this property.’

When a CenterPoint Energy worker ignored this advice attempting to replace her old electricity meter, Taormina drew her gun on the individual demanding they leave the property. She later commented, “Our constitution allows us not to have that kind of intrusion on our personal privacy. They’ll be able to tell if you are running your computer, air conditioner, whatever it is.”

Consumers are clearly, and based on recent research quite rightly, very concerned about the privacy implications associated with smart meters. Many in the industry believe that most concerns are a matter for consumer education. That may be so, but failure to protect our personal and behavioral data has the ability to not only slow down meter deployments but also possibly stop the roll-out altogether.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Related Posts

Daikin sponsors venue for new immersive attraction

How will infection control change the face of ventilation?

Flexenergy pipe network optimises heating system for homeless

Energy-efficient AC technologies help cool UK homes