3 Comments

Summary:

To manage it, you must measure it. That’s the mantra behind both consumer and enterprise carbon accounting initiatives. But to measure their eco-footprint, individuals often must share details about their lifestyles — everything from how often they run their heat or how much water they consume […]

To manage it, you must measure it. That’s the mantra behind both consumer and enterprise carbon accounting initiatives. But to measure their eco-footprint, individuals often must share details about their lifestyles — everything from how often they run their heat or how much water they consume to what personal items they purchase — with service providers. Even if some don’t consider such information hugely confidential, storing this information attached to names or other personally identifiable data makes many people uncomfortable.

Following the boom in e-commerce and online social networking, one thing is painfully clear: Digital identities are powerful tools that can do as much harm as good. Identity theft, often perpetrated through online channels, hurts millions of consumers each year. So how can service providers go about creating digital profiles to detail energy consumption without compromising the security and privacy of the sources of the data? Three factors are key: control/ownership of data, data-sharing standards, and anonymity.

Let Users Opt In

Sharing data is essential to the goal of mapping out the energy consumption — or, as AMEE likes to call it, the energy identity — of everyone and everything. To address privacy concerns upfront, companies such as energy management web site WattzOn.com put the control right into the hands of the user, making the sharing of personal data — and how much data they share — an opt-in effort. That seems like a no-brainer. But that’s not the end of the privacy issue. Generally, people who use services such as WattzOn or sites powered by AMEE want to share their consumption patterns.

Once they’ve opted in, users can log back onto the site and update the number of miles they drive each week, or update their profile to reflect the new Energy Star washing machine they just bought. But that’s a pain, and users want it to be easy for them to track the effectiveness of the changes they make to lower their consumption over time. To address that need, WattzOn offers a real-time tracking service. Users can give WattzOn a look-see at their payment statements and utility bills; the software accesses the data and automatically updates the user’s profile. But now, WattzOn has to ensure the privacy and security of this data.

Use Existing Best Practices

WattzOn works with trusted third parties to access the information — it partners with personal finance management site Wesabe to pull pertinent purchasing data from users’ bank and credit card statements and works with participating utilities to access their meter readings. Once it pulls in this data, WattzOn then uses the same types of best practices and data encryption tools that these third parties use to protect the personally identifiable information of their users, according to WattzOn founding partner Raffi Krikorian.

This approach may work for WattzOn and other providers of personal carbon calculators. But AMEE is undertaking a much more ambitious project: calculating the energy consumption of not just people, but of buildings, products and companies. AMEE works in two ways. Individuals can set up their own profile through AMEE’s site directly or through one of its partners. They can add or remove the information at any time. If they choose, they can also have information added automatically through an RSS feed.

Promote Data Anonymization

Whichever path the user joins the service through, AMEE knows the individual through his or her AMEE ID, but does not collect personally identifiable data unless the user offers this up through metadata in the feed. Consumers are made aware of this, and it’s their choice to include this kind of data. AMEE founder Gavin Starks explains that AMEE doesn’t have any interest in linking consumption data with personal data — it doesn’t even store personally identifiable data in its databases. In fact, AMEE makes data privacy and protection a major focus of its efforts.

From its partners — such as Google, the UK government, Dopplr, etc. — AMEE collects records of individuals’ energy consumption. However, AMEE tracks each person’s record using a unique ID that does not link, in AMEE’s databases, with any personally identifiable data. Here’s how: Each partner collects the consumption data on the individuals in its membership base and then uses AMEE’s API to assign a unique ID to each record, using a key that authenticates each ID. Then each partner sends only a list of IDs and their corresponding consumption data to AMEE.

Whether it’s WattzOn’s work with third parties that are using security and encryption tools developed for e-commerce applications, or AMEE’s focus on keeping users anonymous and following the best practices of Internet privacy, these early drivers of carbon accounting initiatives have set a path for data security that others are likely to follow. Why reinvent the wheel when you could just give it a carbon footprint?

  1. [...] Safeguarding Energy Data (Earth2Tech) [...]

    Share
  2. A little off topic but your mentioning of Wesabe reminded me of something that I think is relevant here. Wesabe is the onlypersonal finance site that is following an emerging protocol wherein user data, once made irrelevant by either time or by request, is absolutely wiped from their system. This may not sound interesting on the surface, but consider the fact that many data attacks are perpetrated in off-site storage and non-critical sectors that house data that, though still valuable, is considered less than a priority. By wiping it, they eliminate the risk.

    Share
  3. I forgot to mention, my thoughts on data protection as it relates to the article. Quickly,while I do think users should be allowed to opt-in, this needs to be about transparency. Take Facebook for example, they actually have pretty decent security options, but few use them because they are buried in menus and sub-menus.

    Share

Comments have been disabled for this post