Blog Post

Smart Grid Data: Too Much For Privacy, Not Enough For Innovation?

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

When it comes to smart grid data, how much is enough — and how much is too much? That question could pit the IT industry’s hopes to use smart grid data to help people save energy — and make money — against customer privacy and data security advocates worried that the same data could be abused by everyone from criminals to the government. Utilities, regulators and consumers could well be caught in the middle of that argument.

That’s the gist of a discussion last week about smart grid privacy at the California Public Utilities Commission, which is forming policies for how the state’s utilities implement smart grid systems. One of the issues that the CPUC is tackling is how utilities should be required to deliver power usage and pricing data to smart meter-enabled customers. But beyond the technical and cost questions, there’s the looming question of what to do with the data in order to protect utility customers from having their information used against them.

Less Data?

One way to do that is “data minimization,” said Jim Dempsey, Vice President of Public Policy for the Center for Democracy & Technology, which advocates for open Internet policies. In other words, only collect the data you need for specific goals, and keep it for as short a time as possible, to avoid the chances for it being lost or misused.

This and other concepts are part of a broader set of “Fair Information Practice Principles” that Dempsey would like both federal and state smart grid plans to adopt. The National Institute of Standards (NIST), the federal agency putting together a national smart grid plan has said security and privacy is a key concern as well. “These are the questions you have to ask yourself — what information are you collecting, how long will you store it, who will you share it with?” Dempsey said Friday.

But that push to minimize data could fly in contrast to the idea of an open energy information world, in which third parties can develop new tools to help consumers save energy. Both Google (s GOOG) and Microsoft (s MSFT) are working on opening their home energy management systems to third party developers and a host of startups are working on devices and software that will interact with smart grid data.

Privacy Management

Certain utility customer data used inappropriate ways could lead to that data playing a part in “discriminatory, anti-competitive or illegal uses,” said Karin Hieta, a staff analyst for the Division of Ratepayers Advocates, a state agency. Numerous consumer protection and privacy groups have raised their concerns about potential abuses, such as letting burglars see when household power is off to choose which homes to rob, law enforcement agencies spying on people’s household activities without warrants, or marketers getting ahold of appliance usage data to make unwanted targeted sales pitches.

But setting very specific management and protocols for all sensitive data could help avoid such an unfortunate scenario. Ed Lu, the former astronaut in charge of Google’s PowerMeter program, reiterated Google’s rules in dealing with data in his Friday presentation at the CPUC. First, the customer owns the data and has control over who has access to it, he said. Second, they “know who that data has been shared with,” and third, they can opt out at any time, and can have their data completely erased — “It may take a few minutes, because we back up the data, but we will remove every last bit of it,” he said.

Google is a well-known company and has faced the issue of privacy and data numerous times throughout the years. But what about a third party startup that nobody’s heard of? That raises the question of how to oversee, audit and enforce utility customer data information privacy policies across the board.

Of particular concern is how to keep third parties from turning around and selling that data to fourth, fifth and even more parties down the line, Hieta said. Because the CPUC doesn’t regulate those third parties, it has to use the authority it has over utilities to impose its privacy and security goals, perhaps by requiring any third party to sign a contract with the utility it gets data from, she said.

That might not sit well with utilities. Paul De Martini, Southern California Edison’s vice president of advanced technology, gave a presentation to the CPUC on Friday with a slide that made it clear that SCE would prefer that “utilities have no obligation to monitor, supervise or control” how third parties deal with data customers have approved them to use. Utilities don’t want to be forced to act an an IT firm.

Careful Balance

Just how these kinds of restrictions might be seen by third parties is still an open question. So is the matter of how they might react to the idea that data should be restricted to specific, known purposes, rather than being collected in a wider net in the hopes that future applications will find uses for them. “You have to balance the social need for giving people more tools to conserve energy with all these other needs,” said Michael Terrell, Google’s policy counsel.

Giving consumers as much control as possible over which data they authorize for utilities and third parties to use, as well as informing them as clearly as possible about what’s being done with it, was a common theme during Friday’s discussion. Just how the CPUC will balance these concerns against its desire to put smart grid data to practical use as quickly as possible will be an interesting topic to follow as it develops its energy policy over the coming months.

While federal efforts on this issue are also underway, “There’s no need to wait here for the federal government to act on this question,” Dempsey said. At the national level, US Rep. Edward Markey this week introduced a bill, the Electricity Consumers’ Right to Know Act (or e-KNOW), that would mandate giving Americans “free, timely and secure data about their electricity prices and usage patterns” as part of the National Broadband Plan released by the Federal Communications Commission last week.

But Dempsey said he didn’t believe the e-KNOW bill addresses privacy concerns effectively — and noted that California’s state privacy laws have tended to be more protective of consumers than federal laws.

For more related research check out GigaOM Pro (subscription required):

Smart Meter Security: Not Up To Par

The Developer’s Guide to Home Energy Management Apps

Who Owns Your Data in the Cloud?

Image courtesy of woodleywonderworks ‘ photostream Flickr Creative Commons.

11 Responses to “Smart Grid Data: Too Much For Privacy, Not Enough For Innovation?”

  1. Jon Husen

    I’m going to speak from the side of the utilities:
    Utilities currently have trending data on energy usage. This shouldn’t be a surprise to anyone. This data is used to determine energy purchasing requirements and to monitor power quality. However, the data collected is limited to what we can read from the feeders within a substation. With smart components on the grid, the utilities will be able to see the loads on each line and better monitor power quality and plan future upgrades. Like commented above, this will result in better power quality/reliability for the customer.

    I agree with De Martini of SCE that utilities should not be the intermediaries of energy usage information to third parties. Utilities use this information to better serve its customers and operate more efficiently. If utilities are required to provide this data to third parties, they will need a dedicated IT department to deal with security issues as well as network management; this results in additional costs passed on to the consumer. Because consumers own their usage data, it should be their prerogative to give the information to the third party. In-home displays with wifi capabilities will enable consumers to do this if they wish. This way each consumer has direct control of who gets their information.

  2. From one of the ignorant people:
    After one observes for some while, it is apparent that all technology wields a double-edge. With the advent of pervasive connectivity and databases capable of being mined for patterns, quite a bit can be inferred from other ignorant people from the aggregated data. It is incumbent on the users to achieve their goals and on the public to defend against undesirable and intrusive use of the same data by other ignorant people.

  3. I appreciate the “less data” section. According to my experience there is a lot data stored and never of any use. People should be thinking about what data they really need instead of just collecting whatever possible.

  4. Most people here know that the smart grid is a good thing, it will save money and reduce blackouts and pollution. Sadly I see it being railroaded by the ignorants, I am waiting for it to be halted by Fox News and their ilk spreading lies. Why is it when someone has a good idea or a new technology we also have to have it stopped or run down by ignorant people???