Friday, November 20, 2009

CPUC Grants Smart Grid Hearings on Privacy

As those that have been reading this blog over the past few months probably know, I've been delving into the privacy implications and challenges that a transition to a Smart Grid system poses quite a bit.

As such, rather than retread through everything I've already written on the subject, you can check out past posts from earliest to latest, here, here and here.

I also want to update everybody, before I get to a new, very thorough article in Computerworld on this subject, on the good news coming out of the California Public Utilities Commission.

As the PUC has been deliberating on what the ideal regulatory framework for a smart grid system in our state might be, the Consumer Federation of California (CFC) joined with TURN in urging for a more comprehensive review and debate regarding the privacy challenges and implications such a system poses by holding separate hearings on the subject.

I'm pleased to report that the PUC has indeed agreed to hold these hearings. Essentially, the Commission came to the conclusion that to properly address privacy and confidentiality issues more review was necessary, and that workshops will be held and comments will be accepted.

Specifically, the Commission honed in on issues related to what kind of access should third parties have to consumer data, how confidential will that data be, and what security precautions will there be for massive amounts of personal information that such as system will store?

We (CFC) will now be seeking out additional participation and expertise from our privacy advocate friends in the coming weeks and months.

Now, for a little more backdrop on Smart Grid: As I mentioned months ago, the transition to a "Smart Grid" system has been trumpeted by former Vice President Al Gore, and started gaining serious traction once President Obama announced his plan to overhaul U.S. infrastructure - including construction of a nationwide "smart grid" that promises to help address many of our current energy challenges.

According to Obama (and other environmental experts), the plan offers the hope that it "will save us money, protect our power sources from blackout or attack, and deliver clean, alternative forms of energy to every corner of our nation." What is especially interesting about this topic - to me anyway - stems from my past work as an environmental advocate versus my current work on privacy related issues.

As some of you may have gathered, there are some issues in which these two interests - privacy and environment - clash (all be it more "gently" than other more typical oppositional interests). The good news is there is no real need for such a clash to occur, as the real "conflict" will much more likely be between those that want to protect our privacy and right to control our own data, and those that want to profit off buying and selling it (as well as the Government and the law's desire to access).

Before I get to the article today, I want to really lay out, in detail, what exactly a Smart Grid is, and why it threatens privacy in a myriad of ways.

The Electronic Privacy Information Center (EPIC) is providing a lot of very useful information on the topic, so let's begin there. Here's EPIC's definition of a Smart Grid system, who stands to benefit from and why:

The term "Smart Grid" encompasses a host of inter-related technologies rapidly moving into public use to reduce or better manage electricity consumption. Smart grid systems may be designed to allow electricity service providers, users, or third party electricity usage management service providers to monitor and control electricity use. The electricity service providers may view a smart grid system as a way to precisely locate power outages or other problems so that technicians can be dispatched to mitigate problems.

Pro-environment policymakers may view a smart grid as key to protecting the nation's investment in the future as the world moves toward renewable energy. Another view of smart grid systems is that it would support law enforcement by making it easier to identify, track, and manage information or technology that is associated with people, places, or things involved in an investigations.

National security and defense supporters may see the efficient and exacting ability of smart grid systems to manage and redirect the flow of electricity across large areas as critical to assuring resources for their use. Marketers may view smart grid systems as another opportunity to learn more about consumers and how they use the items they purchase. Finally, consumers, if given control over some smart grid features, may see smart grid systems as tools to assist them in making better informed decisions regarding their energy consumption.

Smart meter technology is the first remote communication device designed for smart grid application. These meters have moved into the marketplace and are poised to change how data on home or office consumption of electricity is collected by service providers. Additional changes that smart grid systems may bring are not limited to meters but extend to monitoring other devices, e.g. washing machines, hot water heaters, pool pumps, entertainment centers, lighting fixtures, and heating and cooling systems.

Consuming electricity will take on new meaning in the context of privacy rights. A smart grid pilot project in Fayetteville, NC reports that it can manage over 250 devices in customers homes. The system would be able to selectively reduce demand among its 80,000 customers by turning off devices in homes that are part of the smart grid program.

As I wrote in a past post as well, the paradox of a smart grid system is that what will ostensibly make it an effective tool in reducing energy usage - information - is precisely what makes it a threat to privacy: Information (ours).’

With all that said, here's a few questions we should all be asking: How much information should you give up to the grid? Who gets access to that information and why? How long does that information remain in a database? And how do we protect it?

EPIC lists the potential privacy consequences of a Smart Grid:

Identity Theft
Determine Personal Behavior Patterns
Determine Specific Appliances Used
Perform Real-Time Surveillance
Reveal Activities Through Residual Data
Targeted Home Invasions (latch key children, elderly, etc.)
Provide Accidental Invasions
Activity Censorship
Decisions and Actions Based Upon Inaccurate Data
Unwanted Publicity and Embarrassment
Tracking Behavior Of Renters/Leasers
Behavior Tracking (possible combination with Personal Behavior Patterns)
Public Aggregated Searches Revealing Individual Behavior

With that, let's get to the article in Computerworld entitled "Will the smart grid protect consumer privacy?" Jay Cline, a former chief privacy officer at a Fortune 500 company and now president of Minnesota Privacy Consultants, writes:

This outlet-specific control will remind us that power companies will be receiving a lot of data about us -- when we come and go, what kinds of appliances are plugged in and how much of our energy use could be classified as waste. There will perhaps be no richer profile of who we and our families are.

That data profile will only become richer with the introduction of smart appliances. These remotely programmable appliances will be able to track, record and optimize usage and send data to each other. And quite possibly, their data could feed back to the power company.


So it's possible that your power company could become your Internet service provider; know your daily rhythm, carbon footprint, eating and medicine habits, and relative income level; and be able to micromanage your outlets. Just about every appliance maker, manufacturer, clinical-research organization and service provider is going to be knocking on the door of your power company to buy this data.

Landlords may also be very interested in keeping tabs on what's happening inside their properties. Litigants, law-enforcement entities and defense agencies are also certainly going to be pursuing this data on a regular basis.

Privacy consultant Rebecca Herold, writing in the September 2009 document by the National Institute of Standards and Technology (NIST),
Smart Grid Cyber Security Strategy and Requirements, outlined the key privacy risks needing to be managed by smart-grid operators. Among them:

Personal profiling -- Accumulating massive data files on people that eventually become used for purposes beyond delivering them energy.
Identity theft and home invasions -- Not sufficiently protecting these rich data profiles from criminals who could harm individual consumers.
Activity censorship -- Determining what energy uses are not acceptable or should be taxed at a higher rate.
Decisions based on inaccurate data -- Turning off power to an outlet that is providing a health-sustaining appliance or device, or providing inaccurate data to credit-reporting agencies and government agencies.


What kind of privacy requirements should they be building into the smart grid? I think the seven Safe Harbor privacy principles point the way. Here they are, applied to the smart-grid world:

Notice. Prior to hooking up a smart meter, give consumers a detailed privacy notice that lists all the potential data that will be collected, all the potential uses, all the potential parties who could get access to it, and how long the power company will retain this information.

Choice. Obtain opt-in consent from consumers for any collection and use of their data that is not strictly required to provide and bill for energy service.

Access. Give consumers the ability to review all of the data that has been collected about them.

Data integrity. Give consumers a way to correct mistakes in their data, especially regarding outlets and appliances that, if turned off, could harm them.

Security. Certify against the NIST standards for smart-grid security.

Onward transfer. Hold business partners and service providers who may access consumer data contractually accountable to these same terms. If consumer data has been subpoenaed, immediately notify affected consumers so that they can exercise their rights.

Enforcement. Maintain an independent dispute-resolution process of the likes managed by Truste to expediently resolve consumer-privacy complaints. Regularly conduct privacy and security audits and report the findings to the appropriate regulator.

Click here to read the article in its entirety.

To be sure, the article by Cline is one of the most comprehensive to date, at least in terms of explaining how the system works, and how it might evolve. The privacy protections laid out, while useful, require a lot more detail, and that, no doubt, will be the challenge for privacy advocates in the upcoming hearings held by the CPUC.

In the case of the "Smart Grid", we must move beyond and "either or" scenario (i.e. environment v privacy, efficiency v. privacy), and embrace a thorough, thoughtful and deliberative public policy process that in the end, must include ironclad, "opt-in" privacy protections along with the kinds of smart, efficient, and sustainable environmental benefits nearly everyone agrees should also accompany such a system.

Again, the privacy implications should not be taken lightly, as Bob Sullivan, who covers Internet scams and consumer fraud for, explains:

...others see a darker side. Utility companies...might sell this information to marketing companies -- perhaps a travel agency will send brochures right when the family vacation is about to arrive. Law enforcement officials might use this information against us ("Where were you last night? Home watching TV? That's not what the power company says … ”).

Divorce lawyers could subpoena the data ("You say you're a good parent, but your children are forced to sleep in 61-degree rooms. For shame ...").

A credit bureau or insurance company could penalize you because your energy use patterns are similar to those of other troublesome consumers. Or criminals could spy the data, then plan home burglaries with fine-tuned accuracy.

Space-aged visions of talking appliances may seem farfetched. They're not. Data creep will inevitably happen. Already, some consumers are getting statements that compare their use to neighbors' usage -- and "overusage" premium pricing isn't far behind. But what if the comparisons aren't fair? Most families would want to be compared to similar families -- how much power do three teen-ager daughter households use?

And perhaps even more to the point, Susan L. Lyon, who has an has extensive background representing multinational companies on privacy, data security, online safety and Internet laws, breaks down the Constitutional ramifications:

"The nature of the smart grid requires ubiquitous deployment of monitoring technology in every home it touches. The impact of this is significant considering that privacy of the home is such an important value in our society that its protection is guaranteed in the U.S. Bill of Rights, "The right of the people to be secure in their...houses...shall not be violated." So while the benefits of a unified national smart grid system are very clear to most, as with any technology, the systems that provide these societal benefits and the policies that shape them should be designed to account for the privacy concerns of the individuals they serve."

For an excellent case study of what we may have in store in California, I suggest you take a look at what's been going on in Colorado. The state public utility commission there was convinced by Elias Quinn CEES, Uni. Colorado Law School, and author of "Privacy and the New Energy Infrastructure", to hold separate hearings dealing with privacy concerns related to the smart grid. His paper provides detailed analysis of each privacy related component of a Smart Grid system and specific policy proposals designed to address them.

Come back here for more coverage of this issue as it plays out in the California Public Utilities Commission.


Jack Ellis said...

While I cannot completely discount any of the privacy concerns outlined in this article, I do think they're a bit overblown. Electric usage data does reveal certain patterns that might be useful to criminals, but it's pretty useless to most marketers. Moreover, I doubt we will see utilities controlling individual outlets - it's too difficult and not worth the expense and effort. Those who collect and/or have access to the data should clearly not be allowed to sell it or use it for other than specific purposes.

Of course, the same automation technologies that will be required to make the smart grid work could be put to equally good use thwarting certain kinds of criminal intent.

ZJK said...

Hey Jack. I appreciate your comments and don't take them lightly. One of the challenges for privacy advocates is to foresee and predict worst possible scenarios, and then get involved in the process or implementation of policy early enough to ensure our concerns ARE in fact overblown. In other words, I don't necessarily believe that all the concerns i listed will or will not come to pass, but what I do know, is without the proper safeguards and precautions put in place to protect privacy, there are bound to be violations. And, its always harder to go back and fix such things than it is to establish certain principles on the front end. So, when you actually consider what we are arguing before the PUC, you'll see that we are not against the Smart Grid at all, nor are we advocating burdensome regulations that will harm the system, just some very basic principles and safeguards...namely, the right of the consumer to have control over his/her information. You'd be surprised how many interests try and subvert even these basic concepts.