Francoise Gilbert
On October 5, 2010, the US Department of Energy (DoE) issued two important reports that outline recommendations for the use of Smart Grid technologies. One of the reports focuses on the protection of personal data that will be collected through Smart Grid meters, the other addresses communications requirements. Both reports were issued after consultation with the utilities, consumer advocates, and telecommunications companies.
The 65 page DoE report on Data Access and Privacy Issues Related to Smart Grid Technologies recommends that detailed energy consumption information that is collected through the use of Smart Grid technologies be accorded privacy protections that are similar to the protections that are granted to other categories of personal data.
The DoE report outlines privacy rights and protection that are very similar to that which are found in the seminal documents that define privacy rights, such as the US Fair Information Principles, the OECD Privacy Guidelines, or the EU Data Protection Directive. For example, the DoE Report recommends that residential and commercial consumers should be able to access their own energy consumption data.
The DoE report contemplates that third parties will be involved and will provide services that exploit the data collected by the Smart Grid technologies. As a result, it recommends that consumers should have the right to decide whether to grant access to third parties. The DoE points out that it would be important to define the conditions under which consumers can authorize access to their information by third-parties. Suggestions include a prohibition on disclosure of consumer data to third parties in the absence of an opt-in, i.e., affirmative consent by a consumer.
Further, the authorization should specify the purposes for which the third party is authorized to use the data, the term of the authorization, and the means for withdrawing an authorization. In addition, authorized third parties should be required to protect the privacy and security of consumer data and to use the data only for the purposes specified in the authorization. The DoE recommends that the States should define the circumstances, conditions, and data that utilities may disclose to third parties.
The DoE report is especially concerned about ensuring that consumers understand the purposes and uses of Smart Grid technologies. It recommends that consumer be educated about the benefits of Smart Grid and the use of Smart Grid technologies. Special attention should be placed on certain populations, such as rural, low-income, minority and elderly populations, in order to ensure their access to information. In order to ensure successful implementation of the technologies, the DoE recommends that the pace of deployment of smart grid technologies do not outpace consumer education.
The DoE report identifies a number of issues for which more analysis and consultation is to be done in order to reach some consensus. These issues include the specific data that utilities should be required to disclose to authorized third parties, and how utility liability could be limited when utilities are required to disclose data to authorized third parties. Other issues that are not yet resolved include the applicable complaint procedures once third-party access has been authorized, whether third parties should be certified, whether utilities could charge a fee for providing third-party access to consumer energy data, and whether service providers should be required to obtain further informed consent before disclosing such data.
While the use of Smart Grid technologies bring new prospects for a wide variety of service providers, companies interested in exploring the Smart Grid data market should be aware of the multiple restrictions that are likely to be attached to the use, disclosure, sharing and protection of these data.
Copy of the DoE report Data Access and Privacy Issues Related to Smart Grid Technologies available at http://www.gc.energy.gov/documents/Broadband_Report_Data_Privacy_10_5.pdf.