Tuesday, November 17, 2009
Toronto Star Nov 17 2009
Your smart meter is watching
Technology's ability to reveal intimate details makes useful conservation tool a threat to privacy
A smart meter could reveal whether a home alarm system was engaged.
North America's electrical grid is one of the greatest technological achievements of the 20th century. However, at the time of its design, the main goal was to make sure the lights stayed on, with no serious thought to energy efficiency, environmental conservation, alternative energy sources, consumer-tailored choices, or cyber security. But times have changed, and today the grid offers a virtual window into your home – providing granular levels of information such as when you cook or shower, and for how long.
The information and communications technology revolution has changed our society in profound ways and these new technologies are being used to make the current electrical grid "smarter," commonly referred to as the "smart grid." But this is not the future. The deployment of smart meters in Ontario homes is already widespread, and the Ontario government has committed to installing this technology in all homes and small businesses by the end of 2010. President Barack Obama's infusion of $3.4 billion (U.S.) to build the smart grid is greatly accelerating the delivery of the program across the U.S.
Smart meters record and report electricity consumption on an hourly basis – even at the appliance level. Consumers can access their meter data and make individual choices about their energy use, benefitting by taking advantage of future rates.
While this technology is clearly beneficial in terms of valuable efforts to curb greenhouse gas emissions and reduce consumers' energy bills, it will also give rise to a new challenge – privacy protection. Privacy is the smart grid's sleeper issue. Whenever technology is utilized that targets individual consumers, there is invariably a dramatic increase in the amount of personally identifiable information that is collected and stored, leading to very real concerns regarding privacy. This is why we need to bake privacy into the smart grid at the design stage – known as "privacy by design" – a concept developed to ensure the protection of privacy by making privacy the default in the design of new technologies and business practices.
We must take great care not to sacrifice consumer privacy amid an atmosphere of unbridled enthusiasm for electricity reform. But we need not forfeit one for the other in a zero-sum manner; we can adopt a positive-sum approach, where both interests may prevail.
Information proliferation, lax controls and insufficient oversight of this information could lead to unprecedented invasions of consumer privacy. Intimate details of individual hydro customers' habits, from when they eat, when they shower, to when they go to bed, plus such security issues as whether they have an alarm system engaged, could all be discerned by the data, automatically fed by appliances and other devices, to the companies providing electric power to our homes.
These concerns, however, are not meant to scare us away from the value of monitoring electrical usage data on the grid – giving consumers more control over their electricity usage and giving electricity providers the ability to manage demand requirements – what we need to embrace is the idea that the dissemination of personal information must be done in a privacy protective and transparent manner.
That is why – along with co-author Christopher Wolf – we are releasing a white paper today,SmartPrivacy for the Smart Grid: Embedding Privacy in the Design of Electricity Conservation, which not only emphasizes the necessity of building privacy into the smart grid, but also provides guidance as to what concrete steps can be taken.
For example, data minimization is key: only the minimal amount of personally identifiable information should be provided, based on the nature of the relevant service, such as the first three digits of a postal code, which may be sufficient for services that allow for comparison of neighbourhood averages and other features such as regional electrical usage.
In addition, when an electrical utility company is sharing data with a third-party service provider, a pseudonym, such as a unique ID number, may be utilized instead of a customer's name or some other piece of information that can identify the individual. Further, third-party service providers should enter into contractual agreements not to correlate consumer data with data obtained from other sources, without the consent of the consumer. These are only a few of the steps that may be taken to ensure privacy protection on the smart grid.
The time for action is now, before the smart grid becomes a fully established part of our infrastructure. We cannot allow privacy to become the Achilles heel of this new method of energy management. The information collected on the smart grid will form a large and complex library of personal information, the mishandling of which could be highly invasive of personal privacy. There will be major concerns if consumer-focused principles of transparency and control are not treated as essential design principles. Both public and private sector organizations responsible for the processing of customers' personal information on the smart grid must ensure that privacy is embedded into the design of the smart grid, from start to finish – end-to-end.
If we give consumers assurances that their privacy is protected, we can then ensure consumer confidence and trust, which will allow for the widespread acceptance of the smart grid, in turn contributing to the overall goal of using energy in more efficient and environmentally friendly ways. We cannot and need not sacrifice privacy for energy efficiency. We can have both privacy and a fully functioning smart grid. A positive sum (win-win) outcome for all – electrical utility providers, consumers, the environment and privacy – is there for the asking.