The smart grid is an advanced metering infrastructure made up of
"smart meters" capable of recording detailed and
near-real time data on consumer electricity usage. That data would
then be sent to utilities through a wireless communications
network. In recent years, utilities have increased the pace of
smart meter deployment—smart meters are expected to be on
65 million homes by 2015. A smart grid could deliver electricity
more efficiently and would enable consumers to track and adjust
their energy usage in real time through a home display. But these
new capabilities also implicate new privacy concerns.
While conventional meters only measure a consumer's total
electricity usage, smart meters record detailed electricity usage
as often as once every 15 seconds, and the resulting usage profiles
make it possible to identify which appliances a consumer is using
at a particular time. Additionally, proprietary business
information might be revealed through energy consumption data of
non-residential customers. As the smart meter technology develops
and the usage data grows, the data could become valuable to third
parties, creating a new market for energy usage data.
The new data-collection capabilities of a smart grid have caught
the attention of privacy advocates and the government. To date,
California is the only state with laws directly applicable to data
tracked by smart meters. Investor-owned utilities in California are
prohibited from selling usage data for any purpose and from sharing
the usage data without the customer's consent. In Michigan,
utilities are deploying smart meters while the Michigan Public
Service Commission simultaneously conducts an investigation into
the health, cost, and privacy implications of smart meters. The
Commission plans to develop appropriate recommendations by July
2012.
Application of federal privacy laws to the smart grid is still
an open question, but regulatory efforts will likely increase as
deployment of smart grid technology continues. The first legal
battleground is in the Fourth Amendment context. A complaint filed
in the Northern District of Illinois late last year alleges a
city's smart meter installation program violates citizens'
Fourth Amendment right to privacy and freedom from unreasonable
searches. The case is ongoing and likely will not be decided for
some time, but it will be the first decision by a court on the
privacy implications of the smart grid.
While there are no federal statutes or regulations directly
applicable to smart grid technologies, the National Institute of Standards and
Technology, the Department of Energy, and the Congressional Research Service, have each
issued reports on the smart grid. The reports note that some
existing federal statutes may apply to smart grid privacy issues.
If transmitting electric usage data over the smart grid constitutes
electronic communications, the Electronic Communications Privacy
Act would limit government interception of the communications.
Similarly, the Stored Communications Act would prohibit
unauthorized persons from accessing stored electronic
communications. Finally, the Computer Fraud and Abuse Act might
apply to prohibit the unauthorized access of computerized
information used in interstate commerce.
The federal reports also note that the FTC likely has
jurisdiction over investor-owned utilities and could bring
enforcement actions for deceptive acts and unfair practices, which
include failure to comply with the utility's own privacy policy
and failure to safeguard data from well-known technology
threats.
Finaly, the federal reports detail some guidelines that
utilities should keep in mind as they deploy smart grid
technology:
Appoint personnel responsible for data security and
privacy.
Regularly audit privacy procedures.
Establish procedures for law enforcement data requests.
Provide notice to consumers in advance of collection and use of
energy use data.
Aggregate and anonymize data in a way that personal information
or activities cannot be determined.
Keep personal information only as long as necessary to
accomplish the purpose for which it was collected.
Allow individuals access to their personal energy data to
correct inaccuracies.
In the end, education, outreach, and transparency in this area
are key, for a successful smart grid requires consumer
participation and cooperation.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
Specific Questions relating to this article should be addressed directly to the author.
The 2010 theft of an unencrypted laptop containing confidential health care information made front-page news in 2013, not because a huge number of patients were affected, but for the exact opposite reason.
Entities regulated by the Securities and Exchange Commission, such as broker-dealers and investment advisers, and entities regulated by the Commodity and Futures Trade Commission, such as futures commodity merchants, commodity trading advisers and commodity pool operators will be required to join the party.
On April 22 Verizon released its 2013 Data Breach Investigations Report (DBIR), which has since 2008 become a leading annual survey of data breaches, with participants across the globe.
My children often use my iPhone to ask Siri the most bizarre questions. No matter what the question, however, Siri always seems to have an immediate answer.
If you got Google, Facebook and Microsoft into a room and asked them to compile a list of things that they are most afraid of, that list would probably look something like this...
A discussion on a case where a perpetrator ran off with a safe and the store's backup disk including confidential information relating to prescriptions, names, addresses and medications.
Twitter
Facebook
Digg 
