UK.gov: Firms can't fondle your smart meter privates...
...Unless you want them to
Third-party companies will not be able to access data recorded in consumers' smart meters unless consumers choose to let them see it, the Government has said.
The Department of Energy and Climate Change (DECC) said consumers should be able to control who accesses their smart meter consumption data other than in select circumstances. It said consumers could share the information with "switching sites" or "energy services companies" in order to obtain better tariffs.
"Consumers should be able easily to access their own smart metering energy consumption data, and share it with third parties, should they choose to," DECC said in its consultation (97-page/582KB PDF) on data access and privacy for its smart meter implementation programme. "This will enable consumers to use their data to reduce energy consumption and save money on bills."
"Research highlights that consumers are increasingly aware that their personal data has a commercial value, that they want to have control over such data, and that they would consider sharing their data if it is clear that they will derive benefit from this," it said.
Safeguards will be put in place to verify the identity of the person where permission has been given to third parties to access the consumption data from the Data and Communications Company (DCC). The DCC is to be established to provide communication services to and from smart meters.
"Where consumers give third parties permission to access their energy consumption data remotely via the Data and Communications Company (DCC), the Government proposes that arrangements should be put in place to protect consumers," DECC said. "In particular, the Government is proposing to use the Smart Energy Code to ensure that third parties take steps to verify that the request for third party services has come from the individual living in the premises in question; properly obtain consent from consumers to access their data; and provide annual reminders to consumers about the data that is being collected."
Under the DECC plans energy suppliers will be able to access monthly energy consumption data in order to bill customers or in order to fulfil "any statutory requirement or licence obligation" without having to ask customers' permission. The suppliers will also have access to daily energy consumption data "for any purpose except marketing" but there must be a "clear opportunity" for consumers to opt-out of that collection, it said.
Smart metering technology is due to be installed across the UK from 2014 with every UK household expected to have the technology by 2019. DECC has estimated that the programme, which will involve replacing around 53 million existing gas and electricity meters, will cost approximately £11.7 billion.
Smart metering enables a two-way flow of information that can deliver real-time information about energy consumption and demand for energy to suppliers and network operators. The Government has said smart metering will help to slash unnecessary energy use, reduce emissions and cut consumers' energy bills.
DECC said that suppliers would generally not be allowed to access customers' "half-hourly energy consumption data, or to use energy consumption data for marketing purposes" without obtaining those individuals' "explicit (opt-in) consent"
"There would be some exceptions to this basic framework, for example to allow half-hourly energy consumption data to be used for the purposes of approved trials, provided that the consumer had the opportunity to opt out of the trial," it said.
The DECC has in principle agreed that energy distribution network operators can have access to half-hourly energy consumption data so that those operators can develop and maintain "efficient, co-ordinated and economical systems for the distribution of electricity and gas". However, the plans are subject to the approval of proposals the operators are due to draft over how this data could be "aggregated" in order to prevent individual household data from be identified.
"Before giving such access to network operators, the Government is proposing that they should be required to develop and submit for approval plans detailing how privacy concerns would be addressed and what the data would be used for," DECC said. "The Government is seeking views on what the arrangements should be in circumstances where network operators have not submitted such plans or they have not been approved. One option would be to apply the same basic framework for access to data as applies to suppliers, although the Government recognises that there may be important practical issues with this approach that would need further consideration."
There have been concerns that smart meter data can reveal intrusive details about individuals' lives.
Energy law expert Chris Martin of Pinsent Masons, the law firm behind Out-Law.com, previously said that data collected through smart metering was very granular in nature. He said putting “technical security measures” in place to prevent smart meter data being inappropriately accessed is vital to the successful operation of the technology.
"The data can reveal much about a household, such as the make and model of their TV, the times during which a house is occupied and the number of people staying in a household," Martin said. "This information is useful to energy suppliers but it is also potentially valuable to a whole host of other organisations too."
"Robust technical security measures will need to be in place, not only within the smart metering system, but also on the systems and networks of any third parties who are given the right to access and use smart metering data," he said. "Any specific smart metering privacy and data security requirements implemented by law or regulation in the UK will sit alongside the existing data protection and privacy laws that are administered by the UK Information Commissioner. These laws will apply to the collection and use of data, including personal data, using smart meters."
Ross Anderson, professor in security engineering at the University of Cambridge Computer Laboratory, previously told Out-Law.com that the Government's smart meter plans were "set to become another public sector IT disaster".
Next page: Hack attack threat