Skip to Content

Privacy & Data

Who “Owns” Smart Grid Data Is Not the Right Question

Aaron Burstein is a research fellow at the School of Information at UC Berkeley. He writes here about the comments he recently drafted and filed for himself, CDT, and UC Berkeley professor Deirdre Mulligan.

The Smart Grid promises to reform the way electricity is consumed and billed, with potential savings in cost and environmental impact. At the same time, however, the Smart Grid is premised on the collection of very detailed information about home energy usage, posing obvious privacy concerns. CDT has been very active in recent months, urging policymakers and regulators to develop comprehensive privacy guidelines.

Most recently, on March 7, CDT, Prof. Deirdre Mulligan and I filed comments with the National Institute of Standards and Technology and the White House's Office of Science and Technology Policy, which had solicited public input about who "owns" the detailed energy usage data that smart meters will record and transmit, and under what circumstances third parties should be able to access that information.
 
The OSTP/NIST request comes at a time of rapid Smart Grid deployment and policy development. NIST has already published a Smart Grid Interoperability Roadmap and is finalizing a set of Smart Grid cybersecurity requirements. The Department of Energy has awarded more than $600 million to fund Smart Grid demonstration projects. And utilities in California, Texas, and other states are in the midst of deploying residential smart meters, which are a keystone in the vision of allowing consumers to manage their energy use.
 
In these latest comments, we noted the urgent need for robust and comprehensive principles for Smart Grid data. Addressing privacy concerns now will allow privacy protections to be built into technologies and business practices, a less costly and more effective route than adding them later on. In response to a question from NIST and OSTP, we stated that utility customers should "own" the data about their energy usage, but we cautioned that the assigning "ownership" does not resolve the privacy issues or provide a workable set of rules to govern data usage.
 
Specifically, we urged NIST and OSTP to develop and promote privacy guidelines based on a full set of Fair Information Practice principles (FIPs). CDT's previous comments to NIST on Smart Grid privacy issues provided a more detailed discussion of applying the FIPs to the Smart Grid. The FIPs address transparency, data minimization, security, consumer access and a range of other issues. Developing these principles at the federal level will provide consumers as well as state utility commissions, utilities, and technology firms a consistent set of guidelines to use when developing, assessing, and deciding whether to adopt Smart Grid technologies.