CDT Comments to NIST on the "Smart Grid"
The Smart Grid promises great benefits to consumers and the environment. At the same time, it presents new risks to privacy in its enhanced collection and use of highly granular consumption data, which can reveal intimate details about activities within the home. The entrance of new entities and technologies delivering energy services, the speed at which this new infrastructure is being deployed, and the lack of clear governing rules further support the need to address the privacy risks to consumers created by the Smart Grid.
As part of NIST’s work to coordinate the development of a framework for a modernized and interconnected grid, it should develop and recommend strong privacy principles that can be incorporated into standards and technical requirements, and should develop robust, rigorous use cases that illustrate privacy-affecting scenarios in Smart Grid technologies and services, and show how privacy principles can be built into Smart Grid architecture. Creating privacy-protective systems and technologies for the Smart Grid should not require a tradeoff with functionality, but it will require thoughtful design. In adopting a “privacy by design” approach, rather than attempting to tack on privacy at a later point, NIST can support the most effective means of protecting consumer privacy in the Smart Grid, and provide needed guidance to state regulators and industry players.