The US Department of Energy (DoE) is betting on a voluntary set of standards to guide privacy practices within the smart grid industry.
Earlier this month, the Department publicly released for comment a draft Voluntary Code of Conduct listing a set of privacy recommendations for smart grid owners, operators, and other third parties.
Industry stakeholders have until October 14 to comment on the guidelines and offer their own recommendations for improving them. The DoE will consider the recommended changes, incorporate them as needed, and release a final privacy code of conduct for the smart grid sometime next year.
The draft standard is designed to address the rampant privacy concerns spawned by the proliferation of smart grid technologies in the US in recent years. It touches upon five broad areas of concern, including consumer notice and awareness, customer choice and consent, and complaint resolution and redress.
[Want to know the real risks? Read Shellshock Bug: 6 Key Facts.]
The document reflects what the DoE says is the consensus within the industry that the federal government should facilitate the development of a data privacy framework, but not mandate any rules.
The smart grid is rapidly transforming the manner in which electricity is distributed, delivered, and consumed in the country. Smart grids basically employ two-way digital communication technologies at various points on the grid to manage power transmission and delivery. The goal of such automation is to give utilities better data for managing and controlling all aspects of the grid.
Smart meters have been the most visible aspect of the transformation for most consumers. Smart meters allow utility companies to remotely measure and capture detailed information on household energy consumption habits so they can optimize delivery and pricing models. Many smart meters are wireless-enabled and let utility companies capture usage data in near real-time.
At the end of 2012, some 530 utility companies had installed more than 43 million smart meters in US homes and businesses, according to the US Energy Information Administration. More than 38 million of these were residential installations, while businesses accounted for the rest.
The rapid proliferation of the technology has spawned myriad privacy concerns. Many are afraid that the information gathered by smart meters will give utility companies and third parties with access to the data a highly detailed profile of the activities of individual households. Over time, for instance, smart meters will allow utilities to know what appliances are turned on or turned off, when a computer is being charged, when the dishwasher is being used, when a light has been left on for too long, or when a house is empty.
Privacy advocates fear that the growing adoption of smart appliances, such as smart thermostats and lighting systems, will enable even more granular data collection from inside homes and reveal minute details of the daily routines of a household. At least eight states have implemented laws governing third-party access to such data, according to an August report on the smart grid by the DoE.
The DoE, along with the Federal Smart Grid Task Force, has been working with industry stakeholders over the past two years to address such concerns. They have put in place a multi-stakeholder process to identify potential smart grid privacy issues and develop legally enforceable standards for addressing them.
The draft voluntary code of conduct that is now available for public review and comment is the result of that collaboration. The purpose of the document is to provide privacy guidelines for smart grid owners, operators, and third parties to adopt voluntarily.
The recommendations cover several of the issues that have been raised by privacy advocates and the DoE. For instance, the guidelines list the measures that utility companies should take to properly inform consumers about their privacy rights and about exactly what data is being collected, how it is being collected, why it is being collected, and how it will be used. It also includes provisions on data sharing, consumer consent, opt-in and opt-out procedures, complaint resolution, and consumer access to their own data.
What will you use for your big data platform? A high-scale relational database? NoSQL database? Hadoop? Event-processing technology? One size doesn't fit all. Here's how to decide. Get the new Pick Your Platform For Big Data issue of InformationWeek Tech Digest today. (Free registration required.)Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio