By Winston Maxwell (Paris) and Marco Berliri (Rome)
The European Union’s Article 29 Working Party published on April 11, 2011 an opinion on smart metering, recommending Privacy by Design, data minimization, and consumer interface options that give customers increased control over their data and privacy settings.
The opinion indicates that most data collected by smart meters will be considered “personal data” under the Data Protection Directive because the data will be associated with a unique identifier such as a meter identification number, which in turn can be linked to a living individual. The opinion states that the “data controller” will in most cases be the energy supplier, but that the grid operator may also be controller, as may be the third party service provider (so-called Energy Service Companies, or ESCOs). As mentioned in the Art 29 WP’s opinion 1/2010 on data controllers and processors, it is not infrequent for there to be more than one controller.
Data collected by smart meters may be processed based on consent, but the opinion warns that consent must be made on a “fully-informed” basis. The Art 29 WP recommends that the household control panel for smart meters include a push button consent option to help consumers exercise their consent options, and change the options over time.
The opinion goes into considerable detail on some issues, commenting for example that a smart meter with a small, text only, user interface would provide consumers with insufficient access to their own data, in particular to load graphs. The opinion also describes how the collection of data from the smart meter should be minimized, for example by keeping load graph data within the smart meter until the data actually needed by the energy supplier. Many of the recommendations resemble existing practices in the telecoms industry for the handling of traffic data and location data. For example, smart meter data should be deleted as soon as they are no longer needed. Controllers should develop written policies on data retention and evaluate each purpose for which smart data are needed and ensure that only the minimum data necessary for that purpose are retained, while other data are deleted. For example, some customers may request historic year-to-year consumption comparisons. For those customers, and those customers only, the controller may retain historic consumption data.
The opinion strongly recommends the implementation of Privacy by Design, including privacy impact assessments, security and privacy audits.
See the authors’ previous blog entry on smart meters and privacy on design.