USA: Comprehensive report: How smart meters invade privacy

woensdag, 10 september 2014 - Categorie: Berichten Internationaal

Bron: .
29 aug. 2014

Last week, SkyVision Solutions released an updated report entitled, “A Perspective on How Smart Meters Invade Individual Privacy.”

The original report was issued in March of this year and has now been updated with new information regarding investor owned utilities (IOUs) as well as addressing a White House report concerning “big data” published in May 2014.

Summary Conclusions

The 75-page report is perhaps the most comprehensive document of its kind on the topic of smart meter privacy invasions. Through a step-by-step logical approach, it is demonstrated that the collection of incremental energy-related data for residential electric customers using smart meters represents an unreasonable invasion of privacy and, for applicable jurisdictions, constitutes an unreasonable search in violation of the Fourth Amendment of the United States Constitution.

Based upon the information presented in the updated privacy document, it is established that utilities expose consumers to unnecessary risks by collecting massive amounts of smart meter-related data not necessary for billing purposes simply because “they can” and do so without regard to consumer privacy and security interests.

Smart meter data, consisting of granular, fine-grained, high-frequency type of energy usage measurements, can be used by others either maliciously or inadvertently using existing or developing technology to infer types of activities or occupancies of a home for specific periods of time. Analysis of granular smart meter energy data results in or may result in:

Invasion of privacy and intrusion of solitude;
Near real-time surveillance;
Behavior profiling;
Endangering the physical security of life, family, and property; and
Unwanted publicity and embarrassment (e.g., public disclosure of private facts or the publication of facts which place a person in a false light).

More specifically, analysis of smart meter data or manipulation of smart meter data/firmware can be used for the following purposes:
Determine how many people are home and at what times;
Determine your sleeping routines;
Determine your eating routines;
Determine what appliances you use when, e.g., washer, dryer, toaster, furnace, A/C, microwave, medical devices … the list is almost endless depending on the granularity of the data;
Determine when a home is vacant (for planning a burglary), who has high-priced appliances, and who has a security system;
Law enforcement can obtain information to identify suspicious or illegal behavior or later determine whether you were home on the night of the alleged crime;
Landlords can spy on tenants through an online utility account portal;
For consumers with plug-in electric vehicles, charging data can be used to identify travel routines and history;
Utilities can promote targeted energy management services and products;
Marketers could obtain information for targeted advertising;
Cyber Attacks AheadHackers could wirelessly update smart meter firmware and remotely disconnect users. This could also allow attackers to corrupt the smart meters of individual homes, running up bogus charges or cause an electrical system to malfunction, shut down, or surge (frying all of your outlets and anything connected to them). Cyber assaults could involve hackers causing networked thermostats and appliances to malfunction possibly causing physical harm, especially to vulnerable populations. Reference: “The Future of Crime” article, dated May 14, 2014;
In combination with smart water meter data, exact times for taking a shower or bath can be determined and, with even greater accuracy, when is a home vacant and susceptible to undetected burglary.

With regard to informing consumers of smart grid risk-related information, utilities and manufacturers have no incentive to inform consumers of these risks since such action would create an even greater consumer backlash against the deployment of the smart grid technologies. Risk-related information is being deliberately suppressed by the smart grid industry, and the public is being provided misinformation which would indicate that there are no additional privacy or security risks related to smart meters as compared to the old analog meters.

Smart Meter Privacy Invasions by Investor Owned Utilities (IOUs)
It is broadly stated that the Fourth Amendment applies only to acts by the government. However, if an investor owned utility (IOU) company is ordered by a state public utility commission to install privacy invading smart meters as part of a mandate or otherwise ordered to charge a penalty fee for those refusing smart meters, then the private utility arguably becomes an “instrument or agent of the state” and must abide by Fourth Amendment provisions.

The legal argument runs along the lines that if the state public utility commission orders the utility to record larger quantities of data than is customary, then Fourth Amendment provisions apply. A key point in the argument is that the “customary” data set is that necessary for calculating a monthly utility bill, i.e., a once per month meter read. When a private “investor-owned” utility is ordered by a state public utility commission to install granular data collecting smart meter technology and/or to charge tariffs for those customers refusing such installations, then such orders constitute “state action.” As such, the state utility commission and private utility company are now subject to the limitations of the Fourth Amendment.

When the “state actions” are further determined to constitute an unreasonable invasion of privacy, then those organizations have violated the Fourth Amendment rights of the affected customers.

The White House Report on Big Data and Privacy

White House Big DataIn May 2014, a White House report was issued from the Executive Office of the President, entitled, “Big Data: Seizing Opportunities, Preserving Values.”

Somewhat remarkably, if one reads the White House report and a referenced paper to be quoted below, one will discover that the content is consistent with the assertions of the privacy report prepared by SkyVision Solutions.

The White House report recognizes the necessary protection of citizen privacy interests where it states:

“A legal framework for the protection of privacy interests has grown up in the United States that includes constitutional, federal, state, and common law elements. ‘Privacy’ is thus not a narrow concept, but instead addresses a range of concerns reflecting different types of intrusion into a person’s sense of self, each requiring different protections.”

“Big data” is described as “large, diverse, complex, longitudinal, and/or distributed datasets generated from instruments, sensors, Internet transactions, email, video, click streams, and/or all other digital sources available today and in the future.” Such data would include information collected from utility smart meters, and it was recognized that privacy would be affected by such data collection where the White House report states:

“Power consumption data collected from demand-response systems show when you move about your house.”

Lees verder in de categorie Berichten Internationaal | Terug naar homepage | Lees de introductie