California looks to protect smart meter data

Utilities commission proposes rules to give consumers greater control over how energy consumption data is used

California's Public Utilities Commission has proposed a new set of rules for protecting the security and privacy of consumer data collected by the state's utility companies via new smart metering technology.

The proposal aims to secure customer usage data collected by smart meters deployed by the Pacific Gas and Electric, San Diego Gas & Electric and Southern California Edison. The rules would also cover all contractors and other third parties that work with utility companies in the state and have access to the usage data.

A 143-page document detailing the proposed rules was released by the utilities commission earlier this month and is open for public comment until the end of May.

If the rules are adopted, California would become the first state to implement standards for protecting the privacy of data collected by smart meters.

The U.S. Department of Energy and several privacy groups have issued warnings about the privacy risks posed by the collection and use of electricity usage data from smart meters.

Smart meters, designed to collect energy consumption data from homes and transmit it back to power distribution companies for billing, network and demand management purposes, are a crucial component of the smart grid.

The technology is also designed to let consumers view their energy usage patterns in near real time to help them better manage home energy use.

While smart meters are expected to help utility companies and consumers better manage electricity consumption, critics and some backers have expressed concerns that they could disclose detailed information about the behavior and activities of households. In fact, the Energy Department last year called for regulating how utility companies can collect, store, access and share data collected by smart meters.

California's proposed rules would require that utility companies implement specific steps for controlling third-party access to the data, and they would allow consumers to have greater control of it. For example, utility companies would have to provide consumers with up-to-date billing data, forecast data and rate calculators, and notify customers when their usage crossed into a different rate tier.

Customers would also eventually have access to near-real-time usage, pricing and billing data under the proposal.

The rules would require utilities to give consumers greater opt-in and opt-out control over the manner in which their electricity usage data is accessed and used by any third-party contractors.

Consumers would also get clear disclosure about what data utility companies are collecting, how it is used and who has access to it. Utility companies would be required to minimize the amount of data collected and would be responsible for ensuring that contractors and other third-party partners handle consumer data according to the rules.

If adopted, the rules could become a model for other states, much like California's landmark SB 1386 data breach notification rules that became law in 1993.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is

Copyright © 2011 IDG Communications, Inc.

Shop Tech Products at Amazon