Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Privacy & The Smart Grid (Susanlyon Chtlj01292010)


Published on

Presentation on Privacy and the Smart Grid presented Jan. 2010 for Santa Clara University Computer and High Technology Law Journal Clean Technology Symposium

  • Be the first to comment

Privacy & The Smart Grid (Susanlyon Chtlj01292010)

  1. 1. The Smart Grid: How Smart is Too Smart? Emerging Privacy Issues Susan L. Lyon CHTLJ Symposium January 2010
  2. 2. Privacy Concerns
  3. 3. <ul><li>Privacy Concerns </li></ul><ul><li>Privacy Laws </li></ul>How Smart is the Smart Grid?
  4. 4. <ul><li>Limited flow of information </li></ul><ul><li>Billing information </li></ul><ul><li>Monthly energy usage </li></ul><ul><li>Payment information </li></ul><ul><li>Name, address </li></ul>Current
  5. 5. Smart Grid <ul><li>Electric grid + digital communication </li></ul><ul><li>Decentralized </li></ul><ul><li>Collaborative </li></ul><ul><li>Much, Much More Data </li></ul>
  6. 7. What can Smart Grid know about you?
  7. 8. How Secure is Smart Grid? <ul><li>Cyber-Attacks </li></ul><ul><li>Wireless transmission </li></ul><ul><li>More information </li></ul><ul><ul><li>ID Theft </li></ul></ul><ul><ul><li>Targeted Home Invasions </li></ul></ul>
  8. 9. Who is involved? <ul><li>Government </li></ul><ul><li>Academic Institutions </li></ul><ul><li>Alliances & Coalitions </li></ul>
  9. 10. Current Privacy Laws
  10. 11. 4 th Amendment <ul><li>Right to be secure in homes against unreasonable searches and seizures </li></ul><ul><li>Business Records – Not protected v. Home Records – </li></ul><ul><li>Protected </li></ul>
  11. 12. FTC Section 5 <ul><li>Deceptive Acts </li></ul><ul><li>Fairness </li></ul><ul><ul><li>Staff Guidance - Fair Information Privacy Principles </li></ul></ul>
  12. 13. Texas PUC Regs <ul><ul><li>Tex. PUC Regs. § 25.472(b). </li></ul></ul><ul><ul><li>Bars retail electric providers from releasing “proprietary customer information…to any other person, including an affiliate…without obtaining the customer’s or applicant’s verifiable authorization </li></ul></ul>
  13. 14. Pennsylvania PUC Regs <ul><ul><li>Pennsylvania - 52 Pa. Code § 54.8. </li></ul></ul><ul><ul><li>Prohibits electric distribution companies from releasing “private customer information to a third party unless the customer has been notified of the intent and has been given a convenient method of notifying the entity of the customer's desire to restrict the release of the private information.” </li></ul></ul>
  14. 15. <ul><li>FERC – Federal Energy Regulatory Commission </li></ul><ul><li>NERC (North American Electric Reliability Corporation) </li></ul><ul><li>State laws </li></ul>Security Regulations
  15. 16. Developing Privacy Laws
  16. 17. Smart Grid Legislation <ul><li>Energy Independence & Security Act of 2007 </li></ul><ul><ul><li>NIST to develop &quot;protocols and model standards for information management to achieve interoperability of Smart Grid devices and systems. . . .” </li></ul></ul><ul><li>American Recovery & Reinvestment Act </li></ul><ul><ul><li>$11 billion - Smart Grid </li></ul></ul>
  17. 18. FCC Regulations? <ul><li>Two-Way Communications </li></ul><ul><li>Wireless </li></ul><ul><li>Privacy Comments Sought </li></ul>
  18. 19. Colorado PUC Regs? <ul><li>Comments Sought </li></ul><ul><li>Collection & analysis of usage information & policies governing access & use </li></ul><ul><li>Trade-offs between privacy & innovation </li></ul><ul><li>Protection of usage information </li></ul><ul><li>Impact of Constitutional or statutory protections on use of information </li></ul><ul><li>Components of effective privacy regulation of usage patterns. </li></ul><ul><li>Amount of information needed by utilities to manage systems </li></ul><ul><li>Effect of privacy regulations on utilities & “edge service providers” </li></ul><ul><li>Ownership of personal information </li></ul><ul><li>Utility’s obligation to “unbundle” metering in homes and businesses </li></ul>
  19. 20. Draft NIST Standards <ul><li>Smart Grid Cyber Security Strategy and Requirements </li></ul><ul><li>Management and Accountability: </li></ul><ul><li>Notice and Purpose </li></ul><ul><li>Choice and Consent </li></ul><ul><li>Collection and Scope </li></ul><ul><li>Use and Retention </li></ul><ul><li>Individual Access </li></ul><ul><li>Disclosure and Limiting Use </li></ul><ul><li>Security and Safeguards </li></ul><ul><li>Accuracy and Quality </li></ul><ul><li>Openness, Monitoring and Challenging Compliance </li></ul>
  20. 21. Questions? <ul><li>[email_address] </li></ul><ul><li> Twitter: @susanlyon @ </li></ul><ul><li>Facebook: Perkins Coie Privacy& Security </li></ul>