Last week, SkyVision Solutions released an updated report entitled, “A Perspective on How Smart Meters Invade Individual Privacy.”
The original report was issued in March of this year and has now been updated with new information regarding investor owned utilities (IOUs) as well as addressing a White House report concerning “big data” published in May 2014.
The 75-page report is perhaps the most comprehensive document of its kind on the topic of smart meter privacy invasions. Through a step-by-step logical approach, it is demonstrated that the collection of incremental energy-related data for residential electric customers using smart meters represents an unreasonable invasion of privacy and, for applicable jurisdictions, constitutes an unreasonable search in violation of the Fourth Amendment of the United States Constitution.
Based upon the information presented in the updated privacy document, it is established that utilities expose consumers to unnecessary risks by collecting massive amounts of smart meter-related data not necessary for billing purposes simply because “they can” and do so without regard to consumer privacy and security interests.
Smart meter data, consisting of granular, fine-grained, high-frequency type of energy usage measurements, can be used by others either maliciously or inadvertently using existing or developing technology to infer types of activities or occupancies of a home for specific periods of time. Analysis of granular smart meter energy data results in or may result in:
◾Invasion of privacy and intrusion of solitude;
◾Near real-time surveillance;
◾Endangering the physical security of life, family, and property; and
◾Unwanted publicity and embarrassment (e.g., public disclosure of private facts or the publication of facts which place a person in a false light).
More specifically, analysis of smart meter data or manipulation of smart meter data/firmware can be used for the following purposes:
◾Determine how many people are home and at what times;
◾Determine your sleeping routines;
◾Determine your eating routines;
◾Determine what appliances you use when, e.g., washer, dryer, toaster, furnace, A/C, microwave, medical devices … the list is almost endless depending on the granularity of the data;
◾Determine when a home is vacant (for planning a burglary), who has high-priced appliances, and who has a security system;
◾Law enforcement can obtain information to identify suspicious or illegal behavior or later determine whether you were home on the night of the alleged crime;
◾Landlords can spy on tenants through an online utility account portal;
◾For consumers with plug-in electric vehicles, charging data can be used to identify travel routines and history;
◾Utilities can promote targeted energy management services and products;
◾Marketers could obtain information for targeted advertising;
◾Cyber Attacks AheadHackers could wirelessly update smart meter firmware and remotely disconnect users. This could also allow attackers to corrupt the smart meters of individual homes, running up bogus charges or cause an electrical system to malfunction, shut down, or surge (frying all of your outlets and anything connected to them). Cyber assaults could involve hackers causing networked thermostats and appliances to malfunction possibly causing physical harm, especially to vulnerable populations. [Reference: “The Future of Crime” article, dated May 14, 2014];
◾In combination with smart water meter data, exact times for taking a shower or bath can be determined and, with even greater accuracy, when is a home vacant and susceptible to undetected burglary.
With regard to informing consumers of smart grid risk-related information, utilities and manufacturers have no incentive to inform consumers of these risks since such action would create an even greater consumer backlash against the deployment of the smart grid technologies. Risk-related information is being deliberately suppressed by the smart grid industry, and the public is being provided misinformation which would indicate that there are no additional privacy or security risks related to smart meters as compared to the old analog meters.
Smart Meter Privacy Invasions by Investor Owned Utilities (IOUs)
It is broadly stated that the Fourth Amendment applies only to acts by the government. However, if an investor owned utility (IOU) company is ordered by a state public utility commission to install privacy invading smart meters as part of a mandate or otherwise ordered to charge a penalty fee for those refusing smart meters, then the private utility arguably becomes an “instrument or agent of the state” and must abide by Fourth Amendment provisions.