As states are initiating docket proceedings related to smart meter privacy and passing privacy protection legislation to regulate utility providers utilizing smart meters, it is interesting to note how one utility provider has taken steps towards protecting consumer privacy. 

San Diego Gas & Electric (SDG&E) is a utility provider based in southern California.  California has been one of the most active states in the country in proactively regulating the protection of smart grid consumer data.  So SDG&E has sought to address the regulatory and consumer concerns by adopting Privacy by Design with respect to its smart meter programs.

This blog has previously covered the FTC’s adoption of Privacy by Design as a central component of its recent privacy report.  The premise underlying Privacy by Design is that companies will better protect consumer data privacy if they fully incorporate safeguards and a culture of respecting privacy into the early stages of operations, rather than simply responding to legislation and regulations.

Originally developed by Dr. Ann Cavoukian, the current Ontario Information and Privacy Commissioner (IPC), Privacy by Design has been well-received internationally.  At its core, Privacy by Design as articulated by the IPC is a set of seven principles designed to achieve its objectives, which the IPC has adapted to apply directly to the smart grid.  These principles are:

  1. To prevent privacy-invasive events from occurring, Smart Grid systems should feature privacy principles in their overall project governance framework and proactively embed privacy requirements into their designs.
  2. Smart Grid systems must ensure that privacy is the default — the “no action required” mode of protecting privacy.
  3. Smart Grid systems must make privacy a core, essential functionality in the design and architecture of Smart Grid systems and practices.
  4. Smart Grid systems must avoid any unnecessary trade-offs between privacy and the legitimate objectives of Smart Grid projects.
  5. Smart Grid systems must embed privacy end-to-end, throughout the life cycle of any personal information collected.
  6. Smart Grid systems must be visible and transparent to consumers to help ensure that new Smart Grid systems operate according to stated objectives.
  7. Smart Grid systems must be designed with respect for consumer privacy, as a core foundational requirement.

SDG&E has relied on these principles as a foundation in creating its Smart Pricing Program, which helps to provide consumers with custom pricing plans tailored to their energy usage.  For instance, SDG&E has (i) created a dedicated privacy team, (ii) required that consumers affirmatively opt-in to the collection of any data beyond the minimum (as opposed to imposing on consumers a requirement to opt-out), (iii) created a notice informing new customers of the level of data collection to which they will be subject and (iv) appointed “privacy champions” (subject experts) to promote privacy within the company.

SDG&E’s Smart Pricing Program remains in its beginning stages, so it will be interesting to see how it evolves, and whether it drives other utility companies to respond to consumer privacy demands in a similar manner.  SDG&E is working with the IPC in implementing the program to help take advantage of the IPC’s institutional knowledge of applying Privacy by Design to the Smart Grid.  The two parties have jointly released a white paper detailing the specific steps that SDG&E hopes to take.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Nigel Howard Nigel Howard

For over 30 years Nigel Howard has specialized in technology transactions such as M&A, strategic alliances, licensing, distribution agreements and outsourcing. Clients range from start-ups and emerging companies to international corporations. He has led negotiations of billion dollar service agreements that were critical…

For over 30 years Nigel Howard has specialized in technology transactions such as M&A, strategic alliances, licensing, distribution agreements and outsourcing. Clients range from start-ups and emerging companies to international corporations. He has led negotiations of billion dollar service agreements that were critical to his client, and successfully handled the intellectual property and data issues on over 250 venture capital and M&A transactions.

Nigel is a “tremendous attorney” singled out for his detail-oriented approach, according to clients interviewed by Chambers and Partners. Peer commentators note his admirable commercial awareness, which achieves business-focused results, often in the most challenging of circumstances. He uses his extensive experience with IP and technology to advise on the commercial imperatives underlying these agreements.

Nigel has been ranked by Chambers Global, Chambers USA, Legal 500, Best Lawyers in America, and Who’s Who in American Law. He is frequent speaker on AI, data, distribution, and technology legal issues. His past and current clients include American Airlines, the American Bankers Association, American Express, AstraZeneca, British Airways, Brown Brothers Harriman, Cathay Pacific, Cisco, CoBank, DoubleClick, Etihad, HPE, Farelogix, Iberia, Mars, Merck, Merrill Lynch, Microsoft, NCR, the NFL, Novartis, P&G, Philippine Airlines, Promontory Financial, Singapore Airlines, Teva, TouchTunes, UBS, and Wyeth.