Third Party Access Challenges Smart Grid Data Privacy, Security, NARUC Panel Says
Issues of third-party access to smart grid data continue to be vigorously debated, despite broad agreement from regulators and stakeholders on best practices and guidelines, panelists said at the NARUC meeting Tuesday. Issues for which consensus is proving hard to achieve include how consumers should authorize third-party access and how utility liability should be limited when utilities are required to disclose data to authorized third parties, said Doug Michael, a senior adviser with Department of Energy. Another challenge is establishing the applicable complaint procedures once third-party access has been authorized, and the specific data that utilities should be required to disclose to authorized third-parties, he said.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
There’s no consensus on whether utilities could charge a fee for providing third-party access to consumer energy data, and whether authorized third-party service providers should be required to obtain further informed consent before disclosing such data, Michael said. State certification requirements for third parties also remained an open issue, he said.
Some states like Texas have even passed legislation regarding third-party access to smart grid data, panelists said. Smart grid data privacy and security is all about consumers, said Michael Brady, a Comcast vice president. Consumer education about the benefits of smart grid and the use of smart technologies will be of significant importance to the success of deployment, he said. States should carefully consider the conditions under which consumers can authorize third-party access, said Commissioner Paul Centolella of the Ohio Public Utilities Commission. The consensus is that authorized third parties should be required to protect the privacy and security of consumer data and use it only for the purpose of specified in the authorization, and that states should define the circumstance, conditions and data that utilities should disclose to third parties, Michael said. State commissions should also understand the limit of jurisdiction, he said. Collaborating is key, said Kenny Mercado, CenterPoint Energy senior vice president.
Whether a roaming agreement is needed is another issue, as consumer would be charged outside their utility areas more often, said Brent Struthers, a senior director with Neustar. The industry should plan for the worst, he said, noting providers can use privacy impact assessment tools to evaluate any potential privacy risks. It’s important to be patient, he said, saying smart grid deployment isn’t a process that can be rushed through. Struthers acknowledged that sometimes it’s difficult to get utilities and telecom companies involved.