By Sarah Cortes-Ever since Chinese computer hackers reportedly brought down the entire power grid of northeastern New York State, utilities and the US government have collaborated to strengthen the US energy infrastructure to prevent similar occurrences. Smart Grid technology, including computerized Smart Meters, have been rolled out around the US, and there are plans to install more, including in Cambridge and the entire state of Massachusetts.
New Smart Grid technology can make your energy consumption data much more interesting, creating benefits- and problems. Collected at intervals as low as every hour or 15 minutes, increased granularity of your energy consumption paints a distinct picture of your activities in your home. And, the activities of others in your home while you are away. Each person may create a unique "digital energy usage signature" that can be used to identify who is in your home doing what, when. This is helpful when you want to understand how to cut down your energy usage. It also interests businesses that want to sell you things, other individuals who want to track your activities, and law enforcement and related government agencies, when they wants to track your whereabouts and activities.
EnergySec, a consortium of industry leaders and concerned citizens, invited a panel of lawyers, information security researchers and state public utility employees to Portland, Oregon last week to educate attendees of the EnergySec Summit about privacy issues with Smart Grid Energy Consumption Technology. The Smart Grid is the new energy infrastructure the US has been seeking to implement. Panelists included Lee Tien from the Electronic Frontier Foundation (EFF). EFF, like the ACLU, is active in defending civil liberties. EFF's focus is freedom relating to digital, internet and computer-related issues. EFF has been active in keeping an eye on how energy consumption data collection and storage may create new threats to civil liberties, privacy and security.
Other panelists included Gal Shpantzer, and information security researcher from EnergySec, moderator, Chris Shepherd, ICCT, Chris Villarreal, California Public Utilities Commission, and myself, from Cambridge, representing the National Institue of Standards and Technology (NIST) Smart Grid CyberSecurity Working Group (CSWG) that is currently rewriting a NIST Smart Grid CyberSecurity and Privacy guide, including legal and regulatory issues.
The panel discussed the very recent rulings by the Ninth Circuit Court, US v. Golden Valley Electric Association, and the Maine Supreme Court, in Friedman v. Maine Public Utilities Commission, regarding privacy and security issues relating to government subpoenas of consumer energy usage data for law enforcement, as well as concerns about health and general privacy issues of Smart Grid technology.