Data privacy issues
A conversation with Ontario's Ann Cavoukian
Published In: Intelligent Utility Magazine March/April 2011
ANN CAVOUKIAN, INFORMATION AND PRIVACY COMMISSIONER for Ontario, is on a mission to raise awareness of the fundamental importance of consumer data privacy and to embed it into smart grid systems early on. She calls her approach, which has been "operationalized" at Hydro One in Ontario, "Privacy by Design."
INTELLIGENT UTILITY Tell us your view of the fundamental notion of privacy and its importance.
CAVOUKIAN Privacy is considered a fundamental human right because it's at the core of all our freedoms. It's the ability to go about your business without fearing that someone, including the state, is looking over your shoulder. The first thing to go when a democracy sinks into a totalitarian state is privacy.
In the energy context, ask yourself, how is information going to be used? Let me be clear: security is essential to privacy. You can't have privacy without security. But you can have security without privacy when information is used in ways that hadn't been envisioned, without the consent of the individual to whom it belongs. Fast forward to today, with all the online social media. How can we control our data in this environment? That's a good question.
Let me draw this distinction for your readers. There's a big difference between user-generated information and people who choose, perhaps foolishly, to put information out there about themselves. That's their choice. They have control. They may regret it, but you have to respect their choice. If it's not your information to give out, you should be held to a higher standard.
INTELLIGENT UTILITY How has your message been received?
CAVOUKIAN This is a new area for the energy sector, so I try to be respectful in explaining the issues. For data relating to operating the power grid, you don't have to worry about privacy. The issue matters when there's linkage between energy usage and someone's name, address or personally identifiable information.
Fortunately, the smart grid is at a nascent stage, so it's the easiest possible time to build `Privacy by Design' into what you're developing. You will not only save a lot of grief by avoiding data breaches, but you will gain the trust of your customers. And you need customer trust and buy-in for them to participate in energy conservation reform.
INTELLIGENT UTILITY Managers of investor-owned utilities must report on how they spend or invest money. Are investments in privacy measures recoverable through rate cases?
CAVOUKIAN To be honest, I haven't explored that yet. That's why we'd like to partner with a major U.S. utility. For the most part, however, we're advising what not to do. First, preserve the status quo. Do an assessment on how data is used within your operation. Presumably that's documented. Then adopt a policy stating you're not going to release personally identifiable information to third parties without the customer's consent.
You can ask your customers whether they're interested in promotional offers; that's the opt-in model. The initial costs are minimal. You're not putting in expensive new equipment. You're assessing current practices and adopting a policy. Beyond that, I can't address the cost, but I'd love to do so.
INTELLIGENT UTILITY To be fair, you're not just advocating a policy. In your case study on Hydro One in Toronto, you're advocating an IT architecture and systems approach that would gather, store, analyze and, ultimately, dispose of customer energy use data in such a manner that the utility gets the granularity it needs to efficiently operate the grid while keeping individual usage data private.
INTELLIGENT UTILITY Let's talk about the ownership of data and related issues.
CAVOUKIAN A lot of utilities say they own the data. They collect it, they analyze it, they use it to operate the grid. I want to suggest that `ownership' is not the best language to use. I'd prefer the language of `custody' and `control.' Who has custody of this information? Clearly the utility does. With that custody comes enormous control and a duty of care. If you are collecting this data, you have obligations to protect it. But if people insist on the concept of ownership, then it belongs to the individuals who are identified with it or by it.
Privacy is about control. People think it has to do with secrecy. Your customers have an existing trust relationship with their utility and they don't want that model to change. They don't want third parties entering into this relationship without their consent. If you want to provide access to third parties, who may have very valuable offerings, you ask the customer.
INTELLIGENT UTILITY In your view should `Privacy by Design' be legislated or adopted as a self-imposed industry standard?
CAVOUKIAN You could do both. I'm okay with the self-imposed model because I think utilities understand this is good for business. In California, Senate Bill 1476, signed into law last year, says to utilities: `Thou shalt not give this information to third parties without the individual's consent.'