ITBusiness.ca

Privacy by Design comes to power: Protecting personal information in the Smart Grid

 The current electrical grid is seen by some as the greatest engineering achievement of the 20th century.  But it is increasingly out of date and overburdened.  Efforts to modernize the grid – making it smarter, stronger, and greener – are gathering momentum, especially in North America and Europe.

Ann Cavoukian

Right now, the Smart Grid is very much in its infancy, existing mostly in the form of plans, projects, and small pilots.  But ultimately, development of the Smart Grid is expected to enable a two-way flow of information and electricity that will provide major advantages for the system, and give consumers more choices about how, when, and how much electricity they use.  

We all stand to benefit from the Smart Grid.  And we stand to benefit most if it is well designed and well implemented.  An important aspect of that, in my view, is making sure that the Smart Grid is also smart about privacy.  

My office has been actively advocating on behalf of building privacy into the Smart Grid for some time.  In November 2009, we released a white paper with the Future of Privacy Forum, entitled SmartPrivacy for the Smart Grid: Embedding Privacy into the Design of Electricity Conservation.  The paper called attention to the privacy issues related to personal data generated and collected by the Smart Grid, and argued that improving the grid can be achieved without sacrificing privacy. 

The following June, we partnered on a privacy best practices paper with two major Ontario utilities:  Hydro One Inc. and Toronto Hydro.  The paper focused on how Privacy by Design (PbD) – engineering privacy directly into the design of new technologies, business processes, and networked infrastructure as a core functionality – could be applied to the Smart Grid.  Privacy by Design: Achieving the Gold Standard in Data Protection for the Smart Grid, established best practices based on the work of Ontario’s leading utilities.

Related story – OLG’s winning biometric encryption strategy

Last week, we released a third ground-breaking paper, cutting a path forward for utilities as they approach privacy issues in the design phase of their Smart Grid development.   Prepared in partnership with Hydro One, IBM, GE and Telvent, this new guidance document describes how the principles of Privacy by Design – the gold standard for privacy and data protection – can actually be operationalized in Smart Grid systems.

The paper is based on the experience of embedding the principles of PbD into a cutting-edge project in Owen Sound, Ontario.  It clarifies three domains of the Smart Grid:

–          the grid domain, which relates to systems and processes to manage the power network,

–          the customer domain, which incorporates all the devices in the consumer’s home or business, including smart meters and in-home displays, and

–          the services domain, which includes functions customer service functions such as billing and demand management programs. 

Related story – Selling energy back to the grid

This analysis forms the foundation for understanding how privacy risks can be contained by limiting personal information only to those domains where it is relevant – the customer and services domains.  The paper also provides specific examples of design requirements for minimizing and protecting personal information in each domain, and achieving full system functionality in a positive-sum – not zero-sum – manner.

The Smart Grid has the potential to transform our lives in countless unimaginable ways.  With Operationalizing Privacy by Design: The Ontario Smart Grid Case Study, we’ve sketched out a roadmap for utilities, vendors and service providers around the world to embed Privacy by Design into Smart Grid systems, products, and services. In the process, we’ve demonstrated to policy makers, engineers, architects, and system designers how privacy can be implemented pragmatically, in a positive-sum relationship with other objectives. 

www.privacybydesign.ca.

Dr. Ann Cavoukian is the Information and Privacy Commissioner of Ontario, Canada, and is recognized as one of the leading privacy experts in the world.  She is also the creator of Privacy by Design.  Recently, Commissioner Cavoukian was named among the Top 11 Movers and Shakers in the global Smart Grid industry – an accolade bestowed by Intelligent Utility magazine.

Exit mobile version