EPDS Warns Of Smart Meter Privacy Risks

The European Data Protection Supervisor (EDPS) has expressed privacy concerns about smart metering systems, which are due to be rolled out across the European Union by 2020.

The EDPS acknowledged there were numerous benefits to smart meters, but said that more must be done to improve security and how the data collected is stored.

EU member states are currently carrying out an economic assessment of costs and benefits ahead of smart meter rollouts, which is expected to deliver £7.2 billion in net benefits to the UK in the next 20 years.

Data mining fears

Smart Meters have long been proposed as a way of reducing energy use, but their benefits have been called into question by those who believe they will fail to deliver the expected benefits to householders and business owners.

Security concerns have long persisted, with analysts predicting that they will be hacked due to a lack of protection and their physical location in non-secure areas.

Chief among the EDPS’ concerns is the amount of sensitive personal data the meters could reveal, such as whether users are away on holiday or at work, if they use certain medical devices or a baby monitor and what they do with their free time.

Although he acknowledged this information might be useful for analysing energy use for conservation, he claimed the patterns discovered could be used for marketing, advertising and price discrimination by third parties.

To allay these concerns, the EPDS has issued a number of recommendations, such as offering more information on the legal basis of data processing and the choices available to citizens, such as the frequency of readings.

Recommendations

Privacy-enhancing Technologies (PETs) should be obligatory and there should be more guidance on how long the data is kept, the EPDS said. This information should also be made available to consumers, as should the ways it is used, it added.

“The EDPS calls on the Commission to assess whether further legislative action is necessary at EU level to ensure adequate protection of personal data for the roll-out of smart metering systems an – in his opinion – provides pragmatic recommendations for such legislative action,” said Giovanni Buttarelli, assistant EDPS. “Some of these recommendations can already be implemented via an amendment to the Energy Efficiency Directive, which is currently before the Council and Parliament.

“These should at least include a mandatory requirement for controllers to conduct a data protection impact assessment and an obligation to notify personal data breaches.”

What do you know about Green IT? Find out with our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

UK Underestimates Threat Of Cyber-Attacks, Says NCSC Head

The cyber risk facing UK “widely underestimated”, warns head of GCHQ’s NCSC Richard Horne in…

12 hours ago

Microsoft Faces £1 Billion Lawsuit For Alleged Overcharging

Lawsuit filed in London against Microsoft alleges customers using rival cloud services, have to pay…

13 hours ago

Elon Musk $56 Billion Pay Deal Rejected, Again

Judge in Delaware for the second time rules against the record-breaking $56 billion pay package…

15 hours ago

China Bans Exports Of Gallium, Germanium, Antimony

Beijing bans exports to US of key materials after Biden administration imposes more restrictions on…

17 hours ago

US Announces New Export Controls On China’s Chip Sector

New round of US semiconductor export restrictions designed to hamper Beijing's capacity to produce high-end…

18 hours ago

Germany Shoulders €600 Million Of Northvolt Debt

Lender KfW is to be reimbursed by the German government more than €600 million ($629…

19 hours ago