Utility companies collect electric usage data in order to bill their customers based on that usage. But when utilities install expensive ”smart meters,” the data collected can be extremely personal. Detailed electrical information can be potentially used to pinpoint the usage of specific appliances such as alarms, expensive electronics and medical devices. This information can provide a look inside a consumer’s home, and the gathering of this data leaves the consumer vulnerable to the theft, sharing, or sale of this personal data.
According to the Department of Energy, smart meters can reveal a family’s daily schedules, whether homes are equipped with alarm systems, whether they own expensive electronic equipment and even reveal certain medical devices. The latter could be used by health insurance companies, for example, in evaluating a potential customer. And the former could be used by criminals or marketing companies to target advertisements.
This may seem far-fetched, but according to the Electronic Privacy Information Center (EPIC), “an attacker with $500 of equipment and materials could take command of a smart meter, making it possible that “just as identities, credit card numbers and financial information are harvested and sold, so too can smart grid information.”
This data is not only stored in individual homes with compromised security, but utilities may sell this information to third parties. Data breaches have become a common and serious threat to consumers, who have little control over the protection of their data. In fact, 14.6 million Equifax customers had their social security numbers exposed in 2017. One hundred and forty five million eBay users saw their names, addresses, birthdays, and other information exposed. And there have been many other examples.
Individual consumers have little control over their essential utility services. If expensive and sophisticated “smart meters” are going to be installed in more homes, greater safeguards will be needed to protect consumers’ privacy, as well as their pocketbooks. The Missouri Public Service Commission currently has virtually no rules in place to safeguard utility customer privacy. In fact, throughout the commission’s 400-plus pages of rules, privacy is only mentioned twice, and only in relation to telecom companies. The commission’s rules contain no data regarding data privacy, data ownership or data access.
Missouri utility bill-paying practices related to customer data privacy is lagging behind other states. In 2016, the National Regulatory Research Institute determined that Missouri only had minimal rules or adopted practices in nine of the 16 best practices for billing and privacy; on the other hand, 19 states had active policies in place regarding customer data privacy.
Consumer advocates are calling for more robust protections for utility consumers. “The deployment of smart meters raises concerns from an increase in disconnections to individual privacy concerns,” says Cara Spencer of the Consumers Council of Missouri. “We encourage the general public to share their concerns with the Public Service Commission as they consider new policies.”
The Public Service Commission is accepting comments on privacy issues until August 10. Comments can be filed electronically at http://www.psc.mo.gov. by referencing Case No. AW-2018-0393.
