1. IOT5_20110013GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd. Jaydip.Sen@tcs.com

2. 2 Outine 1.What is a Smart Grid ? 2.Components of Smart Grid Architecture 3.Privacy Requirements 4.Use Cases –Customer information access –Customer enablement IOT5_20110013GISFI # 05, June 20 – 22, 2011, Hyderabad, India

3. What is a Smart Grid? A smart grid integrates advanced sensing technologies, control methods, and integrated communications into the current electricity grid. – US Dept. of Energy ) IOT5_20110013GISFI # 05, June 20 – 22, 2011, Hyderabad, India

4. Smart Grid: The Energy Internet Electrical Infrastructure “Intelligence” Infrastructure 4 GISFI # 05, June 20 – 22, 2011, Hyderabad, India IOT5_20110013

5. Components of Smart Grid 5IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India Smart Grid network –Real-time pricing –Consumption management –Integration of plug-in hybrid electric vehicles for grid energy storage –Integration of distributed generation such as photovoltaic system and wind turbine Advanced metering –Advanced metering infrastructure (AMI) and Advanced Meter Reading (AMR) capabilities in power distribution system has the potential to save energy suppliers and consumers’ significant amount of money Demand Management

6. Personal Information on Smart Grids 6IOT5-20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India Personal information is defined in the Freedom of Information and Protection of privacy Act (FIPPA) as “recorded information about an identifiable individual. For example, “personal information” includes the address and telephone number of an identifiable individual and individuals’ name where it appears with other personal information relating to the individual or where the disclosure of the name would reveal other personal information about the individual. Utilities should be careful when anonymizing personal information and in concluding that the information is in fact anonymized. It is possible in some cases that removing identifiers such as name and address may not guarantee that personal information is de-identified. It is predicted that smart grids will generate eight times in order of magnitude more data than today’s traditional power network. Privacy of user data is a serious concern.

7. Some Examples of Privacy Control 7IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India Customers may only view data relating to their own consumption. Utilities may only see data relating to their own customers. Retailers may only see data relating to their own customers Billing agents may only have access to view billing quantities. Utilities may have the ability to edit meter readings only for their customers. Some users may not have the ability to view data. Only appropriately authorized users may have the ability to modify data.

8. Privacy Requirements in Smart Grids 8IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India Smart grid systems should feature privacy principles in their overall project governance framework and proactively embed privacy requirements into their designs, in order to prevent privacy-invasive events from occurring. Smart grid systems must ensure that privacy is the default – the “no action required” mode of protecting one’s privacy – its presence is ensured. Smart Grid systems must build in privacy end-to-end, throughout the entire life-cycle of any personal information collected. Smart grid systems must be designed with respect for consumer privacy, as a core foundational requirement.

9. Use Case – Customer Information Access 9IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India The utilities give access to the meter reading information to the customers to assist them in managing their power consumption. Challenges – robust mechanisms required for user registration, authentication and data protection. The greatest challenge is how to design the information flow to mitigate potential privacy concerns of the customers. Encryption of the smart meter information is required. Only a numeric ID and consumption information should be transmitted over the wireless mesh network. The meter-to-customer correlation is to be performed securely at the utility’s data center. The transformer meters should communicate over a different wireless network than the smart meters. If the smart meter network were ever to be compromised, malicious third parties would not be able to perform the same transformer –to-smart meter correlation, as could be done by the utility provider.

10. Use Case – Customer Enablement 10 IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India A utility is in the process of rolling out smart meters and billing system changes to support time-of-use billing and expects that future programs will include further customer enablement such as demand-response programs, conservation programs, voluntary curtailment etc. Customer enablement introduces new challenges in security and privacy. There are three basic activities in this case: Enrolment – the ability of an authorized customer to enroll and define his mode of participation. Usage – the active operation and management of participating customer. Termination – the ability of a customer to terminate his active participation. The features are to be delivered based on business requirements to permit demand response registrants to terminate their enrolment and to provide eligible device information to a demand response program. These will lead to supplementary requirements establishment such as data retention, sharing of personal information etc.

11. 11 Thank You GISFI # 05, June 20 – 22, 2011, Hyderabad, India IOT5_20110013