Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy and the Law in Demand Response Energy Systems Deirdre K. Mulligan, Jack I. Lerner Erin Jones, Jen King, Caitlin Sislin, Bethelwel Wilson, Joseph.

Published byJane Neal Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy and the Law in Demand Response Energy Systems Deirdre K. Mulligan, Jack I. Lerner Erin Jones, Jen King, Caitlin Sislin, Bethelwel Wilson, Joseph."— Presentation transcript:

1 Privacy and the Law in Demand Response Energy Systems Deirdre K. Mulligan, Jack I. Lerner Erin Jones, Jen King, Caitlin Sislin, Bethelwel Wilson, Joseph Hall Samuelson Law, Technology & Public Policy Clinic University of California, Berkeley www.samuelsonclinic.org

2 Federal Privacy Law Constitutional privacy law focuses on a person’s reasonable expectation of privacy Expectations of privacy are shaped by what is technically possible, and what is technically possible in turn informs a court’s analysis of reasonableness Location matters: discovery of activity that occurs within the home may violate privacy, if discovered with technology which is not generally available With regard to sensing equipment used to detect information on the activity inside the home: “We think that obtaining by sense-enhancing technology any information regarding the interior of the home that could not otherwise have been obtained without physical intrusion into a constitutionally protected area constitutes a search - - at least where (as here) the technology in question is not in general public use. This assures preservation of that degree of privacy against government that existed when the 4th A was adopted.“ – Kyllo v. U.S. (2001) –Government use of precise, accurate technologies with low false positives may be outside the 4 th A –Use of “Police-Only” technology is unreasonable, but use of readily available technology may not be Recording matters: business records held by others, containing personal data or information on in-home activity, may not be viewed as private With regard to telephone records: “The public awareness that such records are routinely maintained…negate[s] any constitutionally sufficient expectation of privacy…” - U.S. v. Starkweather (9 th Cir. 1992)

3 Different protections for utility records and personal information Written consent required for release of personal data: billing, credit, usage Utility records may be released in certain circumstances if customer not identified Exceptions for law enforcement More extensive protection in telecommunications: Calling patterns, service choices, individual or aggregated demographic data may not be released without written consent. Third Party Service Provider / Data Manager Data security & data handling practices promulgated from utility to third party through contract and audit Law Enforcement Stricter rules for tech-assisted criminal investigation (Kyllo) Relatively easy access to utility records California consumers may also able to expand their expectation of privacy by taking steps to protect information: People v. Chapman, 36 Cal.. 3d 98 (1984) (customer who paid to keep her name, phone number, and address unlisted in telephone directories had a reasonable expectation of privacy in that data, and so a warrant was required to obtain that data from the telephone company) California Privacy Laws

4 April 27, 2006 What is demand response? Step 1: Advanced meters recording home energy usage every 15 minutes (PG&E would like to begin upgrading meters in 2006) Step 2: Consumers manually modulate their energy usage in response to time-varying energy prices Step 3: New technology may enable automatic consumer response to time-varying energy prices AND/OR allow utilities to limit customer usage Step 4: Wired Houses with sensors and computing systems optimize energy usage

5 Legal / Privacy Issues: Meters & In-home elements Consumer has high expectation of privacy for in-home data –Highest legal protection for this data through property and privacy law –Consumer preference to keep data in-home –Potential of network to expose information to others without trespass With increasing intelligence in-home, more potential for on-site processing, –meter-computing-bill? Security & encryption of in-home transmissions –In-home sensor data & transmissions may expose information on in-home activity

6 Legal/Privacy Issues: Data Transmission to Utility Currently, meter data security based on proprietary data format rather than encryption Unclear levels of privacy protection when customer data passes from utility to third party –Security & data handling requirements enforced by utility through contract and audit –Unclear whether law enforcement can access more easily –Customer preference for utility ownership of system so privacy and data handling requirements clear Over time, utility may start to look like a telecommunications provider –Telecom corporation responsible for ensuring privacy of communications over its telephone system

7 Legal/Privacy Issues: Data Processing and Use Possible threats to privacy –Sale or disclosure of data in “business records” –Unregulated, unrestricted access to real-time information Mining of hourly data may expose information on in-home activity –Explore aggregation, anonymization –Use of in-home processing capability to reduce exposure –Need to balance utility system optimization via data mining and customer privacy Access to in-home sensor data may expose information on in-home activity Over time, utility may start to look like a telecommunications provider –Disclosure restrictions on personal calling patterns, service program choices, and individual or aggregated demographic information.

8 Specific Architectural Choices that will Promote Privacy Identifying precise data requirements for utility sub-systems (e.g., billing) –Create separate pathways for systems that require identifiable data Minimizing amount of raw usage data that enters external networks –Use in-home processing capability Minimizing granularity of information transmitted, at every step Focusing on security –No security = no privacy

9 Recommendations in Demand Response System Design 1.Keep data in-home as much as possible, protect to the extent possible when data leaves the home Meter-computing-bill an example Split data paths for billing and other functions Aggregation / anonymization of high granularity data Security of data in the home also an issue 2.Protect privacy prospectively, through design Hard (technology) v. soft (legal) protections Architectural choices will constrain subsequent policy choices Policy choices are “hardened” when incorporated in architectural design 3.Ensure that rules and regulations incorporate privacy and technological developments as they evolve Strong privacy protections should travel with the data

10 "It would be foolish to contend that the degree of privacy secured to citizens by the 4th A has been entirely unaffected by the advance of technology...the question we confront today is what limits there are upon this power of technology to shink the realm of guaranteed privacy.“ -- U.S. Supreme Court, Kyllo

Download ppt "Privacy and the Law in Demand Response Energy Systems Deirdre K. Mulligan, Jack I. Lerner Erin Jones, Jen King, Caitlin Sislin, Bethelwel Wilson, Joseph."

Similar presentations

THE FOURTH AMENDMENT Constitutional Law.

THE FOURTH AMENDMENT Constitutional Law.
US Constitution and Right to Privacy Generally only protects against government action Doesn’t obligate government to do something, but rather to refrain.

US Constitution and Right to Privacy Generally only protects against government action Doesn’t obligate government to do something, but rather to refrain.
TRUST Fall Meeting November 10 - 11, 2010 │Stanford, California A Privacy-Aware Architecture For Demand Response Systems Steve Wicker, Bob Thomas School.

TRUST Fall Meeting November , 2010 │Stanford, California A Privacy-Aware Architecture For Demand Response Systems Steve Wicker, Bob Thomas School.
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.

PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.
Privacy: Accountability and Enforceability Jamie Yoo April 11, 2006 CPSC 457: Sensitive Information in a Wired World.

Privacy: Accountability and Enforceability Jamie Yoo April 11, 2006 CPSC 457: Sensitive Information in a Wired World.
1 Insert Cover Page Karen Made. 2 Why is Privacy an Issue with Smart Grid?  Smart Grid presents new privacy threats through its enhanced collection and.

1 Insert Cover Page Karen Made. 2 Why is Privacy an Issue with Smart Grid?  Smart Grid presents new privacy threats through its enhanced collection and.
Christian Vargas. Also known as Data Privacy or Data Protection Is the relationship between collection and spreading or exposing data and information.

Christian Vargas. Also known as Data Privacy or Data Protection Is the relationship between collection and spreading or exposing data and information.
March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.

March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.
Right to Privacy: The Unwritten Right

Right to Privacy: The Unwritten Right
Mark S. Hayes – Blake, Cassels & Graydon LLP Privacy and Security – Some Observations Mark S. Hayes, Blake, Cassels & Graydon LLP 7th CACR Privacy and.

Mark S. Hayes – Blake, Cassels & Graydon LLP Privacy and Security – Some Observations Mark S. Hayes, Blake, Cassels & Graydon LLP 7th CACR Privacy and.
PRIVACY: What does it mean?? Molly, Julia, Erin and Andrew Project.

PRIVACY: What does it mean?? Molly, Julia, Erin and Andrew Project.
Jan. 28, 2004UCB Sensor Nets Day1 TOWARD A LEGAL FRAMEWORK FOR SENSOR NETWORKS Pamela Samuelson, Law/SIMS UCB Sensor Nets Day January 28, 2004.

Jan. 28, 2004UCB Sensor Nets Day1 TOWARD A LEGAL FRAMEWORK FOR SENSOR NETWORKS Pamela Samuelson, Law/SIMS UCB Sensor Nets Day January 28, 2004.
Privacy and Sensor Networks: Do Sensor Networks fit with Fair Information Practices Deirdre K. Mulligan Acting Clinical Professor of Law Director, Samuelson.

Privacy and Sensor Networks: Do Sensor Networks fit with Fair Information Practices Deirdre K. Mulligan Acting Clinical Professor of Law Director, Samuelson.
March 13, 2004Securing Privacy Conference1 SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004.

March 13, 2004Securing Privacy Conference1 SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
Relation between technology and privacy Micro level – focus on empowering individuals – information and tools to effectuate privacy in various contexts.

Relation between technology and privacy Micro level – focus on empowering individuals – information and tools to effectuate privacy in various contexts.
What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;

What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;

Similar presentations

Ads by Google