P4
By Bent Ole Gram Mortensen, Professor, Juridisk Institut, Syddansk Universitet THE COLUMN
YOUR DIGITAL SUPPLY AND PERSONAL DATA METER
DIGITAL CONCERNS The digitization is upon us. Yes, you get the impression when you leaf through the daily press - digitally as well as analogously. It is not something that has happened overnight, but something that affects us broadly. The utilities are inextricably linked to data. They handle both more traditional customer data such as name, address etc. and an increasing amount of supply data from the utility meters, all in an increasingly digital way. Digital data troubles the European population. According to the Eurobarometer 2015, 81 % of Europeans feel that they do not have fully control over their personal data online, and 69 % of Europeans would like to be able to submit their express confirmation before their personal data can be collected and processed. The risks of digital data are primarily related to privacy. If consumption data is detailed/frequent enough, it provides opportunities for profiling the residents. Data about the daily life and the energy consumption, and possible changes in this, compared with information about the buildings and residents can be used by authorities for control for e.g. social fraud and to identify efficiency potential, for example poor insulation. There are many applications – for better or for worse. Digital systems are also vulnerable to hacker attacks and carelessness with personal data. In principle, each supply meter becomes a target for attack. Regarding the latter, attempts with remote digital reading meters have demonstrated that it is possible to hack into a subnet with multiple meters, even in a setup where the electricity meters communicated via the electricity grid and thus somewhat different/more difficult than nets connected to the Internet. This could also happen with district heating (DH) meters. The EU has responded to extensive data leak by replacing the 20-year-old Data Protection Directive with the Data Protection Regulation, which will take effect from May 2018. It is a comprehensive legislation with 173 recitals and 99 articles. PERSONAL DATA IN THE SUPPLY SECTORS That customer data is personal information does not rule much doubt. Data Protection Regulation article 4 defines it as “any information relating to an identified or identifiable natural person”. Among traditional personal data are name, address, social security number, telephone number, bank details, civil status and economic conditions.
If consumption data can be linked to an identifiable natural person, such as a household consumer, it is personal data. Measurements of a household’s consumption are presumably also personal data, even if it is a family of five who consume from the same meter. Personal data must have a legal basis, or consent must have been given to process the data according to the Regulation. The legal basis can be consent, contractual obligation, social interest or perhaps the special collective provision on legitimate interests. The latter may come into play if you want to use the supply data for other purposes than what the data was originally collected for. BIG DATA In coming years, DH suppliers will among others replace the old analogue supply meters at the end user with new digital meters. As a result, the supply sectors will swim in “big data”. These big data can truly be a gift. Tele-metering, digital cut-off, and the ability to detect leaks quickly, will produce savings, even if resources are needed for the operation and maintenance of IT. The frequent readings also allow optimization of the network – both in terms of operations and investments. Within the district heating sector, one can imagine scenarios, where the optimization options will be able to repay the investment in digital meters within a few years. Altogether there are a lot of good, maybe even legitimated, interests related to measuring supply data. Utilities must both be able to settle and handle their primary supply task effectively. Authorities should be able to operate supply policies (e.g. efficiency, security of supply and environment). POLITICAL PANIC Data leak has been the biggest problem and supposedly the reason why we now get a regulation. DH companies contain both customer data and supply data, and these personal data must be treated properly. The supply companies must put their shoulders to the wheel to avoid bad cases of personal data leaks. Nor can it be recommended to peddle that kind of data to any mercenary soul who will sell everything under the sun. Otherwise one can expect rigid restrictions. The worst-case scenario is that politicians and authorities in ‘panic’ over the new regulation will pull in the emergency brake. That communities, sectors and end-users will be prevented from exploiting the beneficial potential of the big supply data, for example because authorities are in doubt or are too strict at what should be legitimate interests. Everyone must help so we do not end up in that kind of situation.
E N E R G Y A N D E N V I R O N M E N T
Made with FlippingBook Annual report maker