Smart Meters: Energy In, Privacy Out

Smart meters aren’t just a bad idea for consumers, they’re dangerous — and the Voluntary Code of Conduct for smart grid activities that the Department of Energy released on January 12th, 2015 will do little to assuage concerns about data security and consumer privacy.

And it’s not just consumers who are worried — in a submittal filed with the Massachusetts Department of Public Utilities on January 17, Northeast Utilities (the largest utility system in Connecticut, Massachusetts, and New Hampshire) had this to say about smart meter security: “Without resolution of the [issues related to] cyber-security, it is not possible…to develop a suitable [smart meter implementation plan]. [Smart meters] introduce a brand new portal into the Companies’ information systems, significantly increasing the cyber-security risk.”

Past surveys of U.S. utilities have shown that cyberattacks are a constant threat, endangering national grid systems. It has also been reported that China, Russia and Iran have initiated cyber probes of U.S. electrical grids though, in their own interest, many utilities have shied away from clarifying the specifics of these intrusions. However, as noted in this congressional report, one utility company did admit that it was the target of some 10,000 cyber attacks each month, and another power provider located in the northeastern U.S. reported being “under constant cyber attack from cyber criminals, including malware and a general threat from the Internet.”

Beyond national security concerns, these meters open a new portal into every American home. Energy usage data could allow for a reconstructed report of nearly all activities occurring within. Even without “smart” transmitting appliances, power providers can determine which specific appliances a consumer used, and for how long. There has even been talk of utilities eventually having the ability to control major household appliances remotely, or imposing limitations on the freedom to use one’s own devices.

With the touted benefit of definitive energy savings yet to appear, and the clear threat presented to national energy infrastructure, the privacy issues raised by the constant two-way communication between your home and outside entities makes them difficult to justify. Still, the march by the utilities and the government is well underway, with scores of new smart meters introduced daily into American homes.

Approximately 65 million smart meters are expected to be installed by the end of 2015, which will account for over one third of all electricity customers in the nation. With electricity being one of our most fundamental necessities, it’s surprising how little attention has been given to the fact that a breakdown in the system could be catastrophic — or that these devices open an entirely new window for cyber attacks, remote or otherwise.

It has been more than a few years since the introduction of the “smart meter” to U.S. markets. In December 2007, Congress passed, and the president approved, Title XIII of the Energy Independence and Security Act (EISA), resulting in the US Department of Energy receiving full legislative support for all smart grid activities, including the national implementation of smart meters. It wasn’t until January 12th, 2015, though, that the Department of Energy released their aforementioned Code of Conduct, (which is completely voluntary), and consumers fear this action is too little, far too late.