Smart meter data a huge privacy risk, says EU watchdog

Valuable to employers, taxman, criminals, landlords, insurance companies...

Europe’s independent privacy watchdog is pushing for tight controls over smart meter data collection, fearing the data could be used to exploit and harm consumers.

While the devices could help reduce energy consumption and permit more granular pricing, the data they collect and transmit may also be used to “infer information about domestic activities”, the European Data Protection Supervisor (EDPS) has warned.

The watchdog raised its concerns on Friday in response to the European Commission’s proposed rollout of smart meters across Europe by 2020.

At the most basic level, if data was in the wrong hands it could “indicate to criminals when a house is unoccupied”.

“Data can be used to assess whether anyone is at home and when the members of the household are away at work or on vacation,” the independent watchdog said.

Wider privacy risks include exposure of medical conditions through the collection of data about medical devices or baby-monitors, which could help build a profile of the daily habits of a household and its members.

In addition to the volume of data the devices could generate, it will be transmitted to utilities that historically have held very little sensitive data about their customers.

The intervals between collection will be reduced from a quarterly or yearly basis to as little as every quarter of an hour, producing a trove of data that would be highly valued by advertisers and criminals alike.

“Unless adequate safeguards are established to ensure that only authorized third parties may access and process data for clearly specified purposes and in compliance with applicable data protection law, deployment of smart metering may lead to tracking the everyday lives of people in their own homes and building detailed profiles of all individuals based on their domestic activities,” it said.

Other third parties that may be interested in the data include law enforcement agencies, tax authorities, insurance companies, landlords, and employers, the EDPS said.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Comments

P

1

This is a huge issue for people unknowingly being subject to data examination and mining on their personal behaviours, habits and preferences, as well the equivalent for commercial users.
All the privacy laws in the world cannot guarantee perfect protection, and so the government must ensure that penalties are severely applied and scrutiny is scrupulous.
If I dont opt-in then I've opted out.

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Web Aplication Security

Safeguard your websites against cyber attacks and data loss.

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »