“Security Is Not Enough! On Privacy Challenges in Smart Grids”

What follows are selected quotations reprinted with permission from ETP, Engineering and Technology Publishing.  This article was published in the International Journal of Renewable Energy and Smart Grid (IJRESG), (Vol. 1, No. 1), September 2012.

Security Is Not Enough! On Privacy Challenges in Smart Grids

Abstract for Article:

“Smart Grid solutions are being rolled out at large-scale these days.  While security concerns are addressed on various levels and sophisticated technical measures applied, privacy issues are still not fully understood yet.  The generation of high-frequency meter readings exposes customers to new threats. Various politic initiatives thus aim towards a strong regulatory framework to enable an appropriate protection of the customers’ privacy.  We argue that finally the only effective measure is to avoid the production of personalized fine-grained meter readings.  However, it is important to study the impact of available technical privacy protection concepts on smart grid services, including demand management, load forecasting and energy theft protection, which typically rely on these data.  Therefore, in this paper we outline the privacy challenge and the concept of privacy-by-design.  In particular, we discuss privacy protection methods and compare them in terms of applicability and impact on smart grid services.”

Selected quotations from this article are as follows:

“… two issues are widely unsolved: (i) There is no consensus what data can potentially compromise a customer’s privacy and to which degree.  While for some types, such as individual fine-grained meter readings, it is more obvious, for others it is not.  (ii) Even the most sophisticated technical and organizational measures to protect sensitive data cannot guarantee the privacy protection in case of successful malicious attacks to the storage backend, e.g., carried out by a disgruntled employee.”  [emphasis added]

“An illustrative example of smart meter data exploitation is given in a recent NIST report [9].  Here, the authors impressively demonstrate how electric appliances leave special marks on the wire that can be tracked to learn about used devices and thus infer people’s habits.  There are various parties who are particularly interested in meter readings; however, besides legitimate organizations using the data for billing or network services, many other use cases are not desirable, as summed up by Table 1. …

Smart Meter Exploitation

A list of potential consequences when privacy in Smart Grid systems is compromised includes:  identity theft, determining personal behavior patterns, determining specific appliances used, performing real-time surveillance, revealing activities through residual data, targeted home invasions [emphasis added] (latch key children, elderly, etc.), providing accidental invasions, activity censorship, decisions and actions based upon inaccurate data, profiling, unwanted publicity and embarrassment, tracking behavior of renters/leasers, behavior tracking (possible combination with personal behavior patterns), or public aggregated searches revealing individual behavior.  Some of these threats have been studied extensively, such as behavior profiling.”  [emphasis added]

A further heavily discussed issue is that most customers might not be aware of these existing threats to their privacy.  [emphasis added]  Fine-grained meter readings would be enabled by default, and the legal framework could offer them the opportunity to opt-out in case they feel uncomfortable with this situation.  However, in case where personal privacy is at stake, many argue that it would be far better to offer an opt-in feature for services that require high-frequency readings (e.g., demand response management), and by default just enable low-frequency data for billing purposes.”

The authors of [10] further propose to distinguish between low-frequency readings for billing purposes that do not threaten privacy (one reading per week or month); and high-frequency readings (below a minute) that are required for running the technical infrastructure only and do not necessarily need to be linked to a certain individual.  [emphasis added]  While low-frequency data is sent directly to the utility and billing company respectively, high-frequency data can be processed in the next substation (where data is actually needed for load management algorithms) and are not being stored in the utility’s backend.  With this hybrid approach, basic billing services can be provided directly, while anonymized fine-grained meter readings contribute to technical services.  This essentially realizes a clear distinction between customer-specific data and technical data.”

“Finally, aggregation is the means that protect privacy best, since fine-grained meter readings are not stored at the back end and thus simply not available.”

“[9] NISTIR 7628: Guidelines for smart grid cyber security: vol. 2, privacy and the smart grid. Tech. Rep., 2010.

[10] Efthymiou C and Kalogridis G. Smart grid privacy via anonymization of smart metering data. In: Proc. of 2010 First IEEE International Conference on Smart Grid Communications, 2010:238–243.”

[Above selected quotations reprinted with permission from ETP, Engineering and Technology Publishing.  Articles were published in the International Journal of Renewable Energy and Smart Grid (IJRESG), (Vol. 1, No. 1), September 2012.]

The complete article may be viewed at the following link:


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.