By Susan Lyon, Perkins Coie LLP
Many commentators are comparing the smart grid with Web 2.0. The smart grid, like Web 2.0, promises to be interoperable, collaborative and interactive, and it will collect, share and distribute vast amounts of user-originated data. When it comes to privacy, not only are the similarities striking, but far surpassing in potential impact. Web 2.0 can absorb and send out data that a user inputs into a phone or a computer. Smart grid can do the same but also can potentially reach into the home and absorb data about every electronic event in every room in the house. It can translate that data into far more intimate profiles about a consumer’s daily life. Given these obvious parallels, it makes sense to look at the lessons learned from Web 2.0 to help predict the privacy pitfalls that might arise in a smart grid environment.
Consumers are generally not as tech-savvy as engineers.
Please Rob Me (http://pleaserobme.com), a site that highlights the privacy risks of location-based services tied to popular social networking services, is the subject of the latest bit of controversy to arise in Web 2.0. The site displays on one convenient Web page all the real-time postings of anyone who has announced through FourSquare and similar social media platforms that they have left their home. Intended to be humorous, Please Rob Me also makes a scary point about the heightened privacy risks that arise when dealing with information about people’s homes. In addition, the Please Rob Me story serves as a good starting point to discuss some of the lessons from Web 2.0.
One would think that consumers would have learned by now that what is posted on the Internet might make someone a target for bad consequences. But, instead, most people are somehow surprised to learn that posting comings and goings to the world might lead to breaking and entering. This highlights one important lesson smart grid developers should take from Web 2.0: Consumers are generally not as tech-savvy as engineers. They do not often realize the indirect implications of their actions when using new technology.
Consumers do learn eventually, and privacy will matter to them.
Consumers may at first be slow to understand the privacy implications for shiny, new online gadgets presented to them. Another thing learned from Web 2.0, however, is that consumers do learn eventually. Privacy-related incidents about individuals losing their jobs over posts criticizing their employers or revelations of sexually-explicit chats of public figures often make for spectacular news stories. Moreover, the Web 2.0 world is its own means for virally spreading these news stories and educating consumers about its own privacy risks. Then there are privacy-savvy people like the three guys who created the Please Rob Me site who will continue to use social media to make the point about the dangers of privacy. Clean-tech companies need to understand that privacy will be just as interesting a topic in the smart grid environment as it has been in the social media space. This will be especially true once people start to understand and use smart grid devices and services and as smart grid-related privacy incidents begin to occur.
Privacy failings will haunt your company, not the consumer.
When customers do learn about privacy failings, they will not be mad at themselves. Instead, they will blame the company they feel should have protected them. Popular social media sites in the past have taken the attitude that users should educate themselves to the consequences of their actions, or the sites assume users do not care because they choose to share so much about their personal lives. These same sites are often surprised to find themselves the subject of riots and protests over privacy-impacting changes.
The consumer wants to be in charge.
Consumers want to share their information and use information-sharing technology to benefit themselves and society, but they also want to choose what they share and with whom they share it. So they will demand control. Web 2.0 companies have learned that customers expect companies to anticipate privacy risks for them and build in the appropriate controls to give customers choices about their information.
It’s smart to plan ahead for privacy pitfalls.
Many smart grid companies are at even greater risk of being surprised by privacy issues. The energy world has traditionally held little data about individuals and has had few privacy issues to worry about beyond keeping billing information private. Thus, as compared to online companies even in Web 1.0., utilities and many clean-tech companies have far less experience dealing with privacy issues. Many of these companies are even reticent to acknowledge privacy issues as they have a philosophy that they own customer data and do not need to share it.
Customers also have had little desire to know more about their energy usage or share it with others, and they have few privacy concerns about their electric utility. A monthly energy bill says very little about an individual customer. As the smart gird develops and more smart appliances are plugged into the grid and more granular data about energy usage patterns is collected, revealing information such as when a customer showers or goes to bed will be collected. Customers will want that data protected and will assert their rights over it. Further, with rising energy costs and other incentives for customers to conserve energy and use it more efficiently, more customers will want access to that data for themselves and for companies that provide energy saving solutions.
Privacy can make or break consumer trust.
Finally, although there are many other privacy lessons to learn from Web 2.0, one of the most important lessons is that privacy is a key component of customer trust. Trust, in turn, is essential when you are encouraging customers to adopt new and different technology. The smart grid has already had its share of hurdles in gaining customer acceptance. Smart meters have faced opposition in certain communities over allegations of health risks and bill increases. If issues relating to personal customer information are thought of in advance and handled properly using the lessons learned from Web 2.0, privacy does not need to be one of the hurdles for customer adoption of smart grid technology.
Susan Lyon is of counsel at Perkins Coie LLP [http:// perkinscoie.com/slyon]. She advises social media companies, tech companies and clean-tech companies on privacy and data security issues. Her views do not necessarily reflect the views of her clients or her firm. Susan is also an avid user of Facebook, Twitter and Linkedin. Although her posts may sometimes reveal when she is not at home, followers should note her husband works out of their home which is patrolled constantly by two very large neurotic dogs.