Who Has My Data? Illuminating Renters’ Smart Meter Privacy ... ?· Illuminating Renters’ Smart Meter…

Download Who Has My Data? Illuminating Renters’ Smart Meter Privacy ... ?· Illuminating Renters’ Smart Meter…

Post on 10-Jun-2018

212 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Who Has My Data?Illuminating Renters Smart Meter Privacy Concerns

    Germaine Irwin, NilanjanBanerjee, Amy Hurst

    University of MarylandBaltimore County (UMBC)

    1000 Hilltop CircleBaltimore, MD 21250 USA(germaineirwin, nilanb,amyhurst@umbc.edu

    Sami RollinsUniversity of San Francisco

    2130 Fulton StreetSan Francisco, CA 94117 USA

    srollins@cs.usfca.edu

    1. INTRODUCTIONSmart meter installations have increased in the United

    States as energy companies seek to gain greater control overenergy consumption of its customers. Numerous consumerbenefits are touted for gathering this information, however,renters whose utility costs are included within their monthlyhousing payment are overlooked in these discussions. Theserenters often do not have access to their own utility con-sumption data. Often, this information is in the hands oftheir landlord or even a third party billing company. Arethese renters aware of who owns and controls this data orthat this information can be used maliciously? This workseeks to understand the privacy and usability issues of smartmeter data collection for this population.

    2. BACKGROUNDWith the advent of the smart grid for energy aggrega-

    tion and distribution, many states have seen deployments ofsmart meters to their homes. Smart meters collect granulardata on energy consumption habits within each home. Theyenable two-way communication between the meter (and theinhabitants activities) and the electric companys centralsystem. Energy companies have been touting the benefits ofsmart meters, including [1]:

    Energy budgeting and tracking Personalized energy efficiency tips Peak event reports and savings summaries Peak event web notifications Smart energy pricing programs

    While the above has advantages for consumers, there aremany privacy and security issues that have been uncovered,including discovering personal habits of residents, when res-idents are home or not, what activities they are doing whenthey are at home, regulation of energy by the electricitycompany and selling personal data.

    Unfortunately, residents are often unaware of the privacyissues that arise from these installations. Such issues as col-lecting granular data that illustrates daily habits, enablingowners of the data to potentially sell the information [7].

    3. RENTERS DATA INTEGRITYMuch research has been completed regarding privacy is-

    sues and concerns that have arisen in the wake of smart

    meter deployments. Many have discussed ways to increasesecurity via hardware [2], such as new types of authentica-tion schemes, and others have discussed novel encryptionmethods for sending and receiving this data [3, 2, 6].

    Most of the solutions mentioned, however, do not engagethe consumer at all. Unfortunately, these solutions still leavemany questions as well a privacy gap within non-traditionalhousehold and billing structures.

    3.1 Landlord & 3rd Party AccessWhile conducting a recent interview study on energy con-

    sumption context [5], three renters out of 10 stated they donot have access to their energy bills or data because utilitycosts were included in their rent. We also learned from 2 par-ticipants who lived in subsidized housing that their utilitycosts were also paid for by city or federal governments. Thistype of billing begs the question as to who has access to thisdata. If the household is equipped with a smart meter, thelandlord then has the ability to discern activities within eachof his/her housing units [7, 8]. This data collection can pro-vide detailed information about household activities withoutinvolving the user at all. Possibilities exist within the smartgrid to extract patterns of usage from smart grid/smart me-ter data without having any prior training with statisticalmethods [8].

    Any entity that has fine-grained energy consumption datacan infer the customers lifestyles and habits (e.g., times ofabsence and even concrete activities like watching TV orcooking) [7] Thieves can monitor movement to discover besttimes to conduct a burglary. Marketers could buy this datato understand user habits in order to sell more products.

    Motivated by the above observations, this work studiesthe following research questions:Who should have access to renters smart meterdata? We would like to understand the options for access tothis data by landlords and tenants, which would include de-termining the feasibility of multiple accounts being createdfor each household. Also, if the data is aggregated (becauseit is building costs, not per unit costs), then discovering op-tions to make residents aware of privacy issues when renting.

    What is the prevalence of 3rd party billing? Fromour interview study [5], we also discovered that some hous-ing management offices utilize a 3rd party to manage utilitybilling and collection. In this case, who has access to res-idential data? Does this mean the 3rd party can now also

    1

  • discern residential habits, such as when people are home ornot, what kind of utilities they use at what times, their us-age of certain appliances, even movement through the houseor when they walk the dog. This is a concern since anotherentity that is unknown to the renter can see the habits ofthe household residents. There is a potential for them tosell this data and, if they can access the data, they havecontrol or lack of control of the data, meaning potential foradditional security breaches.

    What is done with the information on each house-hold? As stated, renters are often unaware that this dataexists, who has access to it, or the potential security issuessurrounding the situation. How can renters be made awarethat a 3rd party has access to their data and what couldpossibly be done with the information? We intend to ex-tend the study in order to understand the prevalence of 3rdparty billing and if there are contracts in place for the data.

    Are there ways to share data with landlords andprotect the privacy of the household? Prior researchsuggests anonymizing the data as it is being exchanged be-tween the consumers meter and the electric company. Ad-ditively homomorphic encryption is suggested as a solution,which entails hiding individual consumer behaviors behindsmart meter grouping [4, 7, 6]. Similarly, Efthymiou andKalogridis [3] describe using a third party escrow serviceprovider that would anonymize the data so that individualsand their corresponding habits would not be discernible.

    Perhaps providing a visual interface to the landlords thatprovides enough information to understand billing detailswould be sufficient. Therefore, the course grained data couldbe reserved for the actual home residents. Separate inter-faces could be a solution.

    Another approach is masking data from the billing side,thus preserving metering goals of the utility companies [8].The authors suggest a three phase billing protocol for mask-ing data using Zero-Knowledge protocols. These phases in-clude registration, in which the data is encrypted with tagsand keys, tuple (usage data) gathering without revealingwhich tuples correspond to which smart meter, and recon-ciliation (the billing phase).

    Chim et al [2] propose an authentication scheme to pre-serve consumer privacy within the smart grid. In their sys-tem, consumers receive a smart appliance that connects toa tamper-resistant device ...for generating pseudo identitiesand signatures on message. This system addresses privacyissues with transmission of data from the consumers hometo the electricity supplier as well as attacks from any outsidesystems. Usability of these devices, however, add a layer ofcomplexity to the resident as well as potential space issueswithin the home if the devices have to be connected to eachsmart appliance.

    3.2 Smart Meter BenefitsBesides this privacy black hole, when residents do not have

    control of their data, the usability of a system that purportsto benefit consumers is called into question. How can resi-dents gain energy efficiency, tracking, budgeting and usagefeedback if they do not have access to their own data?

    How can we increase renters smart meter usabil-ity? These rental residents do not have an opportunity tosee advantages of the smart grid/smart meter technology.They are losing out on understanding their usage and po-tentially making energy usage changes. They may be envi-

    ronmentally conscious and want to know this information inorder to positively effect their environs.

    Since renters are unaware of this data and how it may beused, perhaps policy changes at the utility level regardingexternal accounts should be considered. Further researchcould determine if and why landlords may need this infor-mation for billing purposes or other reasons.

    At the very least, this is a usability concern since usersshould have control of their data so they can realize howthey are using energy and gain from potential feedback forsavings and potential to be more environmentally aware.

    4. CONCLUSIONSWhile privacy of the smart grid and smart meter deploy-

    ments have been much discussed as well as argued, the situ-ation of renters who dont have control over utility bills hasbeen overlooked. They often do not know who owns or hasaccess to their data. There could be 3rd party involvementwithout their knowledge, which could expose their personalhabits and choices on display for malicious attacks and mar-keting tactics. Finally, they are denied knowledge of energyusage that could be used to benefit their home lives. Furtherresearch would provide much needed answers.

    5. REFERENCES[1] BGE (http://www.bge.com/smartenergy) May 14,

    2014.

    [2] T. Chim, S. Yiu, L. C. Hui, and V. O. Li. Pass:Privacy-preserving authentication scheme for smartgrid network. In Smart Grid Communications(SmartGridComm), 2011 IEEE InternationalConference on, pages 196201. IEEE, 2011.

    [3] C. Efthymiou and G. Kalogridis. Smart grid privacy viaanonymization of smart metering data. In Smart GridCommunications (SmartGridComm), 2010 First IEEEInternational Conference on, pages 238243, Oct 2010.

    [4] F. D. Garcia and B. Jacobs. Privacy-friendlyenergy-metering via homomorphic encryption. InSecurity and Trust Management, pages 226238.Springer, 2011.

    [5] G. Irwin, N. Banerjee, A. Hurst, and S. Rollins.Understanding context governing energy consumptionin homes. In CHI14 Extended Abstracts on HumanFactors in Computing Systems, pages 24432448. ACM,2014.

    [6] G. Kalogridis, C. Efthymiou, S. Z. Denic, T. A. Lewis,and R. Cepeda. Privacy for smart meters: Towardsundetectable appliance load signatures. In Smart GridCommunications (SmartGridComm), 2010 First IEEEInternational Conference on, pages 232237. IEEE,2010.

    [7] F. G. Marmol, C. Sorge, O. Ugus, and G. M. Perez. Donot snoop my habits: preserving privacy in the smartgrid. Communications Magazine, IEEE, 50(5):166172,2012.

    [8] A. Molina-Markham, P. Shenoy, K. Fu, E. Cecchet, andD. Irwin. Private memoirs of a smart meter. In In Proc2Nd ACM Workshop on Embedded Sensing Systems forEnergy-Efficiency in Building, BuildSys 10, pages6166, New York, NY, USA, 2010. ACM.

    2