Digitalization is transforming the energy sector in both developed and developing economies. Every year, new tools and processes are altering energy providers’ business models and creating completely new ones. This changes how energy providers interact with their customers and allows new players to enter the energy market. Potentially, this can also help the energy sector decentralize, increase energy used from renewable sources, and provide energy access to the most remote communities.
But these technologies and models do come with costs, especially regarding the privacy rights of consumers, and the energy sector is simply turning a blind eye. It is time we take these risks as seriously as we take investing in new technologies – and prepare to deal with them.
The digital potential
New digital technologies such as sensors, data analytics and smart meters have reduced the cost of energy and made investments in new innovations less risky and more affordable for consumers.
These technologies can also help integrate renewables into energy systems. For instance, improved data linking between weather forecasts, e.g. wind speeds and energy system performances, help developers create technical specifications for new power-generating plants and assess their performance without testing them in the field first. Sensors and smart appliances also mean that we can now match energy demand with times when wind and solar energy is plentiful.
In remote areas where national utilities can’t afford to offer on-grid electrification, (private) companies offer electricity through local mini-grids powered by solar panels (photovoltaic) or hydropower systems. These mini-grids are often of high standards and include household meters that can be followed remotely. With these, companies can detect power outages quickly and predict equipment failures. This reduces costs of downtime and maintenance. The International Energy Agency (IEA) estimates that by 2040, sensors and smarter analytics could save more than USD 80 billion per year of power generation costs by companies.
Companies using smart meters can also monitor individuals’ electricity usage to better understand customer demand and make systems more efficient and responsive. In addition, companies can use this data to assess their customers’ ability to pay for energy. This, the narrative goes, reduces the risk that customers fail to pay their bills, and thus increases local energy entrepreneurs’ chances of setting up sustainable local energy systems.
The security uncertainty
As far as we know, private companies mainly collect data about when and where customers use energy and the bills they pay to energy providers. Where this data is stored and how it is managed is unclear and raises several questions – and challenges – about responsible use of data, privacy and security.
From other sectors we know that data is commercially valuable. Data trading occurs continuously, and ill-managed data can fall into the hands of the wrong people. There are many examples of technology companies combining data from a wide range of sources and misusing personal information to profile people, e.g. by health insurers, if data is personalized (algorithmic profiling). There are also fears of more direct types of misuse, like burglars who could find out when people are not at home, or behavioral scoring that combines data to try and find or even predict pregnancies, divorces, etc.
The fact that energy data is also used for other purposes than efficiency and cost reduction is clear from what the CEO of Pay As You Go (PAYG) provider Lumos Global says. As he puts it: “There will be a network of distributed generation assets compiling data about the customers and their payment relationships. [….] That network starts to get quite powerful because it allows us to lead into a number of new businesses such as microfinance.” This link between energy companies and microfinance should concern us. There is growing evidence in Kenya, for example, that people are running up considerable debts with multiple technology companies that provide credit at premiums far higher than those permitted under regulations applied to banks.
One of the risks specific to the energy sector is that companies can use data about an individual’s energy bill payments to assess their creditworthiness. Depending on the person’s payment records, this data could be used to blacklist them for future or other services. In this way, people could be (wrongly) excluded from accessing other services based on an expected inability to pay their bills. This is how their poverty is used against them. But also other variables like race or ethnic origins (algorithmic profiling, once again) can lead to possible exclusion and discrimination of certain groups, worsening existing inequalities.
In mature energy markets in the U.S. and Europe, smart metering has provoked debates about protecting consumers’ privacy rights. In these markets, there is relative awareness of the hazards, and privacy legislation including the GDPR is in place to protect peoples’ data. More targeted legislation is being discussed (e.g. by UK Data Service) because of warnings that current protection and legislation in Europe falls short (European Data Protection Supervisor).
However, these discussions ignore what is taking place in many developing countries, where large numbers of consumers will soon be encouraged to share their data despite a lack of safeguards. There are few to no oversight mechanisms to govern how their information is managed and shared.
Balancing costs and benefits
In going forward, much more attention must be paid to the risks of digitalization and the use of consumers’ data. Otherwise, we run the risk of jeopardizing people’s privacy rights on a massive scale. Privacy and security risks of data gathering should be put on the energy sector’s agenda.
Especially in countries without privacy legislation or legal protections for consumers, energy companies need to be more transparent about how they collect and manage energy data, as well as any ways in which they share that data with other entities. On this basis, they need to get consent from their customers in ways that are meaningful to those people. Recognizing that many people won’t have the time to fully investigate the risks related to their energy data themselves, they should learn from other sectors’ attempts to develop effective consent processes that give people a genuine choice to opt out, and reduce the amount of data that they collect to the absolute minimum needed. This means collecting, storing, presenting, reusing – but also destroying – data responsibly.
In short, the off-grid energy community must take responsibility for protecting their consumers’ data and safeguarding their right to privacy.