Canadian Privacy Commissioner: Beware the Smart Grid

Canadian Privacy Commissioner: Beware the Smart Grid

There have been increasing concerns that the Smart Grid may be vulnerable to cyber attack. Now Ontario's information and privacy commissioner warns that the grid may represent a significant privacy threat as well.
tweetmeme_url = 'http://www.greenercomputing.com/blog/2009/08/04/canada-beware-smart-grid’; &nbsp digg_url = ‘http://www.greenercomputing.com/blog/2009/08/04/canada-beware-smart-grid’;
Ann Cavoukian, Ontario's information and privacy commissioner, told the Toronto Star that the Smart Grid could present very serious privacy concerns. She made her comments in the wake of information about 179,000 Toronto Hydro e-billing accounts being stolen. According to the Star:
Cavoukian, who is investigating the breach, sees it as a wake-up call of sorts as utilities begin to modernize their networks and embrace communications technologies to better interact with customers.

She mentions Google and its plan to work with certain utilities -- Toronto Hydro included -- to demonstrate its new residential energy management tool, Google PowerMeter. Are the proper policies in place, for example, to make sure your personal information as a customer is protected when it's handed over to Google?
Later on, Cavoukian tells the Star:
"The smart grid is a good idea, and I'm certainly in favour of it. But the focus is so much on controlling energy use that I think the privacy issue is a sleeper; it's not top-of-mind."
These kinds of issues could be particularly dangerous for enterprises looking to the Smart Grid to green IT and data centers. Connecting to the Smart Grid could conceivably give one more access point for those looking to gain access to information that the company would prefer not to share with competitors or the world.

Just as bad, it could be a way for hackers to steal information about an enterprise's customers, with disastrous results.

Cavoukian's comments comes on the heels of a presentation at last week's Black Hat security conference where a security consultant demonstrated how a smart meter could be easily hacked in order to plant a worm that could in turn self-propogate and take over other smart meters.

All this isn't to say that IT staff shouldn't be looking to the Smart Grid --- the Smart Grid will become one of the most important ways to help green enterprises. But it does mean that it's time to start re-writing security procedures and protocols to ensure that the grid doesn't expose information enterprises would rather remained private.