Impact of General Data Protection Regulation (GDPR) on Smart Meters and Smart Pumps

European Union (EU) water and energy utilities generate, collect, as well as process raw operational data and customer data through smart devices such as smart meters and smart pumps into meaningful optimization strategies. New technologies such as Industrial Internet of Things (IIoT) technologies coupled with dynamic market conditions are aiding the growth of utilities. Companies are focusing toward data-driven strategy that is resilient to market uncertainties. However, with the adoption of General Data Protection Regulation (GDPR), water and energy utilities are faced with the greater challenge of maintaining data protection and privacy for their customers. Europe is expected to increase installation for water smart meters by 25%-30% in the next 7-8 years from the current installed base of 10 million units. In addition, by 2020 EU plans to replaces 80% of electricity meters with smart meters. Electricity and gas sectors are expected to witness installation of additional 200 million and 45 million smart meters, respectively, by 2020. Unless cognizant of the requirement, functions and caveats of GDPR, utilities will face hurdles in implementing their strategies concerning connected devices.

What is General Data Protection Regulation?

General Data Protection Regulation (GDPR) is an EU regulation pertaining to data ownership, protection of the European Union citizen’s personal data. Adopted on April 27, 2016, GDPR will replace 1995 Data Protection Directive (Directive 95/46/EC), when it becomes enforceable from May 25, 2018. The compliance requires EU companies to protect and provide privacy to the individual’s personal data. The extended scope includes non EU companies that process data of EU residents. However, data processed for national security and employment context are exempted and are subjected to individual country regulation.

Key Definition and Guidelines of GDPR impacting the Utility Companies

GDPR has following definition and guidelines affecting the data of EU citizens:

Definition of personal data under the GDPR: The definition applies to any information relating to a person, which could be used to directly or indirectly use to identify the person. It includes name, identification number, location data or online identifier among others. This means that utilities utilizing the location data of customers to enhance the customer experience will have to inform customers about the purpose of data.
Definition of Data Processing under Article 4(2) and (6) of the GDPR: It includes collection, recording, structuring, storage, transmission, dissemination, and destruction, retrieval of personal data among others by manual or automated means. For utilities companies, collecting, storing and transmitting of customer data from smart meters within the company or to a third party data management service provider requires consent of the customers. Under article 29 of working party opinion 03/2013 on purpose limitation (WP 203), companies are obliged to let the customers know the purpose of processing of personal data.

Impact of GDPR on Smart Meters and Smart Pumps

With increased adoption of IIoT technologies such as Big Data, cyber security, cloud migration and computing by European water utilities, there is an unprecedented requirement for smart and connected devices such as smart pumps and smart meters. Besides enabling remote monitoring, smart pumps or pumps with variable frequency drives (VFD) result in substantial reduction of energy cost as well as downtime cost for the total pump life cycle. Predictive analytics based on the data generated by smart pumps is enabling energy-efficient pumping solutions for end users. Similarly, data generated by smart meters are enabling water utilities to understand the customers’ water usage pattern, pinpoint water leakages in the pipeline, and track abnormal wastages. Water and Energy utilities, albeit at a nascent stage, are adopting the benefits of data generated by smart meters and are working towards building efficient advanced metering infrastructure (AMI). On the whole, smart pump and smart meter are expected to become a vital infrastructure for water utilities in optimizing and transforming the sector.

Listed below are a few implications of GDPR that are expected to impact the growth of smart pumps and smart meters by water and energy utilities.

Smart Meters were developed as part of the energy market integration process as part of the 2009 Third Energy Package. EU provided the residents with the right to switch service providers and have clear understanding of the energy bill produced. Furthermore, 2012 Energy Efficient Directive (EED) with its guidelines on measurement of metering and billing, made smart meters critical component in implementing the directive. In addition, 2016 Clean Energy Package aids the fundamental change for the EU utilities market, where decentralization and higher level of flexibility through smart meters are given importance. However, with the imposition of GDPR coupled with lack of procedure to provide customers with purpose and process of data management, there is an anticipated drop in the level of adoption of smart meters by the customers. This impacts the basic purpose of smart meters and strategy of the energy directives.
Data Portability and Right to be Forgotten: Under article 29 of the GDPR, customers have the right to switch between service providers and the same time decide what amount of data to be transferred to the new service providers and what amount of data to be forgotten. This will mean that utility service providers have to invest substantially in making the current IT infrastructure robust and adaptable to customers’ requirements. Investment will be in millions for these utilities, which have so far focused only on improving operational efficiency through their 5-year strategy plans.

Conclusion

Implementation of GDPR will be a key strategy imperative for companies with business in EU. Framework related to data portability and right for customers to be forgotten will largely impact the sectors using smart devices. GDPR will enable usage of smart devices such as smart meter and smart pumps with greater security and privacy of the data. Utility companies will have to invest infrastructure, systems, process, and people to gain visibility over data management. This would mean understanding how the data are used and why, followed up by regular audits and different authorization and access levels for data management by the utility companies. In addition, as mandated by GDPR, companies are required to appoint a Data Protection Officer (DPO), whose sole responsibility is ensuring compliance with the GDPR. GDPR will make the sector more efficient, transparent, and significant for improving customer service and purchase experience. However, non-compliance of GDPR will be fines up to 4% of turnover of the company or €20 million.

GDPR will drive the smart devices market, rather than de-rail its growth. With a regulated benchmark for customer related data, customers are expected to install more of smart pumps and smart meters due to the resulted transparency of their data. Utility companies have to proactively invest in intelligent process, procedures, and systems to maintain the transparency over the data management.

Cookie	Duration	Description
__cfruid	session	This cookie is set by the provider Cloudflare. This cookie is used for load balancing and for identifying trusted web traffic.
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
_PCCID	5 years	Identifies the visitor across devices and visits, in order to optimize the chat-box function on the website.
_PCCSID_363163	20 minutes	Required for functioning of the Pure Chat box.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
JSESSIONID	past	Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
aka_debug	session	This cookie is set by the provider Vimeo.This cookie is essential for the website to play video functionality. The cookie collects statistical information like how many times the video is displayed and what settings are used for playback.
bcookie	2 years	This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	1 day	This cookie is set by LinkedIn and used for routing.
player	1 year	This cookie is used by Vimeo. This cookie is used to save the user's preferences when playing embedded videos from Vimeo.
vc	never	This cookie is set by addthis.com on sites that allow sharing on social media.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_ga_6JHN0QW8FW	2 years	This cookie is installed by Google Analytics.
_gat_gtag_UA_197764616_1	1 minute	This cookie is set by Google and is used to distinguish users.
_gat_gtag_UA_53927943_3	1 minute	Set by Google to distinguish users.
_gd_session	4 hours	This cookie is used for collecting information on users visit to the website. It collects data such as total number of visits, average time spent on the website and the pages loaded.
_gd_svisitor	session	This cookie is set by the Google Analytics. This cookie is used for tracking the signup commissions via affiliate program.
_gd_visitor	2 years	This cookie is used for collecting information on the users visit such as number of visits, average time spent on the website and the pages loaded for displaying targeted ads.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
CONSENT	16 years 4 months 10 days 14 hours	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.

Cookie	Duration	Description
bscookie	2 years	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.
i	never	The purpose of the cookie is not known yet.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.
yt-remote-connected-devices	never	These cookies are set via embedded youtube-videos.
yt-remote-device-id	never	These cookies are set via embedded youtube-videos.
yt.innertube::nextId	never	These cookies are set via embedded youtube-videos.
yt.innertube::requests	never	These cookies are set via embedded youtube-videos.

Cookie	Duration	Description
__wpdm_client	session	No description
_an_uid	session	No description available.
_techvalidate_session	session	No description
6suuid	2 years	No description available.
et_pb_ab_view_page_63974	session	No description
li_gc	2 years	No description
ppwp_wp_session	30 minutes	No description
raygun4js-userid	never	Description unavailable.
ruid	6 months	No description
sync_active	never	No description available.
thirdPartyCookiesEnabled	1 day	No description available.
visitorId	1 year	No description

Impact of General Data Protection Regulation (GDPR) on Smart Meters and Smart Pumps

Recent Posts

Select Your Transformation Journey

Schedule Your Growth Dialog™

Solutions

About Us

Media & Partnerships