What we do

Privacy and Security

For public acceptance of Smart Metering, suitable privacy and data protection safeguards need to be in place so that consumers can be confident that their data is treated securely and their privacy is not infringed. Consumers also need to be properly informed about how their data are protected with basic and simple information. The Commission proposal for a General Data Protection Regulation may have an important impact on the way energy data from smart meters can be used and benefit consumers. This ESMIG paper includes explanations and recommendations on a privacy approach, data privacy info and data protection regulation.

Privacy by Design

In ESMIG’s view “privacy by design” means that the Smart Metering Infrastructure is developed in such a way that distinct information flows for different stakeholders can be identified, implemented and controlled. (See diagram 1)

From smart meter to MECO

The limited information collected by the organisation responsible for allocation the energy consumed or produced (in the context of his legal task) is one information flow that can be regarded as the legal basis for (Smart) Metering. This information has typically a low time resolution, such as monthly consumption readings and power quality data, but also covers alarms from the metering system such as tampering indications. Because of its nature this information flow has low privacy sensitivity, but should still be sufficiently protected.

From smart meter to Apps or ESCO

To give consumers the possibility to get more detailed insight in their energy consumption and/or production, additional information flows are generated by the meter. This information has typically a high time resolution, such as 1-10 seconds time base, so consumption/production patterns can be generated that can give insight in the energy profile households and specific in-home devices. In several EU member states, the consumer will be able to decide if this information is generated, where this information goes and by whom it can be used.

By making this distinction in information flows, not only consumers have better insight and control regarding the type of data and its destination, but it is also possible to take the appropriate measures for protection depending on the risks related to the disclosure of this information.

Privacy by Design


Diagram 1: Logical information channels of AMI

Please note that information flows and boxes in this diagram are logical and not physical. The information flows to and from consumers can be combined in one or multiple physical channels.