A privacy campaign group has called for an investigation into the collection and storage of data on electricity usage in about one million Irish homes through smart meters by ESB Networks.
Digital Rights Ireland has claimed that the semi-State company is collecting far more data than is required for billing purposes through the smart meter programme and that it has not given notice to customers about the collection and processing of this data.
ESB Networks has been installing smart meters since 2020 with the aim of replacing every electricity meter in every home with a smart meter by 2024. About 800,000 such meters were installed by last summer and this is expected to increase to about 1.1 million by the end of this year.
Since the start of last month, ESB Networks has been reconfiguring smart meters so detailed half-hour data from customers is being collected and stored in a centralised database.
Digital Rights Ireland claims this has been done regardless of whether customers consent to the processing of their data or not. It has questioned the legal basis for the collection of the data and has called on the Data Protection Commission (DPC) to investigate what the company is doing.
In response to queries, the DPC said it was looking into the legal basis on which ESB Network was collecting the information.
A spokesman for ESB Networks said that it was satisfied that the smart meter programme was “being delivered in compliance with applicable data privacy laws”.
The company said it had “an obligation” under Irish law enforcing EU law to “make granular consumption and export data, already recorded on smart meters, readily available to customers”.
‘Safe and secure’
It denied that it was not being transparent about what it was doing, saying that information on the programme had been published on its website and that this included a data protection impact assessment. The company has said that all personal data collected was “safe and secure”.
Digital Rights Ireland queried the company’s data protection impact assessment, saying that it did not address the necessity and proportionality of the proposed data collection.
The group said that ESB Networks had initially told customers that only the minimum amount of data would be sent to the company’s management system that was necessary to provide to a customer’s supplier for billing the tariff or plan that had been selected.
“ESB Networks has now done exactly what it promised it would not do,” said TJ McIntyre, chairman of Digital Rights Ireland and an associate professor of law at UCD.
“ESB Networks is harvesting detailed half-hour consumption data that is not required for billing, without any consent from customers. There is no basis in law for this data collection.”
Asked about the privacy rights group’s claims, the DPC said that ESB Networks had told the watchdog that it was “collecting interval data necessary to comply with the requirements of the EU Clean Energy Package”.
DPC deputy commissioner Graham Doyle said it was examining the law on which the semi-State company was relying for the data collection “to establish if this imposes an actual legal obligation on ESB Networks, as contended by it, or whether ESB Networks is required only to make this interval data available on request of customers or on demand”.