Privacy Architectures: Reasoning About Data Minimisation and Integrity

Privacy by design will become a legal obligation in the European Community if the Data Protection Regulation eventually gets adopted. However, taking into account privacy requirements in the design of a system is a challenging task. We propose an approach based on the specification of privacy architectures and focus on a key aspect of privacy, data minimisation, and its tension with integrity requirements. We illustrate our formal framework through a smart metering case study.Comment: appears in STM - 10th International Workshop on Security and Trust Management 8743 (2014

From a Barrier to a Bridge: Data-Privacy in Deregulated Smart Grids

The introduction of so-called smart meters involves detailed consumption data. While this data plays a key role in integrating volatile renewable energy sources, a side effect is that it can reveal sensitive personal information. Concerns and protests led to a stopped smart meter rollout yet. In deregulated electricity markets, data-privacy is even more at risk: The UK, Texas and Ontario decided for a nation-wide communication intermediary in order to facilitate the exchange of the vast amount of smart meter data. However, this operational efficiency is achieved by the fact that an intermediary is a single point of failure. We present an approach based on encryption to secure the intermediary against privacy invasions and we can show that our prototypical implementation meets even restrictive requirements for large-scale data handling and processing. By aiming at customers’ confidence in smart metering, our solution might lay the ground for an ecosystem of energy services

Regulating intersectional activity : privacy and energy efficiency, laws and technology

Funding The London workshop upon which this article builds was kindly funded by the British and Irish LawEducation and Technology Association (BILETA) 2015–2016.Peer reviewedPostprin

EU Privacy seals project: Challenges and Possible Scope of an EU Privacy Seal Scheme. Final Report Study Deliverable 3.4

The objective of this report is focus on the challenges of implementing an effective EU privacy seal and its possible scope. It returns the focus to privacy and data protection, and presents further groundwork to feed into Task 4 of the Study (Proposals and evaluation of options for an EU-wide privacy seals scheme). Where relevant, research results and analyses of Tasks 1 and 2 are used. First, the report assesses the gaps in current privacy seal sector. Next, it highlights the advantages of, priorities for and possible scope of an EU privacy seal scheme. Eventually, four case studies (CCTV systems, cloud services, smart metering systems and biometric systems) illustrate the possible scope of an EU privacy seal scheme and demonstrate whether an EU privacy seals scheme would bring any added value to privacy and data protection.JRC.G.6-Digital Citizen Securit

Smart Meter Privacy: A Utility-Privacy Framework

End-user privacy in smart meter measurements is a well-known challenge in the smart grid. The solutions offered thus far have been tied to specific technologies such as batteries or assumptions on data usage. Existing solutions have also not quantified the loss of benefit (utility) that results from any such privacy-preserving approach. Using tools from information theory, a new framework is presented that abstracts both the privacy and the utility requirements of smart meter data. This leads to a novel privacy-utility tradeoff problem with minimal assumptions that is tractable. Specifically for a stationary Gaussian Markov model of the electricity load, it is shown that the optimal utility-and-privacy preserving solution requires filtering out frequency components that are low in power, and this approach appears to encompass most of the proposed privacy approaches.Comment: Accepted for publication and presentation at the IEEE SmartGridComm. 201