Now, with smart meters, the data is going directly to the utilities, many times by Wi-Fi. The fact that somebody driving by might pick it up, and from the data they could gather all sorts of information regarding the types of appliances you are using, where you are in the house, and so on. So there are many different privacy issues related to this. What if appliance manufacturers get this information? Are they going to start trying to sell a household their product to replace their inefficient one that they see you still have?
CSOonline: It sounds like it's possible to find out much about a person and their household from their power usage.Yes, the impact is broad. Consider divorce settlements. Will it be possible to prove that your spouse or ex-spouse was doing something they should not have at 3:30 in the morning in the hot tub based upon your energy consumption record? With the private electric vehicles, are you going to be able to tell exactly where somebody was at any point in time based upon their charging records?
By looking at the utility bill, would you be able to see when someone was traveling and so on? Would home insurance companies, by knowing whether or not you are using an inefficient appliance, potentially deny you coverage because they could show that you were using appliances that were in violation of the home insurance policy?
Then there are employers. What if you had something personal happen, and you told your employer that you were sick, and you lose because they could tell from your PEV -- your electric vehicle charging records -- that you were actually out in Las Vegas doing stuff that day. The examples are just unlimited, and more and more people are having concerns.
The NISTIR 7628 was a start, and we listed a number of important issues, and that work is continuing. Expect more work products from the group coming out very soon.
CSOonline: Are there other areas where you see potential privacy flaps in 2012?Social media is always a concern, and I think the integration of social media use by businesses and other organizations is going to continue to raise new privacy concerns. For instance, hospitals and physicians and other groups are promoting the use of social networking sites by physicians to help their patients, which, of course, sounds like a great idea. But then you dig into what happens, especially when the physicians do not know how to use the social network very well, information about their patients gets posted for the whole world to see.
Here's a recent, and shocking, example. A vendor that provides hospital systems had a type of authentication device. And they were encouraging the hospital staff to just use their Facebook passwords so they could automatically link their Facebook account with their system. And this device provided access into the patient care system! "It would make it really easy to manage," they said. So this connection of social networking devices to non-public systems like that will be another area that is going to see increasing numbers of privacy concerns.
Sign up for CIO Asia eNewsletters.