The real reason to fear SmartMeters: Privacy

So I guess “SmartMeters” are coming. Not without protest in my part of the world. Here, we’re worried about health problems, but in other parts of the state, Pacific Gas & Electric has had to acknowledge problems with accuracy.

In fact, the health risk probably is less than that of using a cell phone. As PG&E spokesperson Paul Moreno points out, the distance between a SmartMeter and a person’s head is likely to be far greater than with a cell phone. Plus, assuming SmartMeters function as we are being told, the data burst should be far briefer than most cell phone conversations.

I’m not seeing any reason for deception on these points; they really can do anything they need to with relatively low power. So I assume that health problems are minimal and that accuracy issues can be fixed. I’m worried about privacy. According to PG&E,

The solid-state digital SmartMeter™ electric meter records hourly meter reads and periodically transmits the reads via a dedicated radio frequency (RF) network back to PG&E. Each SmartMeter™ electric meter is equipped with a network radio, which transmits meter data to a electric network access point (pictured below). The system uses RF mesh technology, which allows meters and other sensing devices to securely route data via nearby meters and relay devices, creating a “mesh” of network coverage. The system supports two-way communication between the meter and PG&E. SmartMeter™ electric meters can be upgraded remotely, providing the ability to implement future innovations easily and securely.

SmartMeter™The electric network access point collects meter data from nearby electric meters and periodically transfers this data to PG&E via a secure cellular network. Each RF mesh-enabled device (meters, relays) is connected to several other mesh-enabled devices, which function as signal repeaters, relaying the data to an access point. The access point device aggregates, encrypts, and sends the data back to PG&E over a secure commercial third-party network. The resulting RF mesh network can span large distances and reliably transmit data over rough or difficult terrain. If a meter or other transmitter drops out of the network, its neighbors find another route. The mesh continually optimizes routing to ensure information is passed from its source to its destination as quickly and efficiently as possible.

That’s a good basic description of electric meters. But important details are missing. And there are significant differences from gas meters:

The SmartMeter™ gas system uses point-to-point RF technology to transmit gas usage data from SmartMeter™ gas modules back to PG&E over a dedicated, secure wireless network. Due to the simpler data requirements of the gas system, the SmartMeter™ gas system supports only one-way communication from customers to PG&E. PG&E attaches the SmartMeter™ gas module to the traditional gas meter. This module is outfitted with a radio frequency (RF) transmitter. The module records daily meter reads and then uses an RF signal to transmit the reads to a data collector unit (see below) in the vicinity.

They say that the data requirements for gas are “simpler” than those for electricity. Why? And why won’t gas meters require software upgrades like the electric meters?

And why are we to applaud that meter readers will presumably be laid off? PG&E’s argument boils down to customers being able to log into a web site and track their hourly electric usage and daily gas usage–suggesting that this is how often data is collected–to take advantage of discounts for off peak usage.

That seems a bit odd. There’s no great mystery when peak electric usage occurs. The Consumer Energy Education Group (which apparently focuses on Delaware, not California) says on their web site that, “In the U.S., this occurs in the afternoon, especially during the summer months when the air conditioning load is high.” Gee. That’s pretty much what I thought I’d heard before.

PG&E could provide specific peak hour and off-peak hour pricing information on its web site; customers who were so inclined could react accordingly, and the data could be collected once a month–for a monthly billing–rather than once an hour (for electric) or once a day (for gas). It’s the relatively constant data collection that catches my attention.

PG&E says that, “in the future,” you can be “notified by email, text message or phone when your electric use is moving toward a higher-cost tier;” and that the company will “be able to pinpoint power outages and restore your power faster.” In addition, they’ll “be able to resolve service problems more easily and, in many cases, without a visit to your home or business.” The last of these “benefits” sounds far too vague to be of any meaning. The ability to “pinpoint power outages” can be accomplished principally at the network access point level, which could then, where necessary, ping meters to see which ones had power to respond–hourly reporting is simply not particularly useful to this end. And that these benefits are, for now, vaporware suggests that they aren’t the reason for this frequency of reporting in the first place.

I’m presently reading a book by Jacques Ellul, The Technological Society. It’s old, originally published in French in 1954, and in English in 1964. This is thinking that’s fundamentally older than I am. And I think it’s on the edge of being too deterministic. But he’s concerned about how technology has taken over civilization, that the ability to do things makes it compulsory to do them.

For instance, Ellul writes of the atomic bomb,

It was, then, necessary to pass through the period of research which culminated in the bomb before proceeding to its normal sequel, atomic motive power. The atomic-bomb period is a transitory, but unfortunately necessary, stage in the general evolution of this technique. In the interim period represented by the bomb, the possessor, finding himself with so powerful an instrument, is led to use it. Why? Because everything which is technique is necessarily used as soon as it is available, without distinction of good or evil. This is the principal law of our age. We may quote here Jacques Soustelle’s well-known remark of May, 1960, in reference to the atomic bomb. It expresses the deep feeling of us all: “Since it was possible, it was necessary.” Really a master phrase for all technical evolution. (p. 99)

While there is something to be said for the fact that we now possess and retain even more powerful nuclear weapons, despite the fact there is no conceivable circumstance in which we would actually use them, and despite the fact that their only use is inherently criminal, it is also the case that we have not used them since the end of World War II. Their present function as “deterrence” is grossly inefficient and certainly not a rationale of technique. But we keep these weapons nonetheless and there are powerful forces within the defense and political establishments–not to mention those segments of the economic establishment which benefit from their production–which resist giving them up.

The example of nuclear weapons suggests that Ellul overstates the matter when he suggests that any available technology must be used. But we can also see that any capability will not lightly be abandoned. Even if SmartMeters perform precisely as advertised and offer no additional capabilities, I cannot help but be concerned by the accumulation of ability to collect data on a much more immediate basis than the application actually requires.

But long before Total Information Awareness, Ellul also wrote this:

The police must be independent if they are to become efficient. They must form a closed, autonomous organization in order to operate by the most direct and efficient means and not be shackled by subsidiary considerations. And in this autonomy, they must be self-confident in respect to the law. It matters little whether police action is legal, if it is efficient. The rules obeyed by a technical organization are no longer rules of justice or injustice. They are “laws” in a purely technical sense. As far as the police are concerned, the highest stage is reached when the legislature legalizes their independence of the legislature itself and recognizes the primacy of technical laws. (p. 133)

When I read this, I am thinking not of the local police force–though they’re quite dangerous enough–but of intelligence agencies increasingly tasked with domestic spying duties that Obama has done nothing even to curtail, let alone to abolish. And while the accumulation of data in the successors to the Total Information Awareness program is far from efficient, its aim is nonetheless the accumulation of every possible piece of data about everyone. Ellul, again:

To be sure of apprehending criminals, it is necessary that everyone be supervised. It is necessary to know exactly what every citizen is up to, to know his relations, his amusements, etc. And the state is increasingly in a position to know these things. (p. 100)

Joe Conason, in It Can Happen Here, describes present efforts:

The truly mind-boggling objective of these programs is to compile a database that includes everything about everyone–and to invent algorithms that can trace patterns to identify criminals and terrorists within the abstract universe of bits and bytes.

“Mind-boggling” is not the term I would choose. I would choose, instead, “alarming.” This is alarming because there is simply no piece of data that cannot be misinterpreted, some way, somehow. This is a critical problem for quantitative research that qualitative research attempts to mitigate. It is an even larger problem for those who are professionally paranoid, mining (this is itself a suspect methodology) massive quantities of inherently quantitative data for patterns which they may use to rationalize any action against anyone. Conason continues:

If such an ambitious concept seems familiar, that could be due to its close resemblance to the spooky-sounding Total Information Awareness project, which crashed and burned (or at least went into hiding) under intense publicity in late 2002. Housed in the Pentagon’s ultra-high-tech Defense Advance Research Projects Agency, the TIA program was directed by John Poindexter, the retired navy admiral, former national security adviser to President Reagan, and Iran-Contra criminal defendant. . . .

What Poindexter was doing for the country was aptly symbolized by his project’s symbol, an occult pyramid topped by an all-seeing eye, gazing upon a globe — and its motto, “Knowledge is power.” His goal was to create a gigantic matrix to trace enemies of the state by amassing and analyzing every last speck of data in cyberspace, from electronic tolls to Orbitz tickets to motel charges and far more. When a Pentagon bureaucrat like Poindexter says “everything,” he means literally every income tax return, every medical record, every telephone bill, every credit report, every bank-card swipe, every movie ticket, every book, and everything else that isn’t paid for in cash, plus every e-mail sent by anybody anywhere. . . .

This overweening scheme raised alarms from critics left to right, and none louder than William Safire, the old libertarian Republican who warned in the New York Times that Poindexter would soon exercise unprecedented power to invade every citizen’s privacy. Actually, Poindexter and his colleagues were developing a prototype system that was not quite ready to mount the final Orwellian invasion of everyone’s personal space. But TIA certainly aimed to breach all boundaries between commercial and governmental information systems, wiping out the distinction between public and private to an extent that was difficult to imagine. (pp. 188-190)

Congress killed TIA but Conason writes that “the same work, performed by the same consultants and scientists, was simply moved to another agency–the Advanced Research and Development Activity (ARDA), based at Fort Meade, Maryland, in the headquarters of the NSA.” It was now called “Basketball.” And TIA was only the best known such effort.

In short, we can assume that every piece of data collected by any corporation in the United States may well wind up in the National Security Agency’s computers. PG&E’s SmartMeters are probably not a particularly egregious example. But I can’t tell you exactly what’s inside those boxes. And I don’t know how you can trust anyone to tell you. Nor can I tell you that their capabilities won’t be augmented in some invasive way at some future date.

When it comes to health concerns, I probably won’t hang out for long periods of time in the corner of the house nearest the meter. But a computerized box attached to my house reporting to the NSA at an excessive rate makes me distinctly nervous. I’d really rather my meter reader kept her job.