privacy protection for customer’s usage data, including provision of data to an authorized third party or utility contractor.
As directed by the Commission’s December 2009 decision on EISA requirements, a process was initiated to create a record that will permit the adoption of privacy and security protections, and ensure that consumer privacy is adequately addressed. In order to assist the Commission in the creation of those rules, the Commission requested PG&E, SCE, and SDG&E to file comments that answer the following questions:
What customer energy usage data does the utility expect to generate or currently generates (including the frequency with which such data will be generated)? Does the utility provide customers with access to that data today? If not, when is the target date for providing such access? With whom do you propose to share that data? How do you currently use such data (including the relevance of such data to the intended uses), and how long will the data be maintained?
What are the current privacy protections and data exchange rules that apply to this data? What privacy protections and data exchange rules does the utility propose that the Commission adopt?
Does the utility currently provide usage data to third parties? If so, what are the consumer protections and security provisions that apply to that information?
What policies does the utility follow in responding to requests or demands for disclosure of such data from law enforcement, other government agencies, and civil litigants, including what policies will the utility follow in providing consumers with notice when a request or demand is received?
Does the utility provide the customer with access to pricing data associated with their usage? If so, what does the utility communicate and when and how is the price communicated? What price information does the utility believe would be most useful to a customer?
Additionally, the Commission requested third parties who are interested in securing customer data to answer the following questions:
What home energy usage data do third parties currently obtain, expect to obtain, or will seek to obtain? How does the third party use or expect to use the data (including the relevance of the data for the expected uses)? To whom do third parties expect to disclose the data, and how long will the data be maintained? How does a third party