Last year, Recurve convened a Technical Advisory Group of data privacy experts and practitioners to consider how and where data access policies could be improved with the consideration of differential privacy. The Advisory Group is pleased to release the Energy Data Access: Guide to Leveraging Differential Privacy guide and the Privacy Explorer online tool to demonstrate a practical approach to using differential privacy in a risk-based data access framework.
Expanding distributed energy resources depends on providing secure access to and management of customer energy consumption data. In regulatory jurisdictions that have invested in advanced metering infrastructure, extensive debates have yielded a tapestry of policies to address who can access this data and how. Common threads in these policies include the recognition of customer ownership of data and utility power to dictate terms of access (for better or worse) to third-party vendors. Nearly all have defaulted to data anonymization and aggregation as critical strategies for privacy protection. Anonymization and aggregation, however, have severe limitations and weaknesses.
The application of differential privacy in the energy space transfers industry best practices in security to set standards for protecting and sharing energy consumption data. Adopting differential privacy steps beyond the more common regulations of conventional anonymization and aggregation, but without a basic understanding of how it could be applied, it's unlikely to be seriously considered.
The Energy Data Access guide demystifies differential privacy in the context of current energy data access frameworks, provides historical context, offers a structure for assessing risk in use-case development, and lays out tools to orient decision-makers and practitioners to the opportunities for expanding data access frameworks to include differential privacy techniques. The user guide is intended to help stakeholders and decision-makers develop risk-based data access guidelines appropriate to a jurisdiction's specific policy goals and objectives and provide tools to properly balance and communicate the trade-offs of privacy and usability of datasets.
The Energy Data Privacy Explorer online tool (explained in detail in the report’s final section) gives readers the opportunity to experience firsthand how the trade-offs between greater data granularity (and usefulness) and increased privacy protection work for a given data set. For a live example of applying differential privacy, please see the recently released study by the California Independent System Operator: Demand Response Advanced Measurement Methodology. This study would not have been possible without the robust privacy protections offered via differential privacy.
The energy data access guide also references primary resources used in current and historical energy data access debates. This structure offers readers, who may be at the beginning of a data access proceeding, a chance to leapfrog to issues that may be most pertinent to their context. In addition, the guide applies a systematic framework, called the "5-Safes," adapted from work done by Luk Arbuckle and Khaled El Emam, developed for protecting the much more sensitive category of healthcare data. This piecewise consideration of safe projects, people, settings, data, and outputs offers stakeholders and decision-makers a more structured discussion than those that have characterized data access proceedings of the past.
Recurve thanks DOE and NREL for their support and guidance in taking this next step to making differential privacy an accessible technical solution for improving data access. We also acknowledge that this work would not have been possible without the contributions of the voluntary Technical Advisory Group. Members contributed their time to discuss the issues covered in this guide to develop this final product. We thank them for their input and note that while the report reflects the views of the experts convened, it does not imply their endorsement of all of the content.
Join us for a webinar on Thursday, March 3 at 10:00 PT / 1:00 ET (register here) to learn more. Reach out to Carmen Best directly if you want to discuss including differential privacy in your data access plans.
Visit Recurve's Energy Data Privacy web page for a full view of our work on making differential privacy accessible for solving energy data access problems.