Citizens Advice response to Smart Energy Code Refinement Consultation on MP234 Addition of Public Task and Legitimate Interests into the SEC
We believe that the proposed solution will be negative for consumers in relation to their ability to control who can access their data. The Data Access and Privacy Framework, written by Government and reflected in supply licence conditions, is clear that consumers can choose which personal data they share with their suppliers. Customers have repeatedly and clearly said that trust is key for both smart meters and smart enabled products and services. 92% of those surveyed said it's important that customers are able to make choices about who accesses their data. We believe that the introduction of GDPR principles to access consumer smart data will open the door to many types of data-user using the GDPR principles to bypass the current stringent privacy protections.
There is a high consequential risk that consumer trust in smart meter data usage will be impacted negatively if consumers discover that third parties including Local Authorities, Social Landlords, or even commercial entities may be accessing their data without explicit permission and for commercial gain with no apparent benefit to themselves. This loss of trust in the smart meter environment may result in negative impacts to the wider smart meter rollout and to net zero accomplishment.
In addition, we believe that it is premature to introduce this modification when the Retail Energy Code has been tasked by Ofgem to design a Consumer Consent Solution (CCS) for energy data. The CCS will be developed with wide industry input via multiple workshops and consultations. It would be better to await the results of the CCS which will be transparent within industry and have higher visibility to the public via utility press updates. The development of the CCS will likely engender greater public confidence compared to the SEC modification which could be introduced with relatively few parties inputting to it and which may not include the wider considerations that the CCS will incorporate (such as the Ofgem Data Design Principles, for example). We have recently input to the ongoing CCS development and while we have concerns regarding the current CCS design meeting consumer needs for control over their data, we believe that any SEC modification relating to consumer data access should await the conclusion of the CCS project.