Team for Research in
Ubiquitous Secure Technology

Inferring Personal Information from Demand-Response Systems
Mikhail Lisovich, Deirdre Mulligan, Stephen Wicker

Citation
Mikhail Lisovich, Deirdre Mulligan, Stephen Wicker. "Inferring Personal Information from Demand-Response Systems". IEEE Security & Privacy, 8(1):11-20, January 2010.

Abstract
Current and upcoming demand-response systems are providing increasingly detailed power consumption data to utilities and a growing array of players angling to assist consumers in understanding and managing their energy use. The granularity of this data, as well as the entry of new players into the energy market creates new privacy concerns. The detailed per-household consumption data generated by advanced metering systems reveals information about in-home activities which can be mined and combined with other readily available information to discover more about occupant's activities. We explore the technological aspects of this claim, focusing on the ways in which personally identifying information can be collected and repurposed. We begin with overviews of the energy-data-privacy landscape and a brief introduction to demand-response technologies. We proceed to discuss the motivations parties may have for repurposing collected data. We then prove that repurposing is feasible from a technical standpoint by conducting a small-scale experiment on a private residence. Our results show that, even with relatively unsophisticated hardware and data extraction algorithms, some information about occupant behavior can be estimated with a high degree of accuracy. We propose a disclosure metric to aid in quantifying the impact of data collection on in-home privacy, and construct an example metric for our experiment. Our paper concludes with a discussion of larger scale systems and guidelines for data-handling policies that advance the protection of privacy.

Electronic downloads


(No downloads are available for this publication.)
Citation formats  
  • HTML 
    Mikhail Lisovich, Deirdre Mulligan, Stephen Wicker. <a
href="http://www.truststc.org/pubs/662.html"
>Inferring Personal Information from Demand-Response
Systems</a>, <i>IEEE Security &
Privacy</i>, 8(1):11-20, January 2010.
  • Plain text 
    Mikhail Lisovich, Deirdre Mulligan, Stephen Wicker.
"Inferring Personal Information from Demand-Response
Systems". <i>IEEE Security &
Privacy</i>, 8(1):11-20, January 2010.
  • BibTeX 
    @article{LisovichMulliganWicker10_InferringPersonalInformationFromDemandResponseSystems,
    author = {Mikhail Lisovich and Deirdre Mulligan and Stephen
              Wicker},
    title = {Inferring Personal Information from
              Demand-Response Systems},
    journal = {IEEE Security \& Privacy},
    volume = {8},
    number = {1},
    pages = {11-20},
    month = {January},
    year = {2010},
    abstract = {Current and upcoming demand-response systems are
              providing increasingly detailed power consumption
              data to utilities and a growing array of players
              angling to assist consumers in understanding and
              managing their energy use. The granularity of this
              data, as well as the entry of new players into the
              energy market creates new privacy concerns. The
              detailed per-household consumption data generated
              by advanced metering systems reveals information
              about in-home activities which can be mined and
              combined with other readily available information
              to discover more about occupant's activities. We
              explore the technological aspects of this claim,
              focusing on the ways in which personally
              identifying information can be collected and
              repurposed. We begin with overviews of the
              energy-data-privacy landscape and a brief
              introduction to demand-response technologies. We
              proceed to discuss the motivations parties may
              have for repurposing collected data. We then prove
              that repurposing is feasible from a technical
              standpoint by conducting a small-scale experiment
              on a private residence. Our results show that,
              even with relatively unsophisticated hardware and
              data extraction algorithms, some information about
              occupant behavior can be estimated with a high
              degree of accuracy. We propose a disclosure metric
              to aid in quantifying the impact of data
              collection on in-home privacy, and construct an
              example metric for our experiment. Our paper
              concludes with a discussion of larger scale
              systems and guidelines for data-handling policies
              that advance the protection of privacy.},
    URL = {http://www.truststc.org/pubs/662.html}
}

Posted by Mikhail Lisovich on 28 Mar 2010.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.