Team for Research in
Ubiquitous Secure Technology

Inferring Personal Information from Demand-Response Systems
Mikhail Lisovich, Deirdre Mulligan, Stephen Wicker

Citation
Mikhail Lisovich, Deirdre Mulligan, Stephen Wicker. "Inferring Personal Information from Demand-Response Systems". IEEE Security & Privacy, 8(1):11-20, January 2010.

Abstract
Current and upcoming demand-response systems are providing increasingly detailed power consumption data to utilities and a growing array of players angling to assist consumers in understanding and managing their energy use. The granularity of this data, as well as the entry of new players into the energy market creates new privacy concerns. The detailed per-household consumption data generated by advanced metering systems reveals information about in-home activities which can be mined and combined with other readily available information to discover more about occupant's activities. We explore the technological aspects of this claim, focusing on the ways in which personally identifying information can be collected and repurposed. We begin with overviews of the energy-data-privacy landscape and a brief introduction to demand-response technologies. We proceed to discuss the motivations parties may have for repurposing collected data. We then prove that repurposing is feasible from a technical standpoint by conducting a small-scale experiment on a private residence. Our results show that, even with relatively unsophisticated hardware and data extraction algorithms, some information about occupant behavior can be estimated with a high degree of accuracy. We propose a disclosure metric to aid in quantifying the impact of data collection on in-home privacy, and construct an example metric for our experiment. Our paper concludes with a discussion of larger scale systems and guidelines for data-handling policies that advance the protection of privacy.

Electronic downloads


(No downloads are available for this publication.)
Citation formats  
  • HTML
    Mikhail Lisovich, Deirdre Mulligan, Stephen Wicker. <a
    href="http://www.truststc.org/pubs/662.html"
    >Inferring Personal Information from Demand-Response
    Systems</a>, <i>IEEE Security &
    Privacy</i>, 8(1):11-20, January 2010.
  • Plain text
    Mikhail Lisovich, Deirdre Mulligan, Stephen Wicker.
    "Inferring Personal Information from Demand-Response
    Systems". <i>IEEE Security &
    Privacy</i>, 8(1):11-20, January 2010.
  • BibTeX
    @article{LisovichMulliganWicker10_InferringPersonalInformationFromDemandResponseSystems,
        author = {Mikhail Lisovich and Deirdre Mulligan and Stephen
                  Wicker},
        title = {Inferring Personal Information from
                  Demand-Response Systems},
        journal = {IEEE Security \& Privacy},
        volume = {8},
        number = {1},
        pages = {11-20},
        month = {January},
        year = {2010},
        abstract = {Current and upcoming demand-response systems are
                  providing increasingly detailed power consumption
                  data to utilities and a growing array of players
                  angling to assist consumers in understanding and
                  managing their energy use. The granularity of this
                  data, as well as the entry of new players into the
                  energy market creates new privacy concerns. The
                  detailed per-household consumption data generated
                  by advanced metering systems reveals information
                  about in-home activities which can be mined and
                  combined with other readily available information
                  to discover more about occupant's activities. We
                  explore the technological aspects of this claim,
                  focusing on the ways in which personally
                  identifying information can be collected and
                  repurposed. We begin with overviews of the
                  energy-data-privacy landscape and a brief
                  introduction to demand-response technologies. We
                  proceed to discuss the motivations parties may
                  have for repurposing collected data. We then prove
                  that repurposing is feasible from a technical
                  standpoint by conducting a small-scale experiment
                  on a private residence. Our results show that,
                  even with relatively unsophisticated hardware and
                  data extraction algorithms, some information about
                  occupant behavior can be estimated with a high
                  degree of accuracy. We propose a disclosure metric
                  to aid in quantifying the impact of data
                  collection on in-home privacy, and construct an
                  example metric for our experiment. Our paper
                  concludes with a discussion of larger scale
                  systems and guidelines for data-handling policies
                  that advance the protection of privacy.},
        URL = {http://www.truststc.org/pubs/662.html}
    }
    

Posted by Mikhail Lisovich on 28 Mar 2010.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.