October, 2023
Such intelligent measuring systems, so-called smart meters, are installed at the end consumer’s site. Compared to the classic electricity me-ter, smart meters are fundamentally capable of recording and documenting the electricity use of the end consumer at precise times, which raises a number of questions on the subject of data protection. This topic is also very up-to-date precisely because the duties for data processors have been expanded with the entry into force of the re-vised Federal Data Protection Act (DPA) on 1 September 2023. When using smart meters, network operators must therefore take into account various aspects from the per-spective of data protection law. Reserved and not taken into account in this ELQ are specific requirements for fed-eral bodies and any cantonal data protection laws applica-ble to network operators.
Use of smart meters according to law
The Federal Electricity Supply Act (StromVG) states in Art. 17 para. 1 regarding the processing of personal data in connection with smart metering systems that the DPA is applicable. Specific provisions on data processing can also be found in the Electricity Supply Ordinance (StromVV). According to Art. 8b Para. 1 StromVV, only smart metering systems whose elements have been suc-cessfully tested for data security may be used by network operators. However, without the consent of the persons concerned, the data from the use of smart meters may only be processed as follows in accordance with Art. 8d StromVV:
– in pseudonymized form (including load profile values of fifteen minutes and more) for metering, control and regulation, for the use of tariff systems as well as for secure, powerful and efficient grid operation, grid balancing and grid planning;
– in non-pseudonymized form (including load profile values of fifteen minutes and more) for the billing of the energy supply, the grid usage charge and the re-muneration for the use of control and regulation sys-tems.
Pseudonymized personal data continue to fall within the scope of the DPA, as the reference to the individually identifiable natural person (data subject) can be restored at any time by the controller who has the reference key. The scope of application of the DPA is only left when the personal data is anonymized – this is the case, for example, when the pseudonymized data is passed on to a third party without a reference key, as this third party can no longer establish the reference to the data subject. In the context of the legally intended use of smart meter data, however, consent is not required even based on the DPA, as this is a processing of personal data justified by law (Art. 31 para. 1 DPA). Furthermore, due to the processing pro-vided for by law, no separate information of the data sub-ject is required (Art. 20 para. 1 lit. b DPA), although for reasons of transparency and to increase the acceptance of smart meters by the end customer, it remains advisable to provide information about the processing of personal data (e.g. in the general data protection declaration).
Further use of smart meter data
Smart meters have a potential use that goes beyond the legally intended uses explained above. For example, load profile measurements can be carried out within 15 minutes, which enables real-time reading of electricity consumption. Depending on the equipment and in com-bination with smart home systems, it is also conceivable to measure the electricity consumption of individual de-vices using smart meters.
If further analyses of smart meter personal data are carried out anonymously, the restrictions of the DPA do not ap-ply. However, this requires that these further processing operations are separated technically and in terms of or-ganization in such a way that it is impossible for the per-sons or systems that carry out such further processing op-erations to access the reference key and thus restore the reference to the data subject.
A personal, more extensive evaluation of smart meter data (pseudonymized or disclosed) should regularly re-quire the consent of the data subject, as the legitimate in-terests of the operators are unlikely to outweigh the data subject’s interest in privacy. Thus, in Art. 8d StromVV, the legislator has already anticipated the weighing of in-terests and has deliberately not mentioned further data processing. If it is not possible to prove both an overriding interest in processing and a legal right to process data, the only way to justify processing is to obtain the consent of the data subject (Art. 31 para. 1 DPA). Consent, in turn, is only valid if it is given voluntarily and appropriately in-formed with regard to the intended processing (Art. 6 para. 6 DPA).
Further data protection aspects
The introduction of smart meters entails further obliga-tions for the grid operators with regard to the collected data. For example, the load profile values recorded at 15-minute intervals must be made available to the end con-sumers electronically in a comprehensible form (Art. 8a Para. 2 lit. c StromVV), which is usually done via the cus-tomer portal. The obligation to draw up processing regu-lations (Art. 5 and 6 of the Data Protection Ordinance DSV) must be examined. Under Art. 12 DPA network operators are also obliged to keep a register of processing activities with the legally required content (i.e. identity of the processor, purpose of processing, categories of data subjects and personal data, categories of recipients, reten-tion period, data security measures taken, recipient state in the case of disclosures abroad). This applies in particu-lar if they have more than 250 employees, process partic-ularly sensitive personal data on a large scale or carry out high-risk profiling (which may then also require a data protection impact assessment to be carried out, Art. 22 DPA).
Conclusion
When smart meters are used by grid operators in Swit-zerland, the data processing requirements of the StromVG, StromVV and now also the revised DSG must be complied with at all times. If the use of smart meters goes beyond the legally intended use, it is mandatory to obtain the consent of the end consumer. To avoid data protection risks, it is worth involving a specialist at an early stage.
GHR Energy and Natural Resources
Marc Grüninger (marcgrueninger@ghr.ch)
Stephan Hofer (stephanhofer@ghr.ch)
Patrizia Lorenzi (patrizialorenzi@ghr.ch)
Nick Wälti (nickwaelti@ghr.ch)