PG&E AGREES WITH THE CUSTOMER PRIVACY GOALS AND POLICIES RECOMMENDED BY CONSUMER PRIVACY ADVOCATES
A number of consumer groups have provided specific recommendations regarding customer privacy goals and standards in this proceeding, including the Center for Democracy and Technology, Electronic Frontier Foundation, Consumer Federation of California, TURN and the Division of Ratepayer Advocates.5 These recommendations generally urge the Commission to move cautiously and very carefully in updating or revising its existing rules on customer privacy, particularly third-party access to customer data. In addition, the consumer privacy advocates point out that there are certain sources of national “best practices” for protecting consumer privacy in all industries that the Commission should consider and endorse, such as the “Fair Information Practices Principles” developed over the years and cited by various federal agencies, such as the Department of Homeland Security.6
As PG&E pointed out in its opening comments, we adhere to existing, strict and precise Commission and statutory rules and standards providing for protection of customer privacy, and do not see the need to dilute or reduce those protections. However, after reviewing the comments and presentations by consumer privacy advocates, PG&E agrees that it is timely in
this proceeding for the Commission and all parties to “benchmark” the existing customer privacy protections in the Public Utilities Code and utility tariffs against the national consumer privacy standards and goals applicable to other industries and consumer services. This is particularly important to the extent that the Commission will need to establish and be able to enforce these privacy protections and cyber-security protocols against third-parties who may be granted access by customers to sensitive or confidential personal information. For this purpose, we agree that the Commission and interested parties should start with review of the “Fair Information Practices Principles” and other national consumer privacy laws and guidelines, and evaluate whether enhancements or improvements in current Commission and utility practices should be considered in light of those national guidelines. PG&E recommends that this “benchmarking” effort be an integral element of the utilities’ SB 17 deployment plans.
My take on this is that PG&E is indeed committed to not only dealing with security issues head on, but is also sensitive to the concerns of the various agencies who are voicing their concerns. Moreover, they are willing to voice their commitment directly with the CPUC and essentially tell the CPUC that the ball is in their court.
I look forward to other key players in Smart Grid coming forward with this level of commitment! PG&E has been a leader in Smart Grid since day one, and leadership is what drives excellence.
I anxiously await the CPUC's decision on this.