An ecosystem of companies in the energy industry enables customers with numerous innovative products and services. When a customer shares his or her private electricity or natural gas data with a certain company, there are often several firms in a “digital supply chain” that acquire and process the data to eventually deliver services to that customer, whether the customer is aware of those entities or not. Referred to as “Nth” parties, these entities represent exciting innovations in the energy sector, but they will be stifled in the absence of thoughtful, targeted policies and customer-centric data exchange mechanisms.
First, this white paper highlights example scenarios from the energy management industry in which Nth parties are used to deliver innovative, energy-saving services to customers.
Then, we describe shortfalls of current state policies where overbroad prohibitions on data-sharing prevent even informed customers from exercising meaningful control over their energy data. Optimizing costs with information technology outsourcing is prevalent, especially for startups. Far-reaching privacy policies therefore have the effect of unnecessarily increasing costs to customers and stifling innovation by requiring energy management firms to “in-source” IT functions in order to avoid violating non-disclosure rules. We present a privacy model in which customer choice and sovereignty is better balanced with privacy protections by accommodating Nth parties.
Finally, we conclude with a review of new technologies that can make Nth party data sharing more efficient, secure and customer-directed.
Policy frameworks should understand and anticipate Nth parties by instituting “cascading liability” for data breaches, in which a firm is responsible for a breach caused by its downstream contractor(s), rather than rely on non-disclosure requirements, which are often unattainable in today’s digital world
Authorization protocols should be expanded to incorporate Nth parties, machine- readable terms and conditions, “cascading authorizations,” and the tracking of the customer consent “chain of command.
Web scraping — the practice of a customer sharing his or her username and password to a utility’s website with an energy management firm — can be reduced by increasing the availability of energy data, such as utility bill data, in machine readable format via application programming interfaces (API).