House panel approves smart-grid security bill

A bill aiming to protect the nation’s electricity grid from cyber attacks easily passed a House subcommittee today and now heads to the full Energy and Commerce Committee.

The Grid Reliability and Infrastructure Defense (GRID) Act, co-authored by Rep. Ed Markey (D-Mass.), directs the Federal Energy Regulatory Committee (FERC) to take measures to protect the electricity grid from telecommunications intrusions. The threat of cyber attacks is getting more attention now that the grid is becoming Internet-enabled.

“Right now, our electrical grid is vulnerable to threats from terrorists and hostile countries,” Markey said. “Our adversaries have motive, intent and the capacity to exploit these weaknesses.”

An attack on the grid could affect every other critical infrastructure systems, he said, such as water, healthcare, transportation, law enforcement and financial services.

The FCC envisions a Web-enabled power grid that lets consumers control their energy consumption remotely and promotes new clean energy tools. And the stimulus law of February 2009 included $4.5 billion to modernize the electric grid, including smart meter projects.

But privacy and security groups are already raising concerns that such systems could pose risks for consumers.

Last week the Electronic Frontier Foundation, a San-Francisco based privacy advocate, and DC-based Center for Democracy & Technology, petitioned the California Public Utilities Commission to adopt rules to protect the privacy and security of consumers’ energy-usage information.

Smart meters being installed in California will collect 750 to 3,000 data points a month per household. Such detailed energy usage data could indicate whether someone is at home or out of town, entertaining guests or using particular appliances. Tracking particular patterns in energy consumption could leave consumers vulnerable to burglary or scams.

“The Smart Grid offers great promise for fighting climate change and improving energy policy, but it can also amass vast amounts of data that reveals intimate details of consumers’ lives,” said Jennifer Lynch, an attorney with the Samuelson Law, Technology & Public Policy Clinic at UC Berkeley.