The UK government’s plan to collect data on consumer energy use would not be limited to energy companies and could potentially include other private organisations, making them government informants, the campaign organization to non profit Open Rights Group (ORG) has warned.
Households and businesses can benefit from savings on their energy bills under the Energy Price Guarantee (EPG) scheme, which will help to mitigate the negative effects of rapidly rising gas prices. Under the program, which began on October 1, the Department of Business, Energy and Industrial Strategy (BEIS) announcement that it would collect data on users’ energy consumption, including information that could be used to identify individuals.
The program was meant to last two years, but new Chancellor Jeremy Hunt cut the two-year term to six months in his emergency announcement on Monday.
According to the government, the following data will be collected and processed, relating to every electricity and gas meter in Britain:
- Meter Point Administration Number (MPAN) – electricity meter number
- Unique Property Reference Number (UPRN)
- electricity consumption
- data about each counter (e.g. profile class, power state)
- data on how the reporting point is billed (e.g. billing cycle, type of payment)
- Postal code
- energy tariff data
- personal data, including name, address, date of birth, communication data and email address
The data will be used for:
- allow BEIS to track the progress and operational delivery of the EPG
- to perform financial controls over EPG payments, including for assurance and the prevention, investigation, detection or prosecution of criminal offenses including fraud
- allow BEIS to evaluate the program to understand its impact and inform future government strategy
According to the government, BEIS will share acquired data with other parties as necessary for the purposes of preventing and detecting fraud and error, including:
- other departments
- public authorities
- law enforcement agencies in the UK and overseas
- regulatory bodies
- credit reference agencies
- debt collection agencies
- anti-fraud organizations
Officials said that although the program lasts only six months, the data would be retained for up to 10 years after it was collected.
ORG described the government’s plan as an “unwarranted intrusion into our private lives” that could soon extend to reading our emails.
“This plan, and the government’s attitude, gives us a good insight into how the UK’s data protection reforms would work in practice,” said Mariano delli Santi, head of legal and policy at ORG. post online.
deli Santi argues that the way the EPG system is set up does not make it a fraud risk and that collecting and gathering data in this way is unwarranted. He also claims that requiring energy companies to hand over such data to authorities does not bode well for Britain’s forthcoming Data Protection and Digital Information Bill, which includes exemptions for the government to Purpose limitation with data sharing, as provided by the GDPR. . Potentially any business “a supermarket, gym or GP” could be forced to pass on sensitive customer information, he wrote.
According to the advocacy group, the GDPR, which still applies in the UK, is based on the principles of legality and purpose restriction, and these abstract concepts become rather substantive in relation to the government’s plan.
“Is it legal, and therefore proportionate and justified, to treat you as a suspect, unless proven innocent, and store your energy bills for 10 years to detect fraud that you are not even likely to commit? Do you expect your energy supplier to use your meter readings to bill you, then reuse and hand over your readings to a public authority even though you have done nothing wrong? asked ORG.
The group called the government’s Data Protection and Digital Information Bill a “digital regulation mini-budget”, which will undermine government accountability, unleash automated discrimination and destroy the Kingdom’s digital economy. -United.
“It is time for the government to take stock of its years-long failure to produce a decent proposal and bury its data protection reforms for the better,” ORG added.