Ross Anderson (past S4 keynoter) and Alex Henney published a paper on the failed economics of the British smart metering project (UK). They contend that when the economic case didn’t work out. the government changed the underlying assumptions until the numbers worked out.
When the numbers didn’t work the assumptions were changed:
- the expected future price of electricity was raised
- “significant optimism was introduced about both the costs and benefits”
- the cost of money / discount rate was reduced
Some of the decisions that led to the poor economic model and changed assumptions were:
- Providing an In Home Display (IHD) to customers rather than having them use an existing computer, tablet or smart phone. Unlike many utility devices, the IHD was deemed (correctly) to have a relatively short life.
- Having the vendors deploy the smart meters rather than the distribution network operator
The authors also found fault with the centralized, countrywide database to aggregate usage data, but this was based on past performance rather than economics.
The authors do not extrapolate take the stance that smart meter projects are doomed to economic failure and should be abandoned. Instead they point to Dutch, Spanish and New Zealand smart meter economic models that work and should be replicated in Britain and elsewhere.
The good news is this type of analysis is happening, and hopefully it will spread to security. There is a good research paper/study to be done on the economic impact of the stimulus funding that was used for many large smart meter deployments in the US.
Ross was one of the early forces behind the Workshop on the Economics of Information Security (WEIS). At WEIS it was very clear that the economic case for smart grid privacy is weak at best.
The most pertinent paper was Empirical Analysis of Data Breach Litigation by Romanosky, Hoffman and Acquisti. The authors looked at US data breaches and federal litigation. Only 4% of the data breaches were litigated federally and about half of those were dismissed. The fact that many involved statutory violations had little impact on whether a case was litigated or dismissed.
Image by Tom Rafferty