BILL NUMBER: SB 1476	CHAPTERED
	BILL TEXT

	CHAPTER  497
	FILED WITH SECRETARY OF STATE  SEPTEMBER 29, 2010
	APPROVED BY GOVERNOR  SEPTEMBER 29, 2010
	PASSED THE SENATE  AUGUST 30, 2010
	PASSED THE ASSEMBLY  AUGUST 25, 2010
	AMENDED IN ASSEMBLY  AUGUST 20, 2010
	AMENDED IN ASSEMBLY  AUGUST 2, 2010
	AMENDED IN ASSEMBLY  JUNE 23, 2010
	AMENDED IN ASSEMBLY  JUNE 10, 2010
	AMENDED IN SENATE  APRIL 20, 2010
	AMENDED IN SENATE  APRIL 5, 2010

INTRODUCED BY   Senator Padilla

                        FEBRUARY 19, 2010

   An act to add Chapter 5 (commencing with Section 8380) to Division
4.1 of, and to repeal Section 393 of, the Public Utilities Code,
relating to public utilities.


	LEGISLATIVE COUNSEL'S DIGEST


   SB 1476, Padilla. Public utilities: customer privacy: advanced
metering infrastructure.
   Under existing law, the Public Utilities Commission has regulatory
authority over public utilities, including electrical corporations
and gas corporations, as defined.
   Existing law requires the commission to conduct a pilot study of
certain customers of each electrical corporation to determine the
relative value to ratepayers of information, rate design, and
metering innovations using specified approaches, but prohibits this
data from being used for any commercial purpose, unless authorized by
the customer.
   This bill would repeal the provisions relating to the pilot study.

   This bill would prohibit an electrical corporation or gas
corporation from sharing, disclosing, or otherwise making accessible
to any 3rd party a customer's electrical or gas consumption data, as
defined, except as specified, and would require those utilities to
use reasonable security procedures and practices to protect a
customer's unencrypted electrical and gas consumption data from
unauthorized access, destruction, use, modification, or disclosure.
The bill would prohibit an electrical corporation or gas corporation
from selling a customer's electrical or gas consumption data or any
other personally identifiable information for any purpose.
   The bill would prohibit an electrical corporation or gas
corporation from providing an incentive or discount to a customer for
accessing the customer's electrical or gas consumption data without
the prior consent of the customers. The bill would require that an
electrical or gas corporation that utilizes an advanced metering
infrastructure that allows a customer to access the customer's
electrical and gas consumption data to ensure that the customer has
an option to access that data without being required to agree to the
sharing of his or her personally identifiable information with a 3rd
party.
   The bill would provide that, if the electrical corporation or gas
corporation contracts with a 3rd party for a service that allows a
customer to monitor his or her electricity or gas usage, and the 3rd
party uses the data for a secondary commercial purpose, the contract
between the electrical or gas corporation and the 3rd party shall
provide that the 3rd party prominently discloses that secondary
commercial purpose to the customer.
   The bill would adopt nearly identical requirements applicable to a
local publicly owned electric utility with respect to electrical
consumption data, as defined.


THE PEOPLE OF THE STATE OF CALIFORNIA DO ENACT AS FOLLOWS:

  SECTION 1.  Section 393 of the Public Utilities Code is repealed.
  SEC. 2.  Chapter 5 (commencing with Section 8380) is added to
Division 4.1 of the Public Utilities Code, to read:
      CHAPTER 5.  PRIVACY PROTECTIONS FOR ENERGY CONSUMPTION DATA


   8380.  (a) For purposes of this section, "electrical or gas
consumption data" means data about a customer's electrical or natural
gas usage that is made available as part of an advanced metering
infrastructure, and includes the name, account number, or residence
of the customer.
   (b) (1) An electrical corporation or gas corporation shall not
share, disclose, or otherwise make accessible to any third party a
customer's electrical or gas consumption data, except as provided in
subdivision (e) or upon the consent of the customer.
   (2) An electrical corporation or gas corporation shall not sell a
customer's electrical or gas consumption data or any other personally
identifiable information for any purpose.
   (3) The electrical corporation or gas corporation or its
contractors shall not provide an incentive or discount to the
customer for accessing the customer's electrical or gas consumption
data without the prior consent of the customer.
   (4) An electrical or gas corporation that utilizes an advanced
metering infrastructure that allows a customer to access the customer'
s electrical and gas consumption data shall ensure that the customer
has an option to access that data without being required to agree to
the sharing of his or her personally identifiable information,
including electrical or gas consumption data, with a third party.
   (c) If an electrical corporation or gas corporation contracts with
a third party for a service that allows a customer to monitor his or
her electricity or gas usage, and that third party uses the data for
a secondary commercial purpose, the contract between the electrical
corporation or gas corporation and the third party shall provide that
the third party prominently discloses that secondary commercial
purpose to the customer.
   (d) An electrical corporation or gas corporation shall use
reasonable security procedures and practices to protect a customer's
unencrypted electrical or gas consumption data from unauthorized
access, destruction, use, modification, or disclosure.
   (e)  (1) Nothing in this section shall preclude an electrical
corporation or gas corporation from using customer aggregate
electrical or gas consumption data for analysis, reporting, or
program management if all information has been removed regarding the
individual identity of a customer.
   (2) Nothing in this section shall preclude an electrical
corporation or gas corporation from disclosing a customer's
electrical or gas consumption data to a third party for system, grid,
or operational needs, or the implementation of demand response,
energy management, or energy efficiency programs, provided that, for
contracts entered into after January 1, 2011, the utility has
required by contract that the third party implement and maintain
reasonable security procedures and practices appropriate to the
nature of the information, to protect the personal information from
unauthorized access, destruction, use, modification, or disclosure,
and prohibits the use of the data for a secondary commercial purpose
not related to the primary purpose of the contract without the
customer's consent.
   (3) Nothing in this section shall preclude an electrical
corporation or gas corporation from disclosing electrical or gas
consumption data as required or permitted under state or federal law
or by an order of the commission.
   (f) If a customer chooses to disclose his or her electrical or gas
consumption data to a third party that is unaffiliated with, and has
no other business relationship with, the electrical or gas
corporation, the electrical or gas corporation shall not be
responsible for the security of that data, or its use or misuse.
   8381.  (a) For purposes of this section, "electrical consumption
data" means data about a customer's electrical usage that is made
available as part of an advanced metering infrastructure, and
includes the name, account number, or residence of the customer.
   (b) (1) A local publicly owned electric utility shall not share,
disclose, or otherwise make accessible to any third party a customer'
s electrical consumption data, except as provided in subdivision (e)
or upon the consent of the customer.
   (2) A local publicly owned electric utility shall not sell a
customer's electrical consumption data or any other personally
identifiable information for any purpose.
   (3) The local publicly owned electric utility or its contractors
shall not provide an incentive or discount to the customer for
accessing the customer's electrical consumption data without the
prior consent of the customer.
   (4) A local publicly owned electric utility that utilizes an
advanced metering infrastructure that allows a customer to access the
customer's electrical consumption data shall ensure that the
customer has an option to access that data without being required to
agree to the sharing of his or her personally identifiable
information, including electrical consumption data, with a third
party.
   (c) If a local publicly owned electric utility contracts with a
third party for a service that allows a customer to monitor his or
her electricity usage, and that third party uses the data for a
secondary commercial purpose, the contract between the local publicly
owned electric utility and the third party shall provide that the
third party prominently discloses that secondary commercial purpose
to the customer.
   (d) A local publicly owned electric utility shall use reasonable
security procedures and practices to protect a customer's unencrypted
electrical consumption data from unauthorized access, destruction,
use, modification, or disclosure, and prohibits the use of the data
for a secondary commercial purpose not related to the primary purpose
of the contract without the customer's consent.
   (e) (1) Nothing in this section shall preclude a local publicly
owned electric utility from using customer aggregate electrical
consumption data for analysis, reporting, or program management if
all information has been removed regarding the individual identity of
a customer.
   (2) Nothing in this section shall preclude a local publicly owned
electric utility from disclosing a customer's electrical consumption
data to a third party for system, grid, or operational needs, or the
implementation of demand response, energy management, or energy
efficiency programs, provided, for contracts entered into after
January 1, 2011, that the utility has required by contract that the
third party implement and maintain reasonable security procedures and
practices appropriate to the nature of the information, to protect
the personal information from unauthorized access, destruction, use,
modification, or disclosure.
   (3) Nothing in this section shall preclude a local publicly owned
electric utility from disclosing electrical consumption data as
required under state or federal law.
   (f) If a customer chooses to disclose his or her electrical
consumption data to a third party that is unaffiliated with, and has
no other business relationship with, the local publicly owned
electric utility, the utility shall not be responsible for the
security of that data, or its use or misuse.