Bankruptcy Fight May Be The Least Of Team Prenda's Concerns, As The FBI Comes Knocking

'Smart Grid' Company Demands MuckRock Turn Over Info On Anyone Who Might Have Seen Public Records Docs Involving It

from the because-trade-secrets-and-terrorism dept

Thu, May 26th 2016 11:49am — Tim Cushing

Earlier this year, FOIA enthusiast/privacy activist Phil Mocek requested documents from Seattle City Light, the city's public-owned utility. Mocek was seeking info on the utility's proposed "smart meter" system, which carried with it some obvious privacy implications.

Pursuant to RCW Ch. 42.56 (Public Records Act), I hereby request the following records:

Plans for, schedules of, policies dictating the performance of, requests for proposals to, contracts for, discussion of, and results of all security audits performed of "smart meter" devices (remotely-addressable electrical meters sometimes referred to as "advanced metering infrastructure"), along with metadata. These devices are designed to replace traditional electric meters. They contain sensors that monitor activities inside subscribers' premises and automatically communicate information collected by those sensors to machines in remote locations.

The replacement of regular meters with potentially-invasive "smart meters" is due to begin in 2017, despite concerns about health and privacy. As the EFF points out, the power company's ability to record pinpoint data on customers' power use may seem innocuous, but it's not nearly as benign if that information is shared, either purposefully or inadvertently.

It’s not just utilities who will have access to your data. It’s potentially a series of third party corporations including (but not limited to) the utility’s contractors and government agencies. Law enforcement agencies in particular are very keen to be able to see this information. There have already been a lot of cases where utility records have been provided to police who use them to bust marijuana growing operations, and this is simply using the raw energy use data.

[...]

Insurance companies and employers might also be interested in your personal energy usage information. Smart meters crack open this door into your private life, making available a huge amount of very personal data.

And that's not even factoring in the unauthorized uses that smart meters may inadvertently lead to if not secured properly.

Multiple documents were provided to Mocek by Seattle City Light, including documents related to the company awarded the smart meter contract: Landis+Gyr. Landis+Gyr isn't happy the city of Seattle has made these documents public, so it's logically responded by suing MuckRock. Yes, it's also suing the city and the utility, but for some reason has decided MuckRock (and Phil Mocek) should be included in the litigation, despite them only being the recipients of documents Landis+Gyr wants to keep out of the public's hands.

It's seeking to have future planned responses from the city involving its "trade secrets" blocked. (Seattle plans to release another batch of documents to Mocek on May 26.) But it's also making requests pertaining to MuckRock that are both chilling and completely ridiculous. Not only does Landis+Gyr want the documents taken down, but it also wants info on every MuckRock reader who may have viewed them.

[A]fter receiving certain unredacted documents through inadvertent, accidental, or improper release by the City in circumstances demonstrating that Defendants knew or should have known the documents contain sensitive network security information and trade secret information, Mocek nonetheless allowed the information to be posted publicly and in unredacted form on the internet site of Defendant MuckRock.com. Plaintiff Landis+Gyr notified Mocek, MuckRock.com, and Defendant Michael Morisy of the apparent error and requested that Landis+Gyr’s sensitive and proprietary information be removed from the MuckRock.com website and that MuckRock.com provide reasonable assistance to allow Landis+Gyr to identify entities that may have obtained access to is sensitive information.

Michael Morisy refused Landis+Gyr's first request. Now, it's upped the ante by petitioning the court to force MuckRock to assist it in the ultimate fool's errand: the removal of information from the internet.

Immediate relief is needed to require Plaintiffs’ protected information to be immediately taken down from the MuckRocks website, to require MuckRock.com to provide assistance to Plaintiffs to identify and retrieve protected information that may have been downloaded from the MuckRocks website…

If that wasn't enough, the multinational corporation would like the government to engage in a little prior restraint on its behalf.

[...] enjoin Mocek and MuckRock.com from posting Plaintiffs’ protected and sensitive information in the future.

Landis+Gyr seems to be most concerned about the pending release of documents containing pricing info and details about its "smart grid" technology. But, it's also demanding the removal of the two documents already released, both of which are fairly innocuous (and can be viewed below!) As MuckRock's Michael Morisy points out, it should be under no obligation to remove the documents as it's received no notice from the city of Seattle that the documents it has in its possession weren't supposed to be released.

Morisy and MuckRock don't plan to back down.

We believe that these legal threats are a chilling attack on free speech and we will not be complying with their demands.

We also believe people have a broad right to understand the security implications of technology purchased by their governments, particularly if, as is the case with the smart electrical meter systems provided by Landis+Gyr, that technology monitors the activities of people in their homes.

At this point, the injunction doesn't appear to have been granted, which means MuckRock can still (for the time being) host the docs it has already obtained as well as anything else Landis+Gyr-related Seattle sends to Mocek while its request is being reviewed.

Joint-Complaint-v-City-Light-Mocek-Muckrock-Com (PDF)Joint-Complaint-v-City-Light-Mocek-Muckrock-Com (Text)

Landis-Gyr-Req-9-Security-Overview (PDF)Landis-Gyr-Req-9-Security-Overview (Text)

Landis-Gyr-Managed-Services-Report-2015-Final-1 (PDF)Landis-Gyr-Managed-Services-Report-2015-Final-1 (Text)

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: foia, phil mocek, seattle, smart grid, smart meters, threats
Companies: landis+gyr, muckrock

27 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

That Anonymous Coward (profile), 26 May 2016 @ 12:00pm

This just goes here...
https://www.youtube.com/watch?v=uu_zwdmz0hE
[ link to this | view in chronology ]
- Hephaestus (profile), 29 May 2016 @ 11:13am
  
  Re: This just goes here...
  Went from a bad mood to laughing, thanks!
  [ link to this | view in chronology ]
Anonymous Coward, 26 May 2016 @ 12:05pm

first stingrays, now smart grids?
Is there any point in FOIA anymore now that companies that do business with the gov can now just claim "proprietary information" and no one has to hand over anything anymore?
[ link to this | view in chronology ]
Mason Wheeler (profile), 26 May 2016 @ 12:11pm

As I've said before, "trade secrets" are a concept with zero legitimacy, which have long been recognized as harmful to society. How harmful? Consider this: everyone who's been reading Techdirt for any length of time should be acutely aware of the many problems caused by the patent system. Well, trade secrets are literally the problem that patents were invented to solve.

Unfortunately, they neglected to actually officially kill off trade secrets when they invented patents. And so stupid crap like this keeps happening.
[ link to this | view in chronology ]
- zboot (profile), 26 May 2016 @ 1:18pm
  
  Re:
  This makes no sense at all. Trade secrets are *not* the problem that patents were invented to solve. I don't have hard numbers, but I suspect most (as in greater than 50%) trade secrets are not patent-able.
  
  In fact, that they gave this info to the city suggests it's not a trade secret at all.
  
  Trade secrets are just the excuse for getting this information hidden. They could have claimed copyright. Does that mean we should abolish that too? Because reading techdirt, I see report after report of problems "caused" by companies suing over copyright.
  [ link to this | view in chronology ]
  - Mason Wheeler (profile), 26 May 2016 @ 1:26pm
    
    Re: Re:
    Yes, the problem that patents were created to solve was that far too often, someone who came up with a useful new thing would try to keep it secret to enjoy the benefits of exclusivity, and succeed too well: The information would die with them.
    
    To solve this problem, the British government invented a system that would grant the benefits of exclusivity, with legal protection, in exchange for publishing the details of the new invention, to ensure that it couldn't be lost.
    
    For example, steel has been around pretty much forever. The oldest known samples date back to ~1400 BC. It's been discovered and lost and rediscovered and lost again countless times throughout the ages. But it's not until the British patent system got ahold of Henry Bessemer's steelmaking system and released it into the public domain that we got the Industrial Revolution (fueled by widespread availability of cheap steel) and the modern age. It's a bit of an exaggeration to say that trade secrets literally held back the progress of civilization by 3000 years, but that was definitely a major component of it!
    [ link to this | view in chronology ]
    - Anonymous Coward, 26 May 2016 @ 4:07pm
      
      Re: Re: Re:
      Nice thought, but your information is slightly wrong. The Bessemer process for steel was developed in the 1850's. The industrial revolution started in the late 1700's and ended slightly before the 1850's. China had a version of steel creation very similar to Bessemer's process since around the 1100's and were still using it when Bessemer created his process.
      
      It's also important to note that getting rid of "trade secrets" is not wholly possible using just the idea of patents. Coca-Cola has a trade secret on its recipe for Coke -- this is not patentable and yet everyone accepts that Coca-Cola has a legitimate right to expect that its recipe stay secret and that they are the only company that will use it.
      [ link to this | view in chronology ]
      - Mason Wheeler (profile), 27 May 2016 @ 6:13am
        
        Re: Re: Re: Re:
        The first Industrial Revolution was kicked off by two major inventions: Eli Whitney's cotton gin, and Benjamin Huntsman's steelmaking process. Huntsman declined to patent it, preferring to go the old-fashioned route of keeping it a secret, until a rival managed to copy the technique through what we would call "corporate espionage" today. (Fat lot of good trade secrets did for him!) Huntsman's process turned steel from an expensive luxury to an expensive commodity, and people started using it for expensive stuff.
        
        The second Industrial Revolution, the one which, as I stated above, gave us the modern world, was fueled by the Bessemer Converter, which was far more efficient than the Huntsman process and turned steel from an expensive commodity into a cheap commodity, allowing people to use it for everyday stuff, and the rest is history.
        
        It's not a coincidence that almost immediately after Bessemer's patent expired, placing the Bessemer Converter technology in the public domain, a mechanical engineer by the name of Karl Benz got the wild idea of making a steam engine significantly smaller by taking out the boiler and putting the combustion chamber inside the piston, then mounting the whole thing on a carriage. (If the name Benz sounds familiar, it's because his idea was wildly successful, and the company he founded to produce and market his invention eventually merged with its competitor, Daimler, whose most popular model was called Mercedes.) This would never have happened without easy access to cheap steel.
        
        As for the Coca-Cola "secret recipe", it hasn't been secret for a long time. (Just Google it if you don't believe me.) Its supposed secrecy, like that of KFC's "the Colonel's original recipe", is a joke. The secret ingredient that gives it its subtly unique taste comes from coca leaf with the cocaine processed out. For obvious reasons, the US government doesn't want people importing and making consumer products out of coca leaf, but Coca-Cola is such a massive and wealthy company that they're able to get the laws bent in their favor for this one specific exception, and that's why no one copies their "secret" recipe.
        [ link to this | view in chronology ]
Anonymous Coward, 26 May 2016 @ 12:30pm

...to require MuckRock.com to provide assistance to Plaintiffs to identify and retrieve protected information that may have been downloaded from the MuckRocks website…

I love it when I see things like this written. It makes me giggle knowing that there's full-grown, marginally functional adults who are that removed from technology that they think this is possible.

If this was me being sued I'd ask him to demonstrate this phenomenon as a proof-of-concept. After all, if they're demanding that MuckRock do this, then certainly they've reasoned that it can be done...somehow...
[ link to this | view in chronology ]
- Jack Of Shadows (profile), 26 May 2016 @ 3:32pm
  
  Re:
  That caught my attention as well. I don't think MuckRock keeps that level of detailed logs forever, although "they might." Unfortunately for corporation, you also have people wandering around the internet (or any network) with fabricated information provided to whatever site they may happen to be visiting. Indeed, some may consider it quite a challenge to see how well such fabrications can be achieved.
  
  Just saying.
  [ link to this | view in chronology ]
TechDescartes (profile), 26 May 2016 @ 12:36pm

Landis+Gyr and ... Scalia?
The first document from Landis+Gyr states:
NISTIR 7628 is a set of guidelines for implementing Smart Grid security. The information and requirements within NISTIR 7628 provide valuable direction for developing effective cyber security strategies.
Interesting that Landis+Gyr notes the value of NISTIR 7628, which includes the following in Section 5.3.5, "General Invasion of Privacy Concerns with Smart Grid Data":
The concern exists that the prevalence of granular energy data could lead to actions on the part of law enforcement —possibly unlawful in themselves—and lead to an invasion of privacy, such as remote surveillance or inference of individual behavior within dwellings, that could be potentially harmful to the dwelling’s residents. Law enforcement agencies have already used monthly electricity consumption data in criminal investigations. For example, in Kyllo v. United States, the government relied on monthly electrical utility records to develop its case against a suspected marijuana grower. Government agents issued a subpoena to the suspect’s utility to obtain energy usage records and then used a utility-prepared “guide for estimating appropriate power usage relative to square footage, type of heating and accessories, and the number of people who occupy the residence” to show that the suspect’s power usage was “excessive” and thus “consistent with” a marijuana-growing operation.
As Smart Grid technologies collect more detailed data about households, one concern identified by the privacy group as well as expressed by multiple published comments is that law enforcement officials may become more interested in accessing that data for investigations or to develop cases. For instance, agencies may want to establish or confirm presence at an address at a certain critical time or even establish certain activities within the home —information that may be readily gleaned from Smart Grid data.
However, the Supreme Court in Kyllo clearly reaffirmed the heightened Fourth Amendment privacy interest in the home and noted this interest is not outweighed by technology that allows government agents to “see” into the suspect’s home without actually entering the premises. The Court stated, “We think that obtaining by sense-enhancing technology any information regarding the interior of the home that could not otherwise have been obtained without physical intrusion into a constitutionally protected area, constitutes a search” and is “presumptively unreasonable without a warrant.”
Second, unlike the traditional energy grid, the Smart Grid may be viewed as carrying private and/or confidential electronic communications between utilities and end-users, possibly between utilities and third parties, and between end-users and third parties. Current law both protects private electronic communications and permits government access to real-time and stored communications, as well as communications transactional records, using a variety of legal processes. Moreover, under the Communications Assistance for Law Enforcement Act (CALEA), telecommunications carriers and equipment manufacturers are required to design their systems to enable lawful access to communications. The granular Smart Grid data may also have parallels to call detail records collected by telecommunications providers. It is unclear if laws that regulate government access to communications will also apply to the Smart Grid.
In short, the innovative technologies of the Smart Grid pose new legal issues for privacy of the home, as well as any type of property location that has traditionally received strong Fourth Amendment protection. As Justice Scalia wrote in Kyllo: “The question we confront today is what limits there are upon this power of technology to shrink the realm of guaranteed privacy.”
(footnotes omitted).
[ link to this | view in chronology ]
Roger Strong (profile), 26 May 2016 @ 12:37pm

> But, it's also demanding the removal of the two documents already released, both of which are fairly innocuous (and can be viewed below!)

...And I can confirm, have now been viewed and saved by someone outside the U.S.
[ link to this | view in chronology ]
I.T. Guy, 26 May 2016 @ 12:58pm

Cant we just get download links instead of having to hunt through the page source?
[ link to this | view in chronology ]
- Anonymous Coward, 27 May 2016 @ 12:19pm
  
  Re:
  Just click the "View Document in Fullscreen" button, and then "Original Document (PDF) »" on the right.
  [ link to this | view in chronology ]
Anonymous Coward, 26 May 2016 @ 1:44pm

so what has Landis+Gyr been doing that's illegal for them to be so freaked out by people seeing this info?

If they have done nothing wrong they have nothing to hide, so goes that tired old chestnut.
[ link to this | view in chronology ]
Anonymous Coward, 26 May 2016 @ 2:06pm

I really hate these companies. Not for making things such as "smartmeters", but for making it impossible to trust their new technologies.
We should have had this kind of technology a long time ago, but there is no way we can trust them to not sell our data to the first bidder and that is why, as a technology lover, I am having a hard time adopting new technology.
It should be enough that they can save millions on not having to show up at our door and the fact that with the data they could optimize their business to perfection.
[ link to this | view in chronology ]
GreatGreenGeek, 26 May 2016 @ 2:26pm

FUD and Smart-meters
Goodness. For a blog that rails against FUD, you certainly embrace it. Privacy is certainly a reasonable concern (a highly overblown concern from my experience trying to get smartmeter data from my clients who want to share it with me), but the health concerns are totally bogus. Check out here: http://www.cancer.org/cancer/cancercauses/othercarcinogens/athome/smart-meters

The California electricity providers have rolled these puppies out whole hog and they do a dang good job keeping them locked down. Even for people who want to access their own data, there is two-factor verification to get access to the data.

I also fail to see how a grow operation can be spotted from time-of-use smart metering versus monthly spot reading by a meter reader. Either you use substantially more electricity or you don't. Can someone clarify that for me?
[ link to this | view in chronology ]
- Anonymous Coward, 26 May 2016 @ 4:00pm
  
  Re: FUD and Smart-meters
  I also fail to see how a grow operation can be spotted from time-of-use smart metering versus monthly spot reading by a meter reader. Either you use substantially more electricity or you don't. Can someone clarify that for me?
  It is called pattern matching. It is relatively easy to find certain kinds of information from data collected by looking for specific kinds of patterns in the data collected.
  
  Examples include using bio-electrical signals collected from temples and behind ears to determine eye movements for the purpose of switching on various appartus and switching between various apparatus or using parking infringement notices to determine the general location of specific vehicles in space and time (that one was fun).
  
  When doing various kinds of activities, the power usage profile takes on certain characteristics which can be picked up in the raw power usage data being collected by power meters. It is one technique that can be used to determine how much battery backup you need for a domestic solar array to take advantage of off-peak power consumption in areas where there is a significant difference in price between peak and off-peak energy costs.
  [ link to this | view in chronology ]
- aidian, 26 May 2016 @ 8:24pm
  
  Re: FUD and Smart-meters
  "I also fail to see how a grow operation can be spotted from time-of-use smart metering versus monthly spot reading by a meter reader. Either you use substantially more electricity or you don't."
  
  Using more electricity than usual can mean lots of things: Welder, kiln, hot tub/pool, oxygen machine. Using way more electricity than norm for 12 hours every day -- especially if you do it in the middle of the night to prevent heat build up -- is a sign of a grow operation.
  
  In general, in the US at least, electric records were used occasionally to confirm a target but not usually to find a target. Smart meters could change that. It's rapidly becoming a moot point WRT marijuana. But who know what's next.
  
  I'm sure the security services would tell us they'd never engage in large scale surveillance of utility customers. I'm sure people who think otherwise would be dismissed as cooks. I used to say the same thing about people who talked about how the government was doing wide scale surveillance of phones and internet communications.
  [ link to this | view in chronology ]
Anonymous Coward, 26 May 2016 @ 5:40pm

Leave Landis+Gyr a comment on Facebook
Give them 1 star reviews and leave comments on their posts.

https://www.facebook.com/LandisGyr/
[ link to this | view in chronology ]
aidian, 26 May 2016 @ 8:36pm

These are exactly the sort of records that public records acts are intended for. How well is a system we paid for working? Are there side effects or problems we haven't been told about by the relevant agencies? Were we overcharged? This is absolutely basic good government 101. The idea that it's up for debate is absolutely intolerable.

Interesting to note: Washington state's public records act already allows agencies to give interested parties notice that records affecting them are about to be released, explicitly in order to give them time to seek an injunction. It's a major weakness of the act. So why didn't the agency alert the company first?
[ link to this | view in chronology ]
Tin Foil Hat, 27 May 2016 @ 12:09am

Emulating Yesterday's Meters
I would be great to put a battery between the smart meter and your house. You can just fill the battery and draw the power from that.
[ link to this | view in chronology ]
Tanner Andrews (profile), 27 May 2016 @ 6:29am

Injunction Not Granted, says Original Article
At this point, the injunction doesn't appear to have been granted

It happens that "muckrock" disagrees with you, and claims that they have are subject to such an injunction. Sure, we all know the trial court got it wrong. Most of us also recall that prior restraint is generally disfavored in the U.S.

The good news for the smart meter company is that the Muckrock website appears to have been created by a genius web developer, so it renders in such a way as to be absolutely useless. Someone thinks they know way more HTML than average.

In the future, they should not be allowed anything more complicated than wet string. In the mean time, however, when the injunction is reversed, the meter company will have the consolation of knowing that the documents are still made largely inaccessible.
[ link to this | view in chronology ]
- Phil Mocek, 31 May 2016 @ 11:14am
  
  Re: Injunction Not Granted, says Original Article
  A temporary restraining order was granted. It will take some time for a judge to rule on any permanent restraining order.
  [ link to this | view in chronology ]
Anonymous Coward, 27 May 2016 @ 8:08am

You all are missing the point
The goal of smart meters is so that they can CHARGE more money!!

A dumb meter cannot tell them *when* you used electricity just that you did. Now all of a sudden they can say well this block of hours is a our peak time so its going to cost you.

Just as evil as bandwidth caps.
[ link to this | view in chronology ]
John Fenderson (profile), 27 May 2016 @ 8:15am

It makes me wonder
What manner of bad behavior is Landis+Gyr desperately trying to keep from the public eye?
[ link to this | view in chronology ]
everlastgenerators, 23 Mar 2017 @ 3:16am

I really enjoyed your article, thank you for the useful content.
[ link to this | view in chronology ]