Messages

„Our news team is independent and does not receive funding from advertising. We report on a daily basis on digital topics, internet politics, sustainability and consumer protection issues.“

Switzerland: Electronic water meters collect too much data

Created at 22.February 2021, 19:45 | Category: News

The Swiss Federal Court declared water meters that transmit consumption values every 30 seconds via radio as impermissible in a municipality. The judge found an interference with the right for self-determination with regard to personal information.

Swiss Federal Court in Lausanne
Although the water meters transmit encrypted data, their intended purpose goes against data economy policies according to the court. (Source: IMAGO / imagebroker)/figcaption>

The highest Swiss court pronounced judgement regarding electronic water meters that collect data over a long period of time and transmit this data regularly via radio. In the published judgement made by the Federal court last week, the judge ruled that the personal rights of the plaintiff were violated. In principle, electronic water meters are however intended to report usage.

A resident of the municipality Auenstein brought the case to federal court after the administrative court in Aargau dismissed his charges in the previous year. In October 2017, the municipality installed a radio water meter in the plaintiff’s building of residence. Municipal workers can use a device to perform annual readings of the recorded values without entering the building — for example, from a car.

In its decision, the Federal Court has found an interference with the right for self-determination with regard to personal information because the installed model collects too much data. The iPerl device, manufactured by GWF, saves values for alarm status, the current counter reading as well as the maximum and minimal measured flow rate in hourly intervals for a period of 252 days. The meter transmitted this encrypted data every 30 seconds via radio. According to the court, in this scenario it’s possible at any point in time to trace back the hourly value for the past eight months.

Even though the municipality only wanted to read the current usage and not the hourly values, it “did not change anything”. There is no legal basis for saving the data and transmitting it every 30 seconds. “This data processing proves itself unnecessary and is therefore excessive”, according to the judgement.

Municipalities must uphold the principle of data economy

The plaintiff argued that a consumer profile could be created from the collected data of which, under circumstances, could be accessed by third parties. The Aargauer administrative court countered in the first instance that the data is well protected and that access from unauthorised parties could be ruled out. However, the Federal Court also decided that “data security alone cannot outweigh that more personal data is being processed than necessary”. The purpose of data avoidance principles and data economy is that only necessary data will be collected and nothing more. “In this regard, it’s also more ensured for your protection: non-existent data cannot be misused”, according to the Federal court.

Indeed the Federal Court did not generally prohibit the implementation of electronic water meters: the public interest of these devices stems from the greater efficiency in being able to read meters from a distance. However, this did not apply for the 252 days of collected water amounts.

With its judgement, the Federal Court reversed the previous ruling of the administrative court. The municipal council of Auenstein now must investigate how it can reduce the collection of data.

The plaintiff originally requested that the municipality install an alternative meter and informed the Aargauer data protection officer of the case. The data protection officer confirmed in her investigative report from September 2018 that consumer behaviour can be determined from the collected information — such as how often the shower is used or at which times no water is used and if occupants are likely not at home. She recommended deactivating wireless modules or adjusting programming accordingly for meters that have already been installed without consent for data processing. The water meters should only collect data required for invoicing and only do this once or at a maximum of twice a year when requested by a reading device.

Smart meters for electricity metering

Also in Germany some water companies have already implemented digital meters. The Hessian data protection officer, Michael Ronellenfitsch issued a statement regarding radio water meters on properties in March 2020: accordingly the values recorded for properties “with one or two residential units at most” are personally related data. Already in 2018 the Bavarian data protection officer, Thomas Petri warned that data that can be read at any time from digital water devices could be used to create a profile of every day behaviours of residents. Bavaria introduced rules for using electronic water meters in 2019 that include a right to object.

Whereas in the energy sector, there is already an obligation for digital meters: the 2016 law on the digitization of energy transition calls for the nationwide installation of digital electricity meters by 2032. A legal constraint for so-called “smart meters” exists for households with an annual use of over 6000 kilowatt hours. Since 2020, these meters have been gradually included with devices. They transmit collected values to energy providers and network providers — for example, via mobile networks. Smart meters remain optional for households with low energy usage. In such cases, meter operators decide whether they will install a digital electricity meter without a wireless module or a radio electricity meter. Customers must be informed three months in advance about the planned installation and be notified that they have the possibility to change to another provider.

The German Federal Consumer Protection Board writes the following regarding this: “As with every device that sends data via radio or cable, an intelligent reading system is also generally vulnerable to people and companies with criminal intents. They could gain knowledge about everyday life and habits of residents from the stored measured values.” The communication module must be certified by the German Federal Office for Information Security.