On behalf of the Danish Ministry of Energy, Utilities and Climate the Danish Energy Agency has examined whether the General Data Protection Regulation (GDPR) permits the opportunity of using more frequent remote reading data without consent from the consumer for environment and resource purposes in the heat and waters sector. The conclusion is that under certain conditions companies do not need the consent of consumers, if companies want to read meters more often than they do in connection with billing.
As of May 25th 2018, the new law on data protection come into force in Denmark and the rest of EU because GDPR will be applicable. In that connection, the Danish Energy Agency has been engaged in a dialog with the Ministry of Justice to clarify the legal basis of using more frequent remote reading for e.g. environmental and resource purposes.
The Danish Energy Agency has determined that collecting and handling metering data by more frequent and intelligent remote reading can be conducted on the basis of GDPR article 6 (1) (e) and (f) provided that the basic principles of handling in GDPR’s article 5 is observed. Thus, the more frequent reading of metering data will not need the consent of consumers. However, there is a number of preconditions that need to be met:
- Data must only be used for operations optimisation (e.g. monitoring leaks), increased security of supply, accurate reading etc., as this can be regarded as being in the public interest or constitute a legitimate interest, cf. Article 6 (1) of GDPR 1, (e) and (f).
- The fundamental principles of handling in GDPR article 5 must be observed.
(Translated from Danish to English)