Smart Meter Companies Sue Local Activist and City to Block Disclosure of Security Audits
The Register reports:
Smart meter makers are battling to keep Seattle’s power grid designs under wraps—claiming that if the details are made public, they could be exploited by hackers to plunge the US city into darkness.
Sysadmin-activist Phil Mocek requested documents from the city on its smart meter system under the Freedom of Information Act, only to be menaced by a lawsuit claiming the release of files describing the network would pose a major security risk.
Attorneys representing contractors Landis & Gyr Technology and Sensus Inc have filed a restraining order seeking to prevent Mocek from getting hold of blueprints for a network of smart meters they proposed to the Seattle City Light power utility.
At a King County court hearing yesterday, Commissioner Carlos Velategui granted the companies’ request for a temporary restraining order, lawyers for the companies told me. “There’s no way that I can spend the time to look at all this,” Velategui said. Neither Mocek nor the city showed up to defend themselves.
Chillingly, one of the companies has demanded that a security audit already released by the city to Mocek be removed from the Internet. And it demanded that Muckrock, a public disclosure website, provide the company with information about who had viewed the document and where it had circulated. Because… trade secrets! Terrorism! Muckrock firmly rejected the demands.
Mocek, a programmer and longtime local privacy activist, said this all started when he noticed a report last month about British law enforcement intervening in plans to roll out “catastrophically insecure” smart meters in the United Kingdom. Mocek asked Seattle City Light for security audits of the smart meters it plans to install in homes across the city, but got the run-around on Twitter. So he filed public records requests.
As for the companies, “it seems like they’re trying to maintain security through obscurity,” Mocek told me, arguing that the best way to close security gaps is for the companies to open up their technology to public scrutiny.