Arshad Saleem

European General Data Protection Regulation GDPR- focus on energy data Part I: From challenge to opportunity

Blog Post created by Arshad Saleem Partner on 25-Apr-2018

With exactly one month to go in the enforcement of the much talked about European General Data Protection Regulation GDPR, I start writing a series of short notes on key features of the GDPR, the challenges as well as opportunities it brings for the industry. The rollout of smart metering infrastructure together with the introduction of new, so-called behind the meter, local energy assets, such as solar photovoltaics, batteries, and electric vehicles have made the possible generation of a wealth of consumer energy data. This means that the GDPR is as much relevant for the energy industry as for any other ones. While most are seeing GDPR as a challenge I believe it brings an opportunity as well. This opportunity is interesting and valuable in particular for entrepreneurs and startups.  


In order to be efficient and avoid having to write a long text, I will be using pictures from my recent presentation. Please leave a comment below or write me a direct message if you would like to have more elaboration on any of the points I bring.


Key facts


Being a law not directive means the GDPR will be directly enforced in all members states. It does not require any further country-specific legislation. Those reading this blog sitting in Brussels please feel welcome to correct or improve my knowledge on this topic.  


Key scope areas

The GDPR is relevant whenever it comes to collection, storage and processing of consumer data. The processing includes delegating data or giving access to third parties. If you have not done already please go read the famous Facebook cambridge analytica breach scandal which is mostly about third-party access.


Key relevant data


The most relevant data items in the scope of GDPR are those that identify a person or its activity. It ranges from personal to social and to economic ones.


Key rights

Consumer rights are very core of the GDPR. My favourite one is the right to demand portability.  In my view, this is what will cause the breakup of the so-called data silos and enable new business models and opportunity for entrepreneurs.


Key areas of the business value chain

When a challenge comes for some it brings opportunity for others. Organizations have already been investing for a while in understanding GDPR, making a corporate level compliance strategy and adopting cybersecurity tools for breach prevention. Following is an exemplified illustration of the current GDPR business opportunity value chain.    




*All logos are property of respective companies and are used here only for the purpose of exemplification.


Key business model opportunities

Here comes my favourite – an interesting new opportunity for energy data entrepreneurs. The Right to demand portability part of the GDPR has potential to enable break up of the data silos where few large companies (Facebook, google etc, large energy utilities in the case of our industry) sit on top and lock data of the most customers. With GDPR in place, energy entrepreneurs will have the opportunity to come up with innovative offerings compelling enough to convince energy consumer (or prosumers) to port their data to them and monetize it. Markets for energy data are going to be enormous. A recent article in Forbes magazine suggested that energy data market only for data from moving electric vehicles is going to worth USD 10 trillion. 



Get ready energy entrepreneurs – exciting days are ahead!