Data privacy and ethics statement

Data privacy image showing some website code

Centre for Net Zero exists to deliver research in the public interest: to accelerate the energy transition. 

Our access to Octopus Energy’s dataset gives us a unique insight into human behaviours. We use tens of billions of data points to understand the behaviours of people and businesses. We leverage these insights, along with field trials, experimentation and models, to design a people-centred future energy system.

Respecting the data privacy of Octopus Energy customers lies at the heart of our approach to research. We recognise the importance of applying high ethical standards to research that leverages customer data. As a result, all data that the Centre uses is processed securely, lawfully, ethically and transparently, in support of research.

Research criteria & ethical principles

Before undertaking a proposed research project, our team collectively review its scope. We are required to demonstrate that it meets the following criteria:

  • Firstly, there is tangible public benefit, maximising benefit for individuals and society and minimising risk and harm
  • Secondly, undertaking the research offers analytical merit within the specific context of advancing the energy transition
  • Thirdly, sufficient privacy protection can be put in place, respecting the rights and dignity of individuals and groups 
  • Finally, ethical principles can be adhered to through the use of the Ethics Self-Assessment Tool provided by the UK Statistics Authority 

This assessment tool is used throughout a research project’s lifecycle to identify the ethical implications of any changes. 

We carefully consider risks and benefits to the research community, industry, policymakers and consumers (including potentially stigmatised or marginalised groups) as a result of any research. We also scrutinise any subsequent knowledge exchange, dissemination activity and future re-use of research or data. 

To further increase the research transparency and rigour, we also pre-register the hypotheses and analysis of our trials. 

Octopus Energy customer datasets & data privacy

Octopus Energy operates in 14 countries and serves 25 million customers globally. It provides a host of innovative products and tariffs, powered by its Kraken tech platform. We have access to a baseline set of information about each customer. This access is provided in accordance with the Octopus Energy privacy policy: “We sometimes process your data where we have a legitimate interest for doing so, for example: For data analysis, testing, research, statistical and survey purposes”.

We therefore have a unique insight into current energy behaviours and how this is influenced by different factors. This includes seasonality, property attributes, local weather conditions and the tariffs that customers are signed up to. 

The datasets we regularly use to do research fall into the following categories:

  • Customer tariffs
  • Smart meters 
  • Smart tariffs (such Octopus Go, Intelligent Octopus and Octopus Agile)
  • Survey data (for those on smart tariffs)
  • Property information (such as location and EPC rating)

We also have access to additional opt-in information that customers provide if they’re participating in pilot programmes. This includes the Big Dirty Turn Down trial, a partnership with National Grid ESO that credited UK customers for delaying energy use when the UK’s energy mix was most reliant on fossil fuels. These customer survey datasets provide us with more granular information about human behaviours during these trials. 

Exporting data from Octopus Energy

There are three core principles that we adhere to when exporting data from Octopus to Centre for Net Zero: 

1. We only export required datasets

In order to export a certain dataset from Octopus Energy, we must provide clear justification of how it supports a clearly defined research use case. We apply a series of challenges at the start of every research project to ensure we only process data we need. We also consider how that processing might negatively impact customers and corresponding data privacy.

2. We pseudonymise all data and respect K-anonymity

We adhere to GDPR and ICO guidelines. This means: 

(i) In accordance with ICO guidelines, all identifiers (IDs), such as Meter Point Administration Numbers (MPANs) and account numbers, must be reduced to only one pseudo-ID (artificially constructed ‘household ID’) that cannot be reversed back to its original form.
(ii) No single combination of dimensions should result in less than K households. This ensures that the data cannot be joined or queried in a way to identify the smart meter readings of a particular household. The appropriate value of K is determined using industry standards. 

3. We add random noise to continuous variables if exported at a household level

Examples of continuous variables include meter readings, kWh consumption and floor areas. By adding random noise, we distort the raw data in a way that cannot be reverse engineered whilst preserving statistical property of the data.

4. We never share or publish raw household data openly

We use raw data to create aggregated views, charts and visualisations that we share externally. However, we never publish household level records openly. This data access is important to enable us to build applications for different stakeholders, such as aggregated low carbon technology demand forecasts for a substation, street or at postal sector level. 

Smart meter data and data protection

The roll-out of smart meters is an important enabler of a smarter energy system. It gives consumers control over their energy use and helps improve investment decisions in Britain’s energy infrastructure. Smart metering will result in a step change in the volume and granularity of energy consumption data that is available from gas and electricity meters.

Smart meters enable the collection of daily or half-hourly consumption readings. In accordance with Octopus Energy’s smart meter terms and conditions (section 16), we have access to customers’ half-hourly meter readings, provided they have consented. 

Each meter is uniquely identified by a meter point administration number (MPAN). One or more individuals consume electricity from a given meter, so an MPAN can be used to identify individuals. We apply a range of anonymisation techniques to smart meter data to protect the identity and privacy of individuals.

Protecting customer data whilst promoting openness and transparency

We support ethical data sharing, where possible, to help individuals, industry and policymakers transition to a greener future. At present, the energy data landscape is complex and siloed. Data is fragmented across a diversity of industries and stakeholders. By sharing data across sectors and organisations and improving transparency, we can fast track activity and innovation that otherwise wouldn’t be possible. 

Where we identify needs in the pursuit of the energy transition to share or publish data outside the Centre, we use aggregation and similar methods to further anonymise these datasets and minimise risk.