A taste of things to come? - UK smart meter data access

I believe in most cases the energy supplier delegates the management and data collection to a third party (SMSO). Based on what I read, it seems Secure Meters, the manufacturer of Liberty 100, also provide such SMSO service to energy providers installing their meters. In this case, if you swap providers, your old energy provider might no longer have access to your meter readings (nor will the new provider), but the SMSO will remain having full control. Hence why moving the devices from SMSO to the DCC (regulated entity) becomes a more appealing prospect. I decided to switch providers and I can see that my device is still connected to the WAN (i.e. SMSO’s communications network). It is quite discomforting to know that a third party not linked in any way to me (or my energy supplier) still have access to my energy usage data. Not much I can do until my meter is either replaced or transitioned.

Do you have a list of all the SMSO companies?

I’d be intrigued as to the ICO’s take on this. I might just ask them if they regard energy data as ‘Personal Information’.

I do not have a full list, but you can see how the solution works on Secure Meters’ webpage: https://www.securemeters.com/index.php/products/residential/utility-retailers/smart-metering-gas/secure-smso/

I suspect we are not given much visibility on who our energy suppliers use to maintain our meters (i.e. act as SMSO on their behalf). Having said that, an easier route for them is to use the manufacturer’s own managed services (provided they provide such service). I assume this issue might eventually go away when old meters are finally transitioned to DCC. Even after this final enrolment, I am not entirely sure if SMSOs will still play a part though.

1 Like

@borpin, I was able to find the following SMSOs from DCC development plans.

Service Providers:

  • CGI Instant Energy;
  • Trilliant Networks;
  • Secure Meters;
  • Morrison Data Systems (MDS);
  • EDMI

The document used as reference was:

1 Like

This has really piqued my interest from a data privacy point of view. Next time I get a call trying to get me to install one, I may just ask some pertinent questions… In the meantime, an FOI to Ofgem for a list of SMSOs is a start.

I got the reply to my FOI today. Honestly it does not make good reading. The TL;DR is that

  • The regulator has no idea what companies are acting as SMSOs
  • There might be a convoluted way for an individual to discover who the SMSO is who manages your meter if you have left the original supplier (else the supplier should be able to tell you).
  • The regulator has not considered any GDPR implications of Smart Meters.
  • It is unclear if the original supplier continues to have a commercial relationship with the SMSO if the customer leaves that supplier. If there is no commercial relationship, who the Data Controller of the personal data that is probably still collected is unclear.

It is entirely possible that, once ‘dormant’ the SMSO is still collecting the personal data and processing it however it likes, with no oversight.

Reinforces my position that I will never have one in this house.

FOI Response from OFGEM

Reference number: FOI-1-2019

Thank you for your correspondence of 2 January 2019 where you requested information about smart meter system operators (SMSOs). We have considered your request under the Freedom of Information Act 2000 (“FOIA”).

For ease of reference each of your questions has been answered in turn.

"I would like all information on the regulation and management of SMSOs within the UK."

SMSOs remotely interact with meters on behalf of suppliers in order to provide reading and other services on a commercial basis. SMSOs can act as a third party on behalf a supplier by entering a commercial contract. Ofgem does not regulate commercial contracts, and does not directly regulate SMSOs. It is the responsibility of suppliers to ensure that any third party acting on their behalf is adhering to any relevant obligations. If an SMSO should breach regulations, the supplier is ultimately responsible, and we may consider taking action upon the relevant supplier in line with our organisation-wide Enforcement Guidelines, which can be found here: The Enforcement Guidelines

"I would like a list of all registered companies that act as an SMSO within the UK."

We do not hold the information that you have requested. In the interests of being helpful, we have provided some relevant information below.

The Data Enquiry Service (DES), maintained by Xoserve, holds details of the Meter Asset Manager (MAM) and DCC/SMSO at gas meter points. Details for DES can be found here: Data Enquiry Service | Xoserve

Similarly, for electricity, ECOES (governed under the Master Registration Agreement, MRA) provides details of the Meter Operator (MOP), Data Collector (DC), Data Aggregator (DA), Meter Asset Provider (MAP) and DCC/SMSO for electricity meter points. Details for ECOES can be found here:ECOES »

"I would like all information, including any discussions that may have taken place over this subject pertaining to the relationship of SMSOs and the personal data they collect, with respect of the Data Protection Act and GDPR."

We do not hold information relevant to your request.

As noted above we do not directly monitor the commercial contractual aspect of SMSOs. Nevertheless as third parties who process the relevant data they are also subject to the GDPR rules, and therefore must ensure that they comply with the applicable principles. Any data collected by third parties must not be processed in a way that is unduly detrimental, unexpected, or misleading to the individual concerned. Additionally, only the relevant data actually needed should be collected and must only be used for its intended limited purpose.

We note that suppliers are obligated to ensure any third party acting upon their behalf acts in accordance to all applicable regulations.

"How does an individual find out who the data controller of that data is especially when the customer moves away from the company that installed the SMETS1 meter."

The Data Protection Act 1998 and GDPR give individuals the right to request personal data that is being processed by a data controller, through Subject Access Requests. Consumers would continue to benefit from this right (and others) in parallel with the protections afforded by the government’s smart metering Data Access and Privacy Framework.

Customers should contact their supplier to make a Subject Access Request. Individuals have the right to find out if an organisation is using or storing their information, and they can request to know what the data is used for and with whom this data is shared with. Please note, you can only request access to your own information, and in some circumstances the organisation may refuse to grant assess. For further information please refer to ICO’s website and theirrights of access page which contains useful guidance on the topic.

Ofgem expects that suppliers provide information to consumers that is commensurate with the data they are accessing from the consumer’s smart meter.

1 Like

You could make a Subject Access Request under the Data Protection Act 2018 to the old supplier asking for all personal data and ask specifically about the SMSO who collected your personal data on the suppliers behalf and ask when they last received data from that meter. It is entirely possible the old supplier is still collecting the data.

If that gets you nowhere, you could try the ICO.

I can’t really as I don’t have a Smart Meter :smile:

I have just had my smets/2 smart meter fitted by Scottish Power and would love to get access to real-time data. Did anything work out with the Eagle device mentioned above?



Hey sorry to reply so late i dont monitor this forum very closely. If you @ me (or equivalent) i get an email. Anyway, we are in process of testing the rainforest CAD in realistic SMETS 1/2 sandbox environments. The product itself cannot be sold in UK currently as it does not meet EU RED etc. However, it would not be difficult for rainforest to adapt it to meet EU requirements and they are willing to do so if there is a market for the product, which is something they are coming around too. I will certainly keep this forum up to date on any developments.

On the pairing side, we are expecting to have SMETS 2 pairing capability towards the end of the year. Some companies can do this already. This will put an end to people having to deal with suppliers. There are also fairly advanced proposals for existing SMETS 1 meters which would bypass suppliers but are largely a stop gap measure as these will be migrated.

People should know that this situation is rapidly changing. I would expect to see consumer CAD products (or products which integrate a CAD) coming out this year or next.

1 Like

I have been looking in to the possibility of connecting a CAD, here is my view of the ‘State of the Union’.

  1. I spoke to Rainforrest Automation, I get the impression that their Eagle-200 might work with UK SMETS1 meters but not SMETS2 meters. It certainly is not officially sold to the UK and unlikely to be on any ‘white lists’.
  2. Some IHD devices also have CAD functions built-in, therefore in theory if your SMETS meter came with such an IHD/CAD you might have all you need. An example would be the GeoConnect Treo II Button. Unfortunately it seems these are typically supplied by energy companies without the matching WiFi module. See - https://www.smartme.co.uk/documents/trioIITouchButtonuserManual.pdf
  3. The Hildebrand wired hub is not available
  4. The Hildebrand aka Glow WiFi CAD is listed as only being SMETS1 compatible.
  5. The Mira is listed as both SMETS1 and SMETS2 compatible but apparently not sold to customers only energy companies
  6. The Smappee energy monitor uses a clamp to monitor electricity use and this will still work, however their gas monitor uses optical or magnetic sensors and this will not work currently with smart meters of any type
  7. A company called TheLabrador operate an energy switching service. They have and hopefully still do provide a matching device to link to your SMETS1 and SMETS2 meter which is as far as I can see a CAD device which uploads to their cloud monitoring service. This in theory could be scraped for data and they may eventually provide an API. This device is called The ‘Retriever’. Since TheLabrador is not an energy supplier - merely a switching service they use this device as a means for them to monitor your energy usage without you needing to manually enter data each time and will then switch you to a new cheaper tariff or provider based on your location and usage.

On a different topic, since smart meters, IHD, CAD etc. all use Zigbee it would in theory be possible to have a Zigbee repeater to boost the range of devices. Such a device would need to be connected to the HAN and this requires it be ‘approved’. Sadly there seems to be no such approved repeaters for this purpose to help those customers who perhaps have the meter outside their house and hence are suffering signal strength issues.


Great summary.

We (Carbon Co-op) actually paid for Rainforest to come over to UK in March and spec up the changes required to their product to make it work with SMETS2. This is on hold for the moment but they thought it was eminently doable for all the reasons you outlined. They wont need much more convincing!

We also continue to explore the possibility for making an open source CAD based on raspberry pi. We now have access to suitable testing facilities (which was the main obstacle for an organisation like ours before).

Labrador have now been purchased by Verv I think mainly for their CAD technology. They did seem to have convinced the suppliers to whitelist their devices somehow although I dont think it was all of them participating in the first place.

Carbon Co-op now have access to SMETS1/SMETS2 smart meter data through the SMSOs (in case of SMETS1)/DCC (in case of SMETS2). This doesnt give you the near-real time data you get from a CAD, but we do get a range of 30 minute data. We currently are only providing this service to our members but are planning on offering a public web service with an API and integrations in the near future for a nominal cost (e.g. £10 a year).

1 Like

Oh and we believe next year we may gain the ability to white list devices through the DCC. This is pending some decisions about exactly how CAD pairing will work but we are optimistic we may gain this capability. This would allow our users to pair devices to ‘BYOD’ to their HANs .

1 Like

Bristol Energy have started installing SMETS2 meters and I’ve requested to have one installed.

Interestingly there was a button on the registration form that gives them permission to collect 30 minute readings (which I selected of course). I assume there is some kind of framework for the suppliers which means this kind of resolution must be an opt-in?

We also continue to explore the possibility for making an open source CAD

Bristol energy were quite helpful in researching how to get a personal CAD attached to the HAN. I might be able to find some time to contribute to an open source CAD project. Are there currently any resources describing what is required to work with Zigbee or what type of hardware might be suitable?


Interestingly there was a button on the registration form that gives them permission to collect 30 minute readings (which I selected of course). I assume there is some kind of framework for the suppliers which means this kind of resolution must be an opt-in?

Yes you have to opt-in to 30 minute readings. Otherwise it defaults to monthly.

1 Like

Are there currently any resources describing what is required to work with Zigbee or what type of hardware might be suitable?

No although we have a reasonable idea now of what would be involved. The tricky thing is identifying a suitable Zigbee hardware package and then the whole process of prototyping / debugging it which will require certain expertise. The DIY approaches using a XBee or the TI C253x are probably a dead end as the SEP 1.2 is not well supported by these platforms. NXP looks like a much better candidate as they have SDKs specifically for the updated spec. There maybe others.

In order to pass certification the part that interacts with the meters probably will have to be separated in a sub-system which will restrict its operation in some ways. I think this can be facilitated relatively easily whilst still allowing a lot of data and control to be accessible to the host system.

And you cant do development with ‘live’ meters, you have to do it in sandbox / test environment first. We are actively exploring ways to achieve this but it will require some money. We think around £150000 for a first prototype. This is within the realms of grant funded innovation competitions which we are looking at.

Once the base system has been developed it will be much easier for other people to do stuff on top of it. We would like to use a raspberry pi compute module based system. The smart meter connection would then be provided by an internal hardware interface (and maybe higher level software API) to the aforementioned sub-system.

Interesting. Why are the meters using zigbee if there is no hardware readily available to make use of it?

What is the rationale for that when this has no builtin comms? I’d have thought and ESP32 based system would offer far more flexibility.

OK, not being able to pair a development environment to a ‘live’ meter would be a significant barrier to an Open Source project. I recall now that SMS-Plc were asking for serial numbers, manufacture name, software version and Zigbee approval of a CAD. Although I’m sure the Zigbee SEP includes authorisation which limits what a consumer CAD / development environment could do anyway so seems a bit draconian.

I’ll take a look at the NXP kit and the SEP 1.2 spec, if I can find some time and might as well see if I can annoy Bristol Energy / SMS-Plc enough to get one commissioned on my future HAN.

Interesting. Why are the meters using zigbee if there is no hardware readily available to make use of it?

It is more to do with firmware and SDK support for the new 1.2 spec which varies by manufacturer. There is a lot of Zigbee hardware around which theoretically could be used as a basis. There are also OEMs offering more complete packages based on router hardware. A lot of the UK CAD manufacturers are white labelling these types of thing.

1 Like

White Labeling?

Yes that would also be an option. You need to provide an ethernet interface on both but I recognise the ESP has the advantage with the built in wifi/BL. It depends what role you want the device to play - just a basic gateway or a more flexible platform. You could also design the CAD sub-system so it could be used by either RPI or ESP as well. The way the emonEVSE works with a low level charger sub-system connected to a higher level communications module would be a good model.