Privacy violation through improper handling of electronic waste
This topic is related to the IoTSec Project.
Ask for discussions with one of the supervisors, for more information or variations of the project. See also general concerns.
Distribution system operators (DSO) represent the link between the electric grid and end-users, as they are responsible for delivering electricity to residential homes, industrial consumers, etc. As the grid quickly evolves into a Smart Grid by the addition of a variety of IoT devices like Smart Meters, more and more personal sensitive information is being collected, transmitted and stored. When devices are replaced, sensitive information might still be present that could end up in the hands of persons trying to take advantage of it causing privacy threats.
The thesis would focus on electronic waste handling practices (current and planned) by identifying
- devices storing sensitive information (including but not limited to the Advanced Metering Infrastructure – AMI),
- the attributes of the information stored,
- regulations regarding the data life-cycle.
Questions that the thesis might answer:
- Is it a reasonable worry that information might be leaked from discarded devices? (Risk owner – Customer)
- What are the existing e-waste handling practices?
- Are there DSO`s (among the 100+ in Norway) whose customers might face the risk of their information being leaked after storage devices are discarded? (Risk owner – Customer)
- Might DSO’s face penalties for negligent handling of discarded devices? (Risk owner – DSO)