“Having a shared data infrastructure on consumers in vulnerable circumstances has always been important, but now it’s important and urgent”, says Elizabeth Blakelock, principal policy manager at Citizens Advice.
While there are examples of individual efforts to share data, the utilities sector is yet to see the emergence of a single, nationwide priority services register (PSR) containing details of every vulnerable consumer. This is despite a common acceptance of the benefits it would bring.
“We absolutely need to be able to identify people who need support, it’s important now as we get support to people who need it during this pandemic, it’s going to be equally important as we move to a net zero world where we need to know who needs extra support and advice as we go through that transformation”, Blakelock adds.
Back in 2018, Electricity North West and United Utilities trialled such a scheme in 2018, but plans to roll out a common register nationwide in April last year were delayed.
Elsewhere in October 2020 Auriga Services launched a nationwide portal allowing utilities to use the software to keep track of their PSR data. The portal can be branded for any company and customers will only have to enter their details once to allow their utility to access the data. Auriga believes this is a stepping stone towards creating a shared PSR.
The urgent need for a shared PSR is recognised, so why then are we still waiting for one to emerge? One reason often cited is the fact there is no coherent understanding of exactly what information companies can share under GDPR rules.
One roadblock often cited the lack of a coherent understanding of exactly what information companies can share under The General Data Protection Regulation 2016/679 (GDPR).
Thames Water changed its approach to registering people for its PSR last September – removing the barrier of explicitly asking for consent through substantial public interest conditions which are set out in the Data Protection Act. This means third parties like relatives, carers and charities can add someone to the PSR on their behalf.
This has led to an agreement with London Fire Brigade, set to launch in February, which will share data of c3,000 vulnerable customers every month, to be added to Thames’ PSR
Does Thames’ approach to data sharing open the door to a national shared PSR? Peter Cotton, Thames’ vulnerability lead believes it is a step in the right direction but there are further issues to overcome.
“The main stumbling block is a common understanding of the legal framework and also consumer trust and confidence and belief in it being the right thing to do. Creating a system is not the issue, there are many different companies out there who could promote and create a system that met the requirements but unless you had the common legal basis and common interpretation you are not going to go anywhere”, says Cotton.
‘Regulators need to step up’
Ultimately, Cotton believes it is time for some regulatory leadership: “Because there are so many different parties you need to have someone show some leadership and that seems like a good role for regulation to provide that stake in the ground for us to act on.”
Sharing similar concerns about a lack of common understanding of the legal framework is Adam Scorer, chief executive of National Energy Action (NEA). For Scorer, provisions within the Digital Economy Act should mean some of the concerns over data sharing can be overcome, but he suspects the problem lies with a general sense of anxiety and risk aversion felt by companies unsure of what they can do with their customers’ data, with severe financial and reputational consequences if they fall foul of the rules.
“I do not think there has been that level of engagement with firms about what is permissible within the Digital Economy Act and within the sector specific regulation and what we are looking for companies to do within that legal framework”, he says.
Scorer believes the issues could be solved with more clarity from four groups – the Information Commissioner’s Office (ICO), the government, regulators Ofwat and Ofgem and the retailers themselves.
“There’s a need for clarity about what is possible. If things are not possible, why aren’t they and what can we do to bring it within the spirit of the law and in the realms of possibility?”, he adds.
Both Cotton and Scorer’s thoughts on legal clarity and are shared by the UK Regulators Network (UKRN) which recently published a report titled How Can We Help You? which acknowledges there is a fear on the part of consumers and firms in sharing data.
Both firms and consumers, it argues, are “nervous” in navigating the legal parameters of data sharing, and working through the practicalities.
Fear, the report says, stands in the way of progress and is often based on misconceptions that have stemmed from a lack of clarity when it comes to discussing data in general.
“Opinions seem to be clouded by a culture of fear and distrust when it comes to discussing data”, the report adds.
Moving forward, UKRN calls for a reframing of the language around data sharing to combat negative associations with the term, for companies to build empathy with those who would benefit from data sharing and also to build confidence using legal bases other than that of consent.
With regards to the latter point, Cotton believes utilities can learn from the recent changes to organ donation rules which now require people to opt out rather than opt in.
“As soon as you start to ask consent you create a huge barrier to serving those people who need help. There are other ways of giving confidence and trust and visibility of your data rather than just consent, such as a user-friendly interface to the database giving you or trusted parties control over what information is held there, plus clear and transparent explanations of where data goes and how it is used.
“It should be an opt out rather than opt in system, like organ donation. When the rules were changed recently they were accepted without any real kickback. Having the organs of your loved ones removed is very different compared to what a PSR does where in the worst-case scenario we’ll turn up on your doorstep with some water during a supply interruption. What is the detriment to the customer if we hold that data?”
The ICO has already made progress in issuing guidance when it comes to the role of different legal bases and has published a data sharing code of practice. But still there is a feeling of trepidation from utilities over what can and cannot be done.
UKRN’s report adds: “Firms need to be reassured that data protection should not stop the sharing of vulnerability data.”
Transient vulnerability
One thing the Covid-19 pandemic has shown is how people are at risk of transient vulnerability. Their circumstances can suddenly change meaning someone who has never been vulnerable previously can suddenly find themselves behind on their utility bills.
For example, recently published research from Citizens Advice found there has been a 40 per cent increase in the number of people behind on their energy bills, with 600,000 more people in debt to their supplier in December than February.
Duncan McCombie is the chief executive of Yes Energy Solutions and also chairs a water and energy affordability group led by NEA and Northumbrian Water, with the latter currently working to share PSR information with network operators and retailers.
While he believes that a shared PSR is achievable, a central database raises a number of questions such as whether the data is kept up to date and how it will be funded.
Says McCombie: “If it’s a central register do you therefore have a central part of that register being a contact centre, phoning customers up to make sure they are still vulnerable? We all go through vulnerabilities at different stages in our life, moving home and having a baby could be temporary vulnerability. Who is responsible for making sure it’s up to date?”
Matthew Cole, former head of policy and customer vulnerability at Npower, believes a way to improve the current system is by reassessing the full scope of what a PSR does. He too can see how transient vulnerability can be missed by the current system.
Cole explains: “I think what’s probably needed is a rebranding of PSR completely, maybe just call it a customer register, then it captures wider information. For instance understanding someone’s financial situation is really important. If someone is made redundant say, that’s really good to know, you can look at how you can target services to them.
“At the moment that would never be something which would be picked up in the PSR. Maybe it’s just a wider general register we need of customer circumstance that companies can dip into, it can really help decision making if you get it right.”
Further issues outlined by McCombie include the quality of data. He says the data held by utility companies ranges from good to “shockingly poor” and that a shared PSR will highlight the inadequacies in data quality and in some cases, conflicting information.
“If you look at a DNO it will have the same customers as an energy retail business and the variance of the data between the two can be quite significant. If an energy company updates their information because they’ve heard something from the customer and the DNO says it had heard something different, you have to phone the customer up to find out.”
Situations like this, he adds, pose a further question of who incurs the cost of picking up the phone to the consumer and establishing which data is accurate.
It is clear that a shared PSR is a common goal for the sector but the process remains mired in doubt and trepidation. Clarity over the legal framework and a common approach to communicating the process to consumers is desperately needed for these roadblocks to be cleared.