View by Topic

Recent Articles

View by Month/Year

“Green Building Law Update” Headlines

Recent Articles & News from
Stuart Kaplow’s blog
at GreenBuildingLawUpdate.com

Subscribe to the Green Building Law Update!

Stuart Kaplow brings his expertise and extensive experience to the table with his unique digital publication, "Green Building Law Update". Subscribers receive regular updates to keep them informed about important issues surrounding Environmental Law, Green Building & Real Estate Law, as well as the emerging demand for Environmental Social Governance (ESG).

Get fresh content through the lense of Stuart Kaplow's cutting-edge expertise, innovative commentary and insider perspective. Don't miss another issue! Subscribe below.

Data 12 | stuart d. Kaplow, p. A.

Greenhouse Gas Data Confidentiality Takes Two Steps Forward

SHARE THIS ARTICLE

Earlier this year, the EPA issued a notice of proposed rulemaking that would amend provisions in its Greenhouse Gas Reporting Rule altering data collection including expanding the confidentiality of data collected. Then last month, California Governor Gavin Newsom signed the Delete Act overhauling the State’s data broker law.

At a time when the world’s most valuable resource is no longer oil but data, we recently blogged about this new and emergent space in Do You Own Your GHG Emission Data?  And considering the Trillions (.. yes, T, Trillions) of dollars involved we also blogged, Tenants Monetizing Their Greenhouse Gas Emission Data.

Best in class companies recognize it is time for business to own their own GHG data.

Today under its Greenhouse Gas Reporting Rule, EPA requires the reporting of GHG emission data by more than 7,500 businesses whose emissions exceed 25,000 metric tons of CO2e per year including fuel and industry gas suppliers.

EPA previously admitted in a Federal Register notice, “due to the large numbers of entities reporting” GHG data, it cannot timely address data security and privacy concerns over confidential business information because the information the Agency has “.. must be available to the public.” But then in Food Marketing Institute v. Argus Leader Media, the Supreme Court ruled where commercial information is both customarily and actually treated as private by its owner and provided to the government under an assurance of privacy, the information is “confidential” within the meaning of 5 U. S. C. §552(b)(4), the Freedom of Information Act’s Exemption 4.

In response to that Supreme Court decision, EPA revised its approach to confidentiality. The Greenhouse Gas Reporting Rule requires reporting of numerous data elements to characterize, quantify, and verify GHG emissions and related information, and on May 22, 2023, EPA published the proposed rule, Revisions and Confidentiality Determinations for Data Elements Under the Greenhouse Gas Reporting Rule.

When final, it will remain EPA’s reporting platform, but it will be business data and businesses will own it.

Then on October 10, 2023, the California Delete Act that had been SB 362, became law, bolstering the state’s existing data broker registry law by, in part, requiring more disclosure by companies that regularly and systematically collect, analyze, and share or sell the personal information of consumers and proprietary information of businesses. This includes data brokers that collect and profit, including utility data and other GHG emission relevant data, from this data without having any direct relationship with the utility consumer or business whose information they amass.

Of note, the updated California law also expands rights to have data deleted and requires the state to create an accessible deletion mechanism that allows, through a single request, to request that every data broker to delete personal or business information, including utility data, held by the data broker.

And the risk associated with this utility and associated data is dramatic in scope and vulnerabilities all of which are exacerbated when the data is not held confidentially. There have been media accounts in recent months about cybercriminals, malware, and more, who appreciate the dollar value that passes hands in the utility sector, about nation state actors who may want to cause disruptions, and hackers who oppose a utilities agenda (from a substation location to GHG reductions), and more. Because utilities are geographically diverse by nature there are untold points of entry for malicious activity. And the sector’s broad and expanding use of technology from wireless smart meters, to aggregating customer data for sale to government actors, all of it often managed by third parties, create heightened risk for businesses that simply need access to electric and gas power. A building owner ‘air gapping’ or transmitting data via a third party provider of its utility operational technology systems is important but does not provide adequate security for its utility and associated GHG data.

And while GHG data confidentiality has taken two steps forward with these enactments it takes one big step backward when despite that EPA will going forward treat as confidential information in EPA’s GHG large emitter program it inexplicably does not afford similar protections to businesses inputting data in the EPA Energy Star Portfolio Manager program in clear violation of federal law as made clear by the U.S. Supreme Court in the Argus Leader case. As increasing numbers of state and local government building energy performance standards (BEPS) mandate that thousands upon thousands of businesses utilize Portfolio Manager without any express safeguards despite that most of those governments (e.g., Maryland) have the same or similar obligations for business data confidentiality that the U.S. Supreme Court found in Argus Leader under their existing exemptions in state freedom of information act laws. There are increasing calls to correct these dangerous violations of law expressly affording confidentiality protections to those businesses mandated to input their data into Portfolio Manager including when done in response to the increasing number of mandatory BEPS.

Best in class companies not only recognize it is time for business to own their own data and profit from it while also protecting themselves from utility sector data vulnerabilities, including those driven by wrongheaded government actors who in the name of responding to climate change have no regard for the risks that arise from the failures of confidentiality.

Businesses must protect their data, not to mention monetize it for their benefit, and can do both while at the same time leading the way toward decarbonizing the economy and repairing the world.

A live webinar “How to Make ‘Net Zero’ Pledges and Claims” 30 talking points in 30 minutes, Tuesday, November 21 at 9 am ET presented by Stuart Kaplow and Nancy Hudes on behalf of ESG Legal Solutions, LLC. The webinar is complimentary, but you must register here.

SHARE THIS ARTICLE

About the Author: Stuart Kaplow

Avatar of stuart kaplow
Stuart Kaplow is an attorney and the principal at the real estate boutique, Stuart D. Kaplow, P.A. He represents a broad breadth of business interests in a varied law practice, concentrating in real estate and environmental law with focused experience in green building and sustainability. Kaplow is a frequent speaker and lecturer on innovative solutions to the environmental issues of the day, including speaking to a wide variety of audiences on green building and sustainability. He has authored more than 700 articles centered on his philosophy of creating value for land owners, operators and developers by taking a sustainable approach to real estate, including recently LEED is the Tool to Restrict Water Use in This Town and All Solar Panels are Pervious in Maryland. Learn more about Stuart Kaplow here >