News Stories

The Maryland Public Service Commission (PSC) issued an order regarding the electric utilities’ VPP/DER Conceptual Reports and Office of Cybersecurity status report.

Customer Information Sharing

“The Commission recognizes the broad interest in establishing a work group to develop the parameters for a GBC-compliant data exchange platform on an expedited timeline. To that end, the Commission establishes a new Data Exchange Work Group (“DEWG”) to draft regulations and parameters for implementation of a state-wide GBC-Compliant data exchange platform. The Commission designates Staff to lead the DEWG.

The Commission directs the DEWG to complete several tasks. First, the DEWG shall draft regulations for third-party access to customer data and file these draft regulations within six months of the issuance of this Order for a rulemaking.”

Second, the DEWG shall develop, within six months of the issuance of this Order, criteria for a request for proposals (“RFP’) to develop, implement, and, if necessary, maintain a GBC-compliant data exchange platform that enables permission-based sharing of customer usage and appropriate customer-identifying information. The DEWG should consider PJM requirements when determining which customer-identifying information to include.

Third, the DEWG shall file a model third-party data access tariff two months after a final rulemaking. The Commission concurs with the Exelon Utilities and stakeholders that reasonable fees for third-party access may be appropriate to alleviate the costs of platform development and maintenance on ratepayers, and the model tariff should include a third-party access fee structure.

Fourth, “the Commission recognizes that while monthly usage data is insufficient for use by DERAs in PJM markets for settlement,63 such data remains useful for customer participation in state-level programs and may also prove useful for dispute resolution at the retail and wholesale levels. Accordingly, the Commission directs Potomac Edison to participate in the implementation of a statewide GBC-compliant data exchange platform as described above, regardless of AMI status.”

DER Registry

“The Commission concurs with Staff that the EDCs’ proposals to enhance existing systems may represent cost-effective investments if properly implemented, but the Commission also agrees with OPC that these updates to internal systems should serve only as a bridge to a DER Registry that enables timely access for Aggregators and other relevant third parties. The Commission also agrees with MEA that registry access for State agencies should be enabled, as appropriate.

Therefore, the Commission directs the Exelon Utilities to update their internal interconnection management tool to capture the applicable fields in forthcoming VPP regulations proposed by the IWG. The Commission further directs the Exelon Utilities to provide quarterly confidential reports to the Commission and Staff, beginning no later than 90 days from the issuance of this Order.”

Cybersecurity

“The Commission appreciates the work of the OC, CSRWG, and the Joint Utilities. The Commission agrees to give more time for these parties to develop regulations. To be clear, the Commission does not want the EDCs to preemptively audit DERA compliance with cybersecurity standards. Instead, the EDCs should observe and report noncompliance to the Commission’s OC for further investigation and licensing actions, if necessary.179 The Commission directs the CSRWG to develop regulations outlining a process by which the EDCs can report DERA noncompliance with cybersecurity standards.

The Commission also directs the CSRWG to consider regulations that balance cybersecurity needs with practical implementation, so the regulations do not become a barrier to attracting Aggregators to Maryland. The Commission directs the OC and CSRWG to consider a risk-based approach to identifying in-scope assets and risk appropriate tiered requirements.

The Commission also agrees with updating the “License to Operate as a Distributed Energy Resource Aggregator in the State of Maryland” Application to include references to any applicable DERA cybersecurity requirements, but we direct the OC to adopt a proportional approach to implementation to ensure smaller entities are not unduly burdened.

Finally, the Commission directs Staff to determine whether the NARUC/DOE Baselines are suitable for incorporation by reference into COMAR, based on the Maryland Incorporation By Reference (“IBR”) Manual.181 The Commission is concerned that the Baselines might not comply with the IBR Manual because they serve as guidelines as opposed to an enforceable standard. Also, strict adoption of the NARUC/DOE Baselines may not be compatible with implementation of risk-appropriate tiered requirements.”