A Landmark Decision Against Mass Surveillance Through Smart Meters
Sacramento, CA — In a significant victory for digital privacy rights, a California court has ruled that Sacramento’s public utility broke the law by conducting a decade-long mass surveillance operation, handing over smart meter data from more than 33,000 homes to police without warrants, consent, or legitimate investigations.
The tentative ruling, issued ahead of October 10, 2025 oral arguments, marks a critical moment in the battle against warrantless digital surveillance and could set precedent for how utilities nationwide handle customer data in an era of increasingly “smart” infrastructure.
The Court’s Decision: A Clear Violation
The Sacramento County Superior Court found that the Sacramento Municipal Utility District (SMUD) violated California Public Utilities Code Section 8381 by improperly sharing consumer data without obtaining customer approval or confirming that law enforcement requests were connected to legitimate ongoing investigations. The statute explicitly bars publicly owned utilities from disclosing electrical usage data to third parties without customer consent, except under specific legal circumstances.
Judge’s ruling rejected the City of Sacramento’s argument that its cannabis enforcement unit was engaged in “proactive investigations,” stating that continuous, citywide data mining does not meet the legal standard for an “ongoing investigation.” According to the court, “the City is not investigating a suspected violation of criminal law” when it makes these bulk data requests.
The ruling grants a writ of mandate against SMUD and its CEO, Paul Lau, directing the utility to stop disclosing customer energy data under these circumstances. The petition against the City of Sacramento and its police chief was denied on the basis that requesting information alone doesn’t constitute a breach of legal duty—though this does little to comfort privacy advocates who view the city’s role as equally problematic.
A Decade of Dragnet Surveillance
For ten years, SMUD searched through all of its customers’ energy data and passed on more than 33,000 tips about supposedly “high” usage households to police, ostensibly to identify illegal cannabis growing operations. The program operated without warrants, court orders, or individualized suspicion of any particular resident.
The threshold for “suspicious” electricity use steadily dropped over the years—from 7,000 kilowatt-hours (kWh) per month in 2014 to just 2,800 kWh per month by 2023. To put that in perspective, one SMUD analyst admitted they themselves used 3,500 kWh in a single month—well above the threshold that could trigger a police visit to someone else’s home.
SMUD employees acknowledged that such “high” power usage could legitimately come from houses using air conditioning, heat pumps, or simply being larger homes. Yet the surveillance continued unabated, turning everyday electricity consumption into grounds for suspicion.
When Your Wheelchair Brings the Police to Your Door
The human cost of this surveillance program becomes painfully clear in the story of Alfonso Nguyen, a Vietnamese immigrant and spinal injury patient who uses an electric wheelchair that requires regular charging.
Deputies from the Sacramento County Sheriff’s Department arrived at Nguyen’s home twice based on SMUD tips. The first time, despite Nguyen explaining he didn’t have a warrant, one deputy pushed open the door and pushed Nguyen’s wheelchair aside to search his home.
During the second encounter, deputies accused Nguyen of growing marijuana based solely on his electricity usage. When he refused entry, one deputy put his hand over his holstered gun and threatened to arrest him. Nguyen has never grown cannabis—his elevated electricity use stems entirely from his medical equipment.
“The illegal sharing of customers’ private energy usage between SMUD and law enforcement has to stop,” Nguyen said. “SMUD should be working for its customers, not the police.”
Racial Profiling by Algorithm and Design
The surveillance program didn’t just violate privacy—it systematically targeted Asian American communities through what appears to be intentional racial profiling.
In the first two years of the enforcement program, Sacramento issued 86% of penalties against homeowners whose names were identifiably Asian, despite Asian residents comprising only 18% of Sacramento’s population.
Internal communications reveal that a SMUD analyst excluded homes in a predominantly white neighborhood from their reports to police. Additionally, one police official removed non-Asian names from a SMUD list and forwarded only Asian-sounding names for further investigation.
SMUD analysts specifically flagged homes based on racial cues, with internal messages noting a household because it was “4k [kWh], Asian” and another because “multiple Asians have reported there.” Sacramento police sent accusatory letters in English and Chinese—but no other languages—to residents who used above-average amounts of electricity.
During a 2019 appeal hearing, a deputy city attorney stated, “You know that there is a problem with Asian people and grow houses,” while questioning an Asian American property manager—a statement that encapsulates the discriminatory mindset underlying the program.
A $94 Million Money Machine
The surveillance program proved highly lucrative for Sacramento, generating at least $94-100 million in fines levied on property owners where cannabis was found over just two years. The city’s 2017 cannabis cultivation ordinance allowed residents to grow up to six plants at home but imposed steep penalties—$500 per plant—for exceeding that limit.
Property owners had just 30 days to pay penalties or face a lien on their homes, and only 20 days to file an appeal. The system was designed for speed, not justice. Many property owners, like one Sacramento resident visiting family in China when his citation arrived by mail, never had a fair chance to respond.
The city has faced more than 80 lawsuits from property owners challenging these penalties. In one notable settlement, the city paid a property owner $45,000 plus $650,000 in attorney’s fees—a tacit admission that something was fundamentally wrong with the enforcement scheme.
The Privacy Implications of Smart Meters
Smart meters, installed in nearly all SMUD customer homes, collect detailed usage information in 15-minute (or shorter) increments and transmit this data wirelessly to the utility multiple times per day. This granular data can provide “a detailed picture of what occurs within a home,” revealing inferences about private daily routines such as what devices are being used, when they are in use, and how this changes over time.
As we’ve previously explored in our analysis of how California’s utilities are quietly building a surveillance state, the SMUD case is not an isolated incident but part of a broader pattern of smart meter technology being repurposed for warrantless surveillance.
For many customers, opting out of smart meters wasn’t a realistic option—doing so required paying extra fees that put it out of reach for many residents. EFF’s legal team argued this created a coercive situation that allowed mass surveillance without meaningful consent or accountability.
Research has shown just how invasive this data can be. Studies of fine-grained electrical consumption data reveal that knowing just 5 consecutive electric measures allows re-identification of more than 90% of households in large datasets. Even when data is severely degraded by rounding to the nearest 100 watts, 7 consecutive measures can re-identify more than 40% of households.
Legal Violations and Constitutional Concerns
The Electronic Frontier Foundation (EFF) and the law firm Vallejo, Antolin, Agarwal, Kanter LLP filed the lawsuit in September 2022 on behalf of the Asian American Liberation Network, a Sacramento-based nonprofit, and two local residents.
The lawsuit argued that California’s state constitution bars unreasonable searches, and that dragnet surveillance—suspicionless searches of entire zip codes worth of customer energy data—is inherently unreasonable. Additionally, California’s Public Utilities Code generally prohibits public utilities from sharing such data without consent.
While the court’s ruling focused on the statutory violation under Section 8381, the constitutional questions loom large. The case reflects growing concerns about the misuse of so-called “smart” infrastructure, especially when used to generate suspicion rather than evidence.
A Cautionary Tale for the Nation
The implications of this case extend far beyond Sacramento. Pacific Gas & Electric (PG&E), California’s largest utility, has partnered with Palantir Technologies, a company with a history of government surveillance contracts, raising concerns about the broader deployment of smart meter data for surveillance purposes. As detailed in our in-depth investigation into California’s utility surveillance practices, these partnerships represent a troubling trend toward normalizing mass data collection in the name of grid management.
According to the U.S. Energy Information Administration, more than 36 million smart meters were installed across the United States as of 2012, and that number has grown substantially since. In the European Union, more than 200 million smart meters have been deployed. Each one represents a potential surveillance point if utilities and law enforcement agencies follow SMUD’s model.
Aaron Mackey, an EFF Senior Staff Attorney, noted that the foundation isn’t aware of any other California public utilities sharing data in the same way as SMUD. But the precedent this case sets matters: privacy advocates sought the court’s intervention precisely because consumers had no practical way to avoid being swept into these dragnet surveillance efforts.
What Comes Next
While the October 10 tentative ruling is a major victory, it’s not yet final. The ruling could still be modified following oral arguments, though such changes are relatively rare. If the ruling stands, it will prohibit SMUD from continuing to disclose customer energy data to law enforcement under the bulk request system that has operated for the past decade.
However, the court did not rule on constitutional grounds, having found sufficient basis in statutory violations alone. This means the broader questions about whether such surveillance constitutes an unreasonable search under the Fourth Amendment and California Constitution remain unresolved—questions that could resurface in future cases.
The Bigger Picture: When Essential Services Become Spy Networks
“Simply using extra electricity to power some Christmas lights or a big fish tank shouldn’t bring the police to your door,” the EFF wrote in one of its briefs. Yet that’s exactly what happened under SMUD’s surveillance regime.
The case forces us to confront uncomfortable questions about the infrastructure we depend on daily. Should public utilities have the power to transform every home’s electricity meter into a government surveillance device? When does crime prevention become unconstitutional mass surveillance? And how do we protect vulnerable communities—in this case, Asian Americans—from discriminatory enforcement enabled by supposedly neutral technology?
Megan Sapigao, co-executive director of the Asian American Liberation Network, put it succinctly: “SMUD and the Sacramento Police Department’s mass surveillance program is unlawful, advances harmful stereotypes, and overwhelmingly impacts Asian communities. It’s unacceptable that two public agencies would carelessly flout state law and utility customers’ privacy rights, and even more unacceptable that they targeted a specific community in doing so.”
The court’s ruling represents a crucial step toward accountability. For a decade, SMUD operated a surveillance program that violated state law, invaded the privacy of tens of thousands of residents, and disproportionately harmed Asian American communities. The judge called it what it is: illegal. Now the question is whether other utilities will take notice—before their customers have to fight the same battle in court.
About the Legal Challenge
The lawsuit, Asian American Liberation Network v. SMUD, et al., was filed in Sacramento County Superior Court in September 2022. The Electronic Frontier Foundation and Vallejo, Antolin, Agarwal, Kanter LLP represent the plaintiffs.
The case has generated nearly 2,000 pages of evidence documenting the extent of SMUD’s data sharing practices with law enforcement agencies, including detailed reports containing customer names, addresses, and usage histories.
For more information about the case and digital privacy rights, visit the Electronic Frontier Foundation’s website.