Emerging Technologies
Energy-related Emerging Technology Investments on the Rise
Largely undeterred by the pandemic, 2020 and 2021 saw a continuation of robust investments in the energy sector, including a dramatic increase in energy-related emerging technology investments, and industry-led open innovation initiatives.
This general trend is expected to continue to grow, bolstered by strong signals of support from the legislative and executive branches of the federal government, as well as increased state government activity and state-led initiatives.
Additional discussion regarding the business outlook for the U.S. energy industry is provided here.
Sources of Investment
The sources of energy investments are generally broken down by public and private investments:
Public Funding Update
Federal
U.S. government energy R&D spending grew by seven percent in 2019 and 2020, well above recent trends, with such spending largely focused on low carbon energy technologies. This trend will experience explosive growth in 2021, led in large part by the Department of Energy (DOE).
In the words of DOE Chief of Staff Tarak Shah, “The Department of Energy is committed to empowering innovators to develop bold solutions that will help America achieve net-zero emissions by 2050 while creating millions of good-paying jobs that benefit all Americans.”
This talking point was made in connection with the DOE’s announcement of the first $100 million to be administered through its Advanced Research Projects Agency-Energy’s (ARPA-E) OPEN 2021 funding opportunity to support cutting-edge, disruptive clean energy technologies to address climate change—including technologies in energy storage, reduction in fuel waste from advanced nuclear reactors, biofuel carbon footprint reduction, and methane emissions reduction, among others. The ARPA-E announcement is the first of billions of dollars to be made available by the DOE in 2021 for R&D investments tied to low carbon and climate change-related innovation.
The DOE announcement is consistent with and reflective of other federal executive and legislative branch activities, including the introduction of President Joseph R. Biden, Jr.'s Jobs Plan, the historic $1.7 trillion infrastructure package, which is intended to, inter alia, bolster energy innovation and combat climate change, and the introduction of the $100 billion Endless Frontier Act, augmenting R&D funding by the National Science Foundation and Commerce Department and focusing on supporting advanced technologies which, among other things, are designed to support American energy industry competitiveness. Relevant technology areas of focus include:
- artificial intelligence and machine learning;
- high-performance computing, semiconductors, and advanced computer hardware;
- quantum computing and information systems;
- robotics, automation, and advanced manufacturing;
- natural or anthropogenic disaster prevention;
- advanced communications technology; and
- cybersecurity, data storage, and data management technologies; and
- advanced energy technologies.
National Climate Task Force's Climate Innovation Working Group Announced
Finally, the administration recently announced the creation of the National Climate Task Force's Climate Innovation Working Group, and the National Economic Council’s (NEC) convening of the Interagency Working Group on Coal and Power Plant Communities and Economic Revitalization. In connection with these announcements, the administration also announced a $109.5 million investment to fund job creation projects in regions impacted by the energy transition and move away from coal and coal-fired power, with a focus on carbon capture technologies, critical mineral extraction from coal and associated waste streams, and geothermal energy R&D.
Other ongoing DOE initiatives and programs can be expected to play a role in supporting key aspects of this historic federal effort to support clean energy and climate change-related technological advancements, and are worth mentioning for context and awareness:
- State Energy Program (SEP): This program provides funding and technical assistance to states, territories, and the District of Columbia to enhance energy security, advance state-led energy initiatives, and maximize the benefits of decreasing energy waste. This program provides financial and technical assistance to states through formula and competitive grants. States use their formula grants to develop strategies and goals to address their energy priorities.¹
- Loan Programs Office: This office guarantees loans to eligible clean energy projects and provides direct loans to eligible manufacturers of advanced technology vehicles and components.²
- Energy Frontier Research Centers (EFRC)³
- National Renewable Energy Lab (NREL) Renewable Energy Website: NREL's website features original research, analysis and content aimed to inform decision makers in the renewable energy field. NREL sponsors renewable-energy R&D grants and prizes.⁴
- National Energy Technology Laboratory (NETL): NETL offers grants, cooperative agreements, and a technology transfer function to support energy technology development and commercialization.⁵
- Other national labs, universities, industry and non-profit partners supporting energy R&D across the country.
- Office of Energy Efficiency and Renewable Energy (EERE) Technology Innovation Portal: The Energy Innovation Portal is a one-stop resource for technologies from EERE, whereby users can locate technologies that were developed with Energy Department funding and are available for licensing.⁶
State
Most states have also established funding opportunities for innovation and R&D in the energy sector. These opportunities focus on state-specific challenges and assets, but the goals (particularly where states obtain federal funding) often align with federal objectives. State programs take many forms including R&D funding opportunities, innovation labs and competitions, cost-sharing support, sector or location-specific R&D tax credits and investment tax credits.
Local
Finally, many local governments, particularly well-resourced cities and municipalities in energy-producing states, have established programs to support local business and technology innovation in energy activities.
Private Funding Update
Venture Capital (VC) Investments in Energy Innovation Hit Record High
Venture capital fundraising set a record in 2020, with $8 billion invested. VC investments in energy innovation, particularly in transition energy technology, also hit a record high in 2020, experiencing a 14 percent increase from 2019, and the growth is expected to continue. Key investments are being made in startups and high growth technology companies innovating in the renewable energy ecosystem, including infrastructure, power generation, storage, and energy management software. Interestingly, the top VC investors in the renewable and low carbon energy sector are the venture arms of traditional energy stakeholders, such as Shell, Chevron, BP and others, and this trend is expected to continue. For example, in February 2021, Chevron Ventures doubled down on its announcement of a $90 million breakthrough energy technology fund in 2019, with the announcement of its new $300 million Future Energy Fund II, a fund focused on energy technologies that aim to make energy affordable, accessible, reliable, and low carbon “for all.”⁷ In 2019, 67% of corporate venture portfolios consisted of startups developing clean energy technology (compared to 49% and 45% of such portfolios in 2018 and 2017, respectively).
It is not surprising that the top VC investors in the energy sector are the venture arms of traditional energy industry stakeholders given that the traditional energy industry is experiencing first-hand the transition to low carbon energy and the pressure to move away from fossil fuels. More traditional VC firms have been slower to invest in energy since they consider the speed of technological change in the energy sector to be too slow to attract their investment. That said, there are several active cleantech energy VCs that have maintained and continue to make investments in low carbon and other energy technologies.⁸
Private Equity Investment in Renewable Energy Technologies at an All-Time High
Private equity investments in renewable energy technologies hit an all-time high in 2020, with $23.7 billion invested throughout the year in the U.S. The American Investment Council reported: “PE invests in renewable energy in two major ways: buying and expanding established power generators and increasing their production over the long term, and financing development costs for new renewable power companies.”⁹
Private equity firms additionally invested over $11 billion in other clean tech applications, such as water purification and energy conservation projects. Much of this movement is in reaction to the financial sector’s interest in accelerating low carbon technologies, as well as mounting pressure to add private equity funds with “decarbonize” portfolios.
Investment Trends
Spurred in part by the anticipated surge in government spending on energy-related R&D, a survey of the VC, private equity and M&A landscape reveals key private investment trends in the energy technology field. The following is an outline of key energy technologies that are experiencing a surge in private investor and acquisition interest:
Renewables Attractive as Way to Address Climate Change
As discussed, much of the private investment interest has revolved around financing promising renewable technologies, particularly as the price per kilowatt associated with solar and wind technologies has decreased significantly. Technologies focused on the more efficient conversion of renewables into productive electricity or fuels is a current area of investor focus, as well as power generation technologies utilizing renewable energy sources that generate higher and more reliable energy outputs at reduced costs. Examples of notable recent investments include concentrated high temperature solar receivers, high operating capacity wind power generators, offshore wind power transmission technologies, efficient solar cell technologies, low temperature geothermal power generation and closed-loop geothermal technologies.
For additional discussion regarding public policy and private sector initiatives and investment, see the Renewable Energy section.
Energy Storage Technologies Critical to Growing Demand
One of the hottest investment trends of 2020 and 2021 are investments in various battery and other cost-effective energy storage solutions. The reliability and price stabilization of renewable and alternative energy sources is dependent on the ability to store, or “stock up” such energy for future uses. Renewable energy technologies have outpaced battery and energy storage technologies, and demand is growing for the latter to sustain the former. There are many disparate technologies addressing this issue, including long-duration, non-lithium liquid energy storage solutions (recent investments include zinc metal storage technologies, sodium-ion battery technologies, geomechanically-pumped storage technologies, and other solid-state battery technologies, to name a few), investment in large scale storage facilities (gigafactories), battery recycling and raw material reuse technologies, and others.
Additional discussion is provided in the energy storage technologies section.
Digitization of the Energy Ecosystem Ripe for Investment
The shift to the digitization of energy permeates both traditional fossil fuel and renewable and clean energy technologies and is ripe for investment across the energy ecosystem. Digitization of energy infrastructure and assets is compelling due to the opportunities to minimize traditional industry inefficiencies and promote scalable growth. Digitization includes a reliance on (and investment interest in) the development of new energy-specific AI and machine learning, big data and blockchain-enabled technologies. Examples include investments in smart grid technologies, digitization of traditional energy payment, billing and pricing solutions, blockchain-enabled smart energy contract solutions, cyber and data security software solutions, and others. Energy digitization technologies, together with distributed energy resources (DERs) that enable a network of small and medium power generators that are monitored by a combination of AI and Internet of Things (IOT), further enable the creation of new Energy-as-a-Service (EaaS) business models, which include decentralized online “on demand” marketplaces for energy consumers, energy trading platforms, etc.
Additional discussion is provided in the cybersecurity and data privacy sections below.
"The shift to the digitization of energy permeates both traditional fossil fuel and renewable and clean energy technologies and is ripe for investment across the energy ecosystem. Digitization of energy infrastructure and assets is compelling due to the opportunities to minimize traditional industry inefficiencies and promote scalable growth."
Internet of Energy (IoE)/Smart Grid a Key to Energy Automation
A derivative of digitized energy assets, but deserving of a separate entry, is Internet of Energy (IoE), best represented by intelligent grid technologies. IoE technologies focus on the upgrading and automating of electricity and power generating infrastructures for energy producers and manufacturers. In colloquial terms, it is the development of scalable and interoperable smart or intelligent grid technologies that support the powering of a power grid that works as a single networked ecosystem. Technologies contributing to the development of a networked grid include AI, IOT (including Electric Vehicle to Grid (V2G) technologies), big data, machine-learning-enabled and cloud-based software technologies, together with individual technologies that enable grid components to communicate efficiently with one another, and to enable the organization and utilization of grid data available to drive efficiency in grid decision-making.
Other Investable Technologies Coming to the Fore
Other technologies that have seen investment interest but have yet to reach full scale commercialization include hydrogen technologies (with applications in the mobility and traditional oil and gas pipeline sectors), technologies applying quantum computing to the complexities of the energy infrastructure sector, carbon capture technologies and power-to-X (PtX) technologies. The PtX technologies convert energy and carbon dioxide (CO₂) into new products and materials that are used for purposes such as reversible fuel-cell technologies that convert synthetic gas, hydrogen, and carbon monoxide into alternative products like natural gas, methanol, ammonia, and synthetic liquid fuels.
Additional discussion regarding hydrogen technology is provided in the Renewable Energy section.
Cybersecurity Critical to Energy Industry Infrastructure
Cybersecurity has Come of Age in the Energy Industry
Cybersecurity refers to the technologies and practices used to protect networks and computer and electronic systems from attack, damage, or unauthorized access.
While cybersecurity is relevant in every industry, it is becoming ever more critical in the energy industry as our infrastructure becomes more connected, automated, and controlled through electronic systems, commonly referred to as Supervisory Control and Data Acquisition systems.
The U.S. recently experienced the effects of a cybersecurity attack on our energy infrastructure when Colonial Pipeline fell prey to a ransomware attack in early May 2021 that caused it to halt transportation of gasoline and other fuels. Ransomware attacks involve hackers crippling, freezing, or locking users out of a software system until they receive a bounty. Supplying nearly half of the fuel consumed along the East Coast, the results of the attack, and subsequent pipeline shutdown, were felt across the Southeast as gas stations ran dry, prices spiked, and consumers engaged in panic buying. The Colonial ransomware attack—the most significant known cyberattack on the U.S. energy system—has underscored the importance of, and our reliance on, our energy infrastructure.
The Colonial attack has renewed focus on exactly how private energy companies are addressing the cybersecurity of the critical infrastructure systems they operate, and the role of government in regulating the cybersecurity of these systems. In the days following the Colonial Pipeline ransomware attack, President Biden issued an Executive Order addressing cybersecurity across the federal government. And the Chairman of the Federal Energy Regulatory Commission (FERC) announced that “[i]t is time to establish mandatory pipeline cybersecurity standards similar to those applicable to the electricity sector.”
Pipeline Security Legislation Ahead
While pipeline operators have been encouraged to adopt the voluntary pipeline security guidelines developed by the Transportation Security Administration (TSA), there are no mandatory pipeline security standards in place today. This is unlike the electric power sector, which, for over a decade, has been subject to the North American Electric Reliability Corporation’s Critical Infrastructure Protection cybersecurity reliability standards.¹⁰ The standards are enforced by FERC and the FERC currently has an open rulemaking that would provide incentives to owners and operators that go above and beyond these mandatory requirements.
However, on May 28, 2021, TSA issued a Security Directive requiring owners and operators of TSA-designated most critical hazardous liquid, natural gas, or liquified natural gas facilities to report cybersecurity incidents to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).¹¹ The Security Directive also requires owners/operators to designate a Cybersecurity Coordinator to work with TSA and CISA on cybersecurity practices and address any incidents. Lastly, owners/operators are required to review their current cybersecurity practices against TSA’s Pipeline Security Guidelines. Congress has also become involved. The House introduced bipartisan legislation—The Pipeline Security Act—that would codify the TSA and the CISA's roles in pipeline security. It would also require TSA to update its Pipeline Security Guidelines,¹² in a manner consistent with the National Institute of Standards and Technology Framework for Improvement of Critical Infrastructure Cybersecurity.¹³ While the TSA’s Pipeline Security Guidelines were established in 2018, some have questioned, given the recent Colonial Pipeline attack, whether they are adequate.
Generally, the Guidelines recommend a risk-based corporate security program for managing security related threats, incidents, and responses. They provide that the security program should, at a minimum, identify a security manager, document the company’s policies and procedures, be reviewed annually, and protect from unauthorized access. The Guidelines also suggest additional elements, such as risk assessments, physical security and equipment testing, personnel training, facility-specific security measures, and notifying TSA of any security incidents.
"Given the elevated risk of cyberattacks on the energy sector, the project owner must be cognizant of cybersecurity during both the design and construction phase of the project."
While details about Colonial Pipeline’s security program are still emerging, the ransomware attack, and its effects, demonstrate that the energy industry must be prepared to defend against and respond to cyberattacks. Being prepared starts with conducting risk and cybersecurity assessments to evaluate current conditions and identify opportunities for improvement. Only then can a robust cybersecurity program be developed and benchmarked against government guidelines and industry best practices. History is likely to repeat itself, and with the potentially catastrophic consequences that could occur from a cyberattack on the U.S. energy infrastructure, we expect that industry and government will work together in the coming months on strengthening cybersecurity defenses.
And, on June 10, 2021, the House Committee on Energy and Commerce favorably reported HR 3078 to the House. The bill requires the Department of Energy to carry out a program relating to physical security and cybersecurity for pipelines and liquefied natural gas facilities. The bill covers topics including information sharing, cyber incident response and recovery, development of cybersecurity technologies, and technical assistance for improving the physical and cybersecurity of pipelines and LNG facilities. The bill raised questions on what role the DOE should play in pipeline cybersecurity, a responsibility that has traditionally been left to the TSA.
The Internet of Things (IoT) Gives Rise to New Security Risks
The upsurge of the Internet of Things (IoT) has given rise to a digital revolution where almost every device that uses electricity – from light bulbs and plugs to home appliances and vehicles – now comes in a cloud-connected version. This growth in internet connectivity has facilitated a growth in the construction of “smart buildings” – i.e. buildings that integrate technology via the IoT to share information between systems in order to optimize the building’s performance and automate building processes.¹⁴ The advent of 5G technology¹⁵ has further fueled this evolution,¹⁶ with some investors estimating that the size of the IoT market will grow from $2.6 billion in 2021 to $40.2 billion by 2026.¹⁷
However, with the growth in IoT and the rise in construction of smart buildings and industrial systems has come a rise in cybersecurity risk. In the past, cybersecurity efforts have focused on IT assets like servers and workstations. However, as buildings and building systems become smarter, there are far more potential targets for hackers to attack. In fact, a recent survey of 312 individuals who were directly responsible for IoT or Internet of Industrial Things (IIoT) security at their company reported that 99 percent of them had encountered challenges in the process of securing their organization’s IoT or IIoT devices and 95 percent reported concerns about the risk associated with IoT devices on their network.¹⁸ Perhaps even more alarming, the majority of those surveyed indicated they lacked the ability to fully monitor IIoT devices.
Despite these significant concerns, stories of hacks exploiting IoT vulnerabilities are nothing new. For example, in 2017, The Washington Post published a story about how hackers infiltrated a casino’s network and stole more than 10 gigabytes of data through an internet-connected fish tank heater.¹⁹ Moreover, the massive cyberattack that brought down much of the internet, including popular sites like Amazon, Twitter, Netflix, Reddit, The New York Times, Fox News, and CNN in October 2016 was the result of a coordinated attack on IoT devices across the globe.²⁰
The risk of IoT hacks to the energy industry is magnified for several reasons. First, energy companies face the same basic threats that are encountered by other industries – data theft, ransomware, and billing fraud. These threats, however, are elevated because cybercriminals recognize the high economic value of many energy companies and the individuals they employ. One need look no further than the very recent ransomware attack that shutdown the Colonial Pipeline for a very prominent example.²¹
In addition to the traditional threats posed by cybercriminals, companies in the energy industry are also targets for cyberattacks by nation-state actors seeking to cause economic and security disturbances. For example, the FBI has warned that from December 2018 until at least May 2020, a Russian GRU Military Intelligence Agency hacker group targeted the U.S. energy sector.²² It is well known that another Russian GRU hacker group planted malware in energy U.S. utility networks in 2014 before carrying out the first cyberattack-induced blackouts in the Ukraine in 2015 and 2016. Similarly, in June 2019, The New York Times reported that the U.S. government launched cyberattacks against the Russian power grid.²³
Finally, energy companies are increasingly becoming the target of “hacktivist” groups like Anonymous.²⁴
Compounding with the heightened threat level, a recent report from McKinsey & Company explains how many energy companies’ geographic and organizational complexity and the unique interdependencies between physical and cyber infrastructure in the energy sector further increase the risk of cyberattacks.²⁵ The below graphic further expounds upon the potential threat impacts:
With a recognition of the upward trend in the utilization of the IoT, IIoT and cybersecurity risks, legislatures and courts have begun to attempt to address these new issues. State lawmakers have recognized the increased cybersecurity risk to the energy sector and have adopted regulations governing power, chemical, and nuclear facilities. However, there are few, if any, corresponding federal regulations imposing similar standards. It is possible that these gaps in legislation will be addressed in the near future.
An increased judicial recognition of legal duties owed to third parties regarding cybersecurity breaches raises numerous other questions for the energy sector.²⁶ For example, we anticipate that as companies undertake new construction projects (including renovations or additions to existing assets), it will become increasingly common that each project includes the installation of multiple, integrated IoT or IIoT systems. Given the elevated risk of cyberattacks on the energy sector, the project owner must be cognizant of cybersecurity during both the design and construction phase of the project.
With respect to the design phase, prudent project owners should insist that all plans and specifications include specific cybersecurity protections. Owners must be cognizant of the fact that contractor competitive bids may often include the lowest priced IoT device meeting the mandatory contract requirements. Thus, to avoid security vulnerabilities, it is imperative that the project design include specific and detailed requirements outlining the minimum-security requirements for all IoT or IIoT devices and systems.
The 2014 Target hack that made headlines across the nation illustrates why project owners must also remain focused on cybersecurity during construction.²⁷ In that instance, hackers were able to gain access to the retail giant’s system and steal approximately 40 million credit card numbers through a vulnerability in the network of Target’s HVAC contractor. Thus, prudent construction project owners must be very careful about whether and to what extent they allow contractors to access their networks and should insist (by contract) that each contractor who has access to any owner network has cybersecurity insurance to protect against any potential damages that may occur if the owner’s systems are breached.
As IoT and IIoT continues to permeate every aspect of our lives, cybersecurity risks to the energy sector will continue to increase, and cybersecurity must remain a top priority for energy companies undertaking new construction projects.
Data Privacy Update
What is Data Privacy and Why is Everyone Talking About It?
At its core, privacy is “the right to be left alone.” When talking about data and information privacy, the focus is on the collection and handling of personal information (i.e. information that can be used to identify an individual).
While legal protections for one’s health and financial information are well established, the technological revolution and rapid development of information technology has shaped new and modern ideas about individual privacy rights as more and more aspects of our daily lives depend on the transfer of information online.
Laws to protect personal information and provide individual privacy rights are rapidly evolving not only in the U.S., but worldwide. With new laws, and new technologies, developing on what seems like a daily basis, companies must be increasingly aware of not only their legal obligations, but also societal expectations, with respect to collecting and safeguarding personal information.
Data privacy became a hot topic when the European Union (EU) enacted the General Data Protection Regulation (GDPR) in 2016—the first comprehensive data protection law.²⁸ GDPR established a legal framework for the collection and processing of personal information of EU residents. It also provided EU residents with rights regarding their personal information, including the right to be informed of data processing, to object to data processing, and to be forgotten. GDPR also requires that businesses maintain security measures to protect the personal information they collect and process and notify individuals and supervisory authorities of any data breaches.
An important aspect of GDPR is its extraterritorial reach, meaning that organizations outside of the EU must comply with the GDPR if they collect or process the personal information of EU residents, or otherwise offer goods and services in the EU or monitor the behavior of EU residents. EU data protection agencies and commissions can enforce the requirements against companies located outside of the EU, including levying penalties up to 20 million Euros or four percent of a company’s global annual revenue.
Data Privacy Has Been Left to Individual States
While the GDPR initiated global change in how international companies govern the personal data they collect and maintain, recent legislative action in the U.S. has extended data privacy obligations to a large portion of American companies.
In the U.S., there is no federal comprehensive data protection law. While there are federal laws that protect the privacy of certain groups of people (e.g., children) and certain types of information (e.g., financial or health information), data privacy regulation has largely been left to the states and to the courts (adjudicating statutory interpretation issues and civil claims). However, due to the absence of federal laws, states have begun enacting their own privacy laws. Following the EU’s lead, California enacted the California Consumer Privacy Act (CCPA) in 2018, the United States’ first comprehensive state privacy law.²⁹ The CCPA was recently expanded through the California Privacy Right Act (CPRA) in 2020.³⁰ To date, only one other state, Virginia, has enacted a similar comprehensive data privacy law: The Consumer Data Protection Act (CDPA).³¹
Both California and Virginia followed in the EU’s lead by setting out requirements for limiting the collection of personal information, requiring consent prior to data collection, requiring companies implement security controls, and providing individuals with rights with respect to their personal information. State-level momentum is growing across the U.S. with over half of the states in the country now proposing comprehensive privacy legislation, similar to California and Virginia.
Not only have states been active on the legislative front, but the Federal Trade Commission (FTC)—the federal agency with authority to enforce against unfair and deceptive trade practices—has played a prominent role in developing U.S. privacy standards. The FTC has recently reinvigorated its privacy and data security enforcement, imposing drastic fines on corporations for privacy violations, including a recent $5 billion dollar fine to Facebook for mishandling users’ data and failing to maintain the privacy of their information.³²
Enforcement of privacy rights has also spread beyond the FTC, with state attorneys general and private litigants becoming more involved in enforcement privacy rights. In fact, the CCPA gave Californians a private right of action if their personal information is subject to an unauthorized access or disclosure as a result of a business’s violation of the duty to implement and maintain reasonable security procedures and practices.
"The FTC has recently reinvigorated its privacy and data security enforcement, imposing drastic fines on corporations for privacy violations, including a recent $5 billion dollar fine to Facebook for mishandling users’ data and failing to maintain the privacy of their information."
Businesses Must be Prepared to Detect, Contain, Report, and Prevent Breaches of Personal Information
A topic that goes hand-in-hand with data privacy is information security. Information security focuses on the protection of information for purposes of preventing loss, unauthorized access or misuse. Privacy laws, including GDPR, CCPA, and CPDA, are requiring businesses to implement security measures to protect the personal information they collect and process from unauthorized access.³³ And, every state in the U.S. requires that businesses notify individuals when their personal information has been subject to unauthorized access. Information security involves having ongoing assessments of threats and risks to information, as well as implementing controls to ensure that security objectives are met. Businesses must be prepared to detect, contain, report, and prevent breaches of personal information.
For additional discussion regarding cybersecurity in the energy industry see the Cybersecurity and Pipeline and HazMat Safety sections
So, What Does All This Mean?
Businesses cannot afford to ignore data privacy or assume that laws such as the GDPR, CCPA, and CDPA do not apply to them. These laws come with serious penalties for non-compliance or provide avenues for state attorneys general or individuals to seek remedies if their privacy rights are violated. Individuals expect that businesses are taking proactive measures to protect their personal information and privacy regardless of whether an overarching privacy law applies to the business. In order to maintain a competitive advantage, meet customer expectations, and garner investor support, businesses must stay informed on data privacy laws and expectations.
To that end, businesses should start by:
- Determining which privacy laws apply to them and stay informed on new laws;
- Auditing their data collection, storage, and management processes;
- Establishing, and implementing, a robust data privacy policy; and
- Assessing their data security, breach detection, and breach response protocol.
UAS Industry & Regulatory Update
UAS Remain Critical to the Energy Industry
Going into 2020, the Unmanned Aircraft Systems (UAS) energy industry market was well poised for growth, with an annual growth rate of 25.53 percent forecasted, and with record VC investments in UAS technologies recorded.
However, the unprecedented economic challenges facing the energy industry in 2020, coupled with the global impact of the COVID-19 pandemic, has had a mixed effect on the use of UAS by the energy sector. In its annual drone industry survey (across all sectors, not just the energy sector), Drone Industry Insights (droneii.com) reported a 43 percent drop in demand for UAS in 2020, but also reported favorable customer adoption ratings, and 54 percent of surveyed industry professionals saw positive long-term effects for the UAS industry as a whole.³⁴
UAS remain important tools within the energy industry. UAS are relied upon for conducting complex inspection and monitoring of difficult to access infrastructure and locations, including well sites, pipelines, offshore energy assets, refineries and other oil and gas infrastructure.
And despite the lesser demand, the COVID-19 pandemic highlighted several key advantages and opportunities for UAS applications, most notably in the area of drone delivery, but also for mapping, surveying and inspections. Globally, UAS were even used to help fight the spread of the virus by (in India, China and the UAE) spraying highly populated areas and viral hotspots with disinfectant,³⁵ or (in China) enforcing social distancing rules through built-in loudspeakers.³⁶
In the energy and power industries, largely in response to the various external threats facing critical energy infrastructure such as trespassing, espionage, malicious unauthorized on-site activity, and drone-related threats, the UAS surveillance market emerged as the dominant market winner in 2020 and 2021 with a projected $415.8 million by 2027, demonstrating a robust annual growth rate of 19.6 percent.³⁷ UAS proved especially useful and critical to oil and gas companies seeking to manage offshore rigs in the open seas, given the ability for UAS to quickly, safely and cost-effectively conduct inspections, as well as deliver on-demand spare parts from land locations to offshore assets. All of these industry developments are contributing to greater industry and public trust in UAS technology.
FAA Regulatory Activities
Several key regulatory trends dominated 2020 and 2021, reflecting a continuation of the Federal Aviation Administration’s (FAA) interest in safe expansion of safe commercial small UAS operations.
Remote ID
On April 21, 2021, after a slight delay, the FAA’s final rule concerning Remote ID went into effect.³⁸ The final rule requires that most UAS operated in the national airspace (NAS) will require remote ID capability. This requirement can be satisfied in three different ways, as illustrated by the following chart, published by the FAA.³⁹
The FAA relaxed its registration requirements for Remote ID from its original Notice of Proposed Rulemaking (NPRM). UAS operators need only to obtain one registration number and apply it to multiple aircraft, but the registration application requires the input of the serial number of either a standard Remote ID-enabled UAS, or the Remote ID broadcast module which is retro-fitted onto an older UAS model that does not include Remote ID.
On April 21, 2021, after a slight delay, the FAA’s final rule concerning Remote ID went into effect. The final rule requires that most UAS operated in the national airspace (NAS) will require remote ID capability.
Operations Over People
On April 21, 2021, the FAA’s Operations Over People final rule went into effect, enabling Part 107 UAS operators to fly at night, over people and moving vehicles without a waiver (excluding operations in controlled airspace below 400 feet above ground level (AGL), provided the rule requirements are met and the UAS operation is compliant with the Remote ID rule.⁴⁰
LAANC
Throughout 2020 and 2021, the FAA continued to expand the Low Altitude Authorization and Capability system (LAANC) that automates the application and approval process for drone operators to obtain airspace authorizations and significantly expedites the authorization process. As of the end of May 2021, LAANC was available for UAS operations at 726 airports in the U.S. airports, and new LAANC UAS Service Suppliers are continuously being approved by the FAA.⁴¹
Part 135 and Cargo Delivery
Perhaps the single greatest UAS industry shift occurred with the increase in authorizations related to UAS cargo delivery, through the review and issuance by the FAA of Part 135 certifications (whereby UAS are designated commercial airlines for the purpose of delivering cargo to consumers).⁴² The COVID-19 pandemic has only highlighted the need, demand, interest (and concern by some) in accelerating UAS cargo delivery in the United States.
Industry Challenges
Several key regulatory trends dominated 2020 and 2021, reflecting a continuation of the FAA's interest in safe expansion of safe commercial small UAS operations.
Chinese-Made UAS Concerns
In January 2020, the U.S. Department of the Interior grounded over 800 of its drones that were either Chinese-made or that included Chinese-made components. In response, the DoD’s Defense Innovation Unit (DIU) announced in August 2020 five DIU-approved drones for use by the U.S. Government, which include:⁴³
- Skydio’s X2-D
- Parrot’s Anafi USA
- Altavian’s M440 Ion
- Teal Drones’ Golden Eagle
- Vantage Robotics’ Vesper
Privacy and Cybersecurity Concerns
Privacy and data security concerns related to the use of UAS technology remains a critical area for regulatory review and action. In the absence of specific federal laws on these issues, the National Telecommunications and Information Administration best practices issued in 2016 continue to remain the standard recommendations for notice of UAS operations, consent for UAS overflights, and other privacy and cybersecurity measures.
Innovation & AI Technologies in the Energy Industry
Energy Companies Leverage Technology to Reduce Costs and Increase Efficiencies
The energy industry is constantly changing and looking for ways to deploy technology that enables substantial cost savings to a company’s bottom line and ever more efficient operations.
Leveraging 20+ years of experience, Babst Calland’s affiliated legal service provider, Solvaire, recently integrated new artificial intelligence (AI) technologies into its products and services that further reduces the costs related to due diligence, document management, discovery, and litigation.
Solvaire’s AI technology allows businesses to cost effectively capture, store and recall critical information that might otherwise become buried in the company’s large volume of records. For example, in a contract-heavy energy industry, deployment of AI allows Solvaire to review, manage and retain critical company contract information up to 40 to 60 percent more efficiently than in the past. Once gathered, this information is forever available to the company at a push of a button.
The following are just a few cases where energy companies leveraged technology through Solvaire.
A Publicly-Traded Energy Retailer’s document management system was outmoded and inefficient. Solvaire’s in-house software development team built a new database that currently houses all sales contracts and invoices, captures key information about those contracts and is integrated into its internal operational IT systems. This user-friendly, easy-to-access database now contains multi-terabytes of data and is maintained by Solvaire. This process is saving more than $350k monthly compared to the cost of its previous document management system.
A large natural gas producer achieved a scalable, reliable and accurate process for quickly identifying diligence defects. As a result, the company was able to routinely finish diligence faster than its competition. The process efficiencies resulted in an enhancement and refinement of their bids and purchase agreement terms, while saving money and creating a smoother transaction. Solvaire assisted in specifying relevant information to be assembled, while training a team of experienced contract attorneys to capture relevant information. The team also undertook comprehensive project management and quality control functions and analyzed the captured contractual provisions to assist with the confirmatory diligence process.
A large publicly-traded pipeline company identified, with the help of the diligence services of Solvaire, the contractual provisions that should be captured from thousands of rights-of-way documents reviewed. The Solvaire team confirmed that the Seller did not have the real estate rights that it represented. This resulted in a favorable multi-million-dollar purchase price adjustment in the transaction.
"Company leadership changes, bosses come and go, business functions get streamlined or outsourced, corporate priorities change BUT documents and contracts stay static. Solvaire helps unlock the value of this corporate content."
Solvaire deploys industry-leading legal technology and solutions spanning eDiscovery, document management, AI, and machine learning. The ability to integrate and merge third-party technologies into Solvaire’s proven project management and technology process, as well as pair them with internally developed technology tools, can be uniquely “game changing” for companies in the energy industry.
Solvaire was born in the mid-90’s to combine project management services with available technology, quality control functions, document analysis and reporting. Solvaire provides an effective turnkey process with budget certainty to help companies to process thousands of documents with more precision, speed and accuracy.