Skip to main content
First published: 17 July 2026 · Status: LIVE
AI generated, may contain errors.
Rounds covered so far:
  • CFI — Ofgem’s “Data Sharing in a Digital Future: Consumer Consent” Call for Input (published 9 Nov 2023; responses Jan–Feb 2024).
  • Consultation — Ofgem’s formal “Consumer Consent Solution Consultation” (published 9 Aug 2024; responses to 4 Oct 2024).
  • Design Consultation — RECCo’s “Consumer Consent Solution (CCS) Design Consultation” (published 11 Feb 2026; responses to 25 Mar 2026). This is the first round following Ofgem’s April 2025 appointment of RECCo as Delivery Body, and the first to consult on detailed technical/UX/governance design (MMP scope, IDV standard, FAPI 2.0/mTLS, centralised/decentralised split, funding model, accreditation) rather than on the high-level choice of solution or Delivery Body. 25 responses from this round are reflected so far across two update batches: Centrica, Citizens Advice, Which?, Ohme, ScottishPower, ESG Global, East Lothian Housing Association, Octopus Energy, Perse, Novoville, RLBA, SEC Panel, DCC (partial/incomplete submission), Auth Energy, Stark, n3rgy (submission textually identical to Auth Energy’s, see note in its entry), Xoserve, EDF, E.ON Next, ElectraLink, Luxon Group, Meet George, NGED, CGI IT UK, and SSE.
Maintenance note: This document is updated as further consultation rounds are published. New rounds are appended as additional entries under each organisation, in date order, preserving prior-round entries rather than overwriting them. The “Organisations with a broadly similar position” line is recalculated whenever new responses are added. Where a 2026 respondent did not appear in either 2024 round (e.g. Ohme, ESG Global, East Lothian Housing Association, Perse, Novoville, RLBA, Auth Energy, Stark, Xoserve, Luxon Group, Meet George, CGI IT UK), a new organisation entry has been created in the most appropriate sector grouping, with the Design Consultation as its only round so far.

Stakeholder Stance Summary

Positions weighted towards the 2026 Design Consultation — the first round to engage on actual design rather than on who should deliver it. The 2024 Consultation established RECCo’s appointment; the 2026 responses are where substantive industry positions on the programme itself were set out. Six positions emerge across the ~55 organisations tracked. Most sit primarily in one group; a few straddle two. 1. Get on with it Centrica, ScottishPower, Octopus, E.ON Next, Citizens Advice, Which?, Novoville, RLBA, Meet George, Ohme, SEC Panel, Xoserve, Elexon, NESO, FDATA, IB1, ADE, myenergi, Flexitricity, equiwatt, Chameleon, Gemserv, ETG The largest group and the most engaged in 2026. Centrica shifted from sharp critic of the funding logic in 2024 to detailed, constructive design contributor in 2026. Octopus moved from sceptical of RECCo’s appointment to the most GDPR-rigorous response in the room. ScottishPower engaged on specific technical design. The common 2026 position: accept the model, fix the IDV standard, resolve SEC duplication, publish the NFR values, and proceed. The design work RECCo most needs done is being done by this group. 2. The compliance burden doesn’t fit the risk ScottishPower, Perse, ESG Global, CGI IT UK, Stark, Auth Energy All 2026-only positions or positions that hardened materially in 2026. Real-time introspection on every data request, photo-ID as a non-negotiable floor, full data-protection reassessment regardless of eight years of SEC history — none of it proportionate to what most of these organisations actually do. CGI IT UK, an SEC Other User since 2016, is the clearest case: the three-part SEC qualification process it already completes covers most of what RECCo proposes to re-examine. They will comply with whatever is mandated. But each unnecessary hurdle is a smaller participant that doesn’t bother. 3. This doesn’t work for the consumers who need it most East Lothian Housing Association, Citizens Advice, Scottish Pensioners’ Forum, RLBA, Which? Positions formed or sharpened in 2026 against actual design proposals rather than high-level principles. The mandatory photo-ID minimum excludes tenants, older people, and anyone on a basic device. Non-digital journeys are deferred post-MMP with no date. These concerns were already in the consultation responses; RECCo’s own Wave 1 research, published May 2026, then confirmed photo-ID as the single biggest drop-off point across all user groups. The consumer-protection case for the design is now weaker than the consumer-protection case for the programme, on RECCo’s own evidence. 4. Stop and prove it works first EDF, SSE, ElectraLink, Luxon Group All four positions are 2026 Design Consultation responses, and all four represent a hardening from 2024. EDF opposed RECCo’s appointment in 2024; by 2026 it had moved to calling for development to be halted entirely, adding a specific technical objection — CCS consent tokens do not map cleanly onto DCC Service Requests, which key on GUID/Device ID rather than MPxN — that no other respondent matched in technical detail. SSE wants MMP reclassified as beta. Luxon wants scope cut to a genuine minimum. ElectraLink, a 2024 candidate for Delivery Body itself, says a pause may be more appropriate. Three of four separately allege RECCo has not been transparent about how Working Group feedback that conflicted with its preferred design was handled. Small group numerically, but EDF’s DCC-integration point is either technically correct or it isn’t — and if it is, it is a programme blocker, not a dissenting view. 5. It has to connect to what already exists DCC, Xoserve, Elexon, n3rgy, SEC Panel, CGI IT UK, NESO Largely 2026 positions, from organisations with direct operational stakes in the infrastructure CCS must connect to. DCC’s 2026 submission is incomplete — only two of 32 questions answered — but what it did submit flags the same token-to-Service-Request mapping problem EDF raised in full. Xoserve and CGI both ask how Change of Tenancy flows through to consent revocation. SEC Panel pushes for mutual recognition of existing assurance rather than a parallel regime. NESO wants alignment with the DSI. The collective point: CCS cannot be designed as if the existing data infrastructure does not exist, and the 2026 consultation did not adequately address how it connects to it. 6. You’re solving too small a problem RLBA, IB1, ODI/REPHRAIN, FDATA, Novoville, Meet George, ADE Mostly 2026 positions, from organisations building or advising on cross-sector data infrastructure. IB1 proposed a Trust Framework model before RECCo was appointed; by 2026 it was pressing for interoperability with Open Banking and Digital Building Logbooks. FDATA wants Open Finance alignment. Novoville and Meet George are live services crossing energy, housing, and local authority data simultaneously — they need consent infrastructure that does not silo by sector. This group is not arguing about design details. They are arguing that the problem being solved is narrower than the one that exists, and that CCS will need substantial extension regardless of whether MMP launches cleanly. That may be right, or it may be scope creep dressed as ambition — but it is a coherent and consistent position across this group in 2026.

Energy Suppliers

Centrica / British Gas / Hive

Consultation round (4 Oct 2024)
  • Position / support: Supports RECCo as Delivery Body, but flags it may need a consumer-facing delivery partner.
  • Key concerns raised:
    • Major unresolved customer-journey questions: branding, complaints handling, who the customer calls with a query.
    • Strongly objects to extending scope to existing supplier-held consents (a late addition versus the original CFI framing) — considers it impractical given SLC47/MHHS complexity and multiple lawful bases beyond consent.
    • Sharp critique of the funding logic: argues users of the solution should fund it, not whichever parties happen to fund the Delivery Body — warns suppliers would otherwise be ‘funding parties to compete against themselves’.
    • No Impact Assessment or cost-benefit case available yet.
  • Notable / distinguishing point: One of the most detailed and structurally critical responses on funding incentives; explicitly opposes the SLC0/licensee-obligation route for supplier consent inclusion.
Organisations with a broadly similar position (Consultation round): Cadent Gas, BUUK Infrastructure, Ecotricity, equiwatt, Chameleon Technology, n3rgy, ETG, MCS Foundation, and Gemserv, all of whom supported RECCo’s appointment as Delivery Body in the formal consultation — though Centrica’s response is among the most critical of the funding logic within that broadly supportive group. Design Consultation round (25 Mar 2026)
  • Position / support: Broadly supportive and highly detailed; agrees with most of the proposed design but raises substantial, specific objections to the SEC Other User-as-EDP model and to high-confidence photo-ID IDV.
  • Key concerns raised:
    • Wants the DCC, not SEC Other Users, designated as the Energy Data Provider — argues SEC Other Users are unregulated, voluntary participation undermines the ‘single view of the truth’ goal, and the current structure lets SEC Other Users effectively lock in third-party customers and raise charges unchallenged.
    • Strongly disagrees with RECCo’s ‘high confidence’ GPG 45 interpretation for IDV, drawing a direct comparison to the NHS App’s ‘medium confidence’ tier and warning the requirement could deter uptake of Time of Use tariffs and consumer-led flexibility if ever extended to supplier consents.
    • Disagrees with the zero-trust ‘check every time’ consent model (Q8) on latency grounds; proposes a 48-hour token expiry alternative instead.
    • Raises a detailed legal gap: the SEC Section I consent for an EDP to collect data from the meter is distinct from the CCS consent for the EDP to pass data to an ATP — argues the current consent wording doesn’t cover the former if SEC Other Users become EDPs.
    • Flags the ‘Commercial Third Party’ dotted line in Annex D’s architecture diagram and ATP-run portal possibility as a risk of creating new, unintended data-intermediary roles outside CCS’s protective scope.
    • Warns of a Green Deal-style risk: an expensive, centrally-funded infrastructure built for demand that may not materialise if SDR is delayed or SEC Other User adoption stays low.
  • Notable / distinguishing point: Agrees with Hybrid Model B but explicitly wants Hybrid Model A’s transactional element added ‘as soon as appropriate’ — the only respondent in this round to argue for layering in transactional fees sooner rather than avoiding them. Also corrects RECCo’s terminology: the correct term is ‘DCC Other User’, not ‘SEC Other User’.
Organisations with a broadly similar position (Design Consultation round): ScottishPower and Octopus Energy, both of whom engaged in similarly detailed, broadly constructive but critically engaged responses in this round; Centrica’s IDV concerns are also shared by East Lothian Housing Association and Ohme, both of whom separately argued the proposed photo-ID standard is disproportionate.

Octopus Energy

Consultation round (4 Oct 2024)
  • Position / support: Skeptical of need; declines to clearly back RECCo, asks Ofgem to revisit the Delivery Body assessment process.
  • Key concerns raised:
    • Questions whether the problem is real or significant at current market scale; warns against ‘over-engineering’ a solution to a narrow problem.
    • Opposes a centralised, consumer-facing dashboard — prefers a ‘frictionless, behind the scenes’ model with no new consumer brand.
    • Notes the options assessment gave too little weight to technical delivery track record, where other candidates outscore RECCo.
    • Wants funding considered as an explicit Delivery Body selection criterion, not decided afterward.
  • Notable / distinguishing point: Octopus Energy’s sister organisation within the Octopus Energy Group, Centre for Net Zero, submitted its own separate response to this consultation taking a more neutral, research-focused tone that declines to engage the Delivery Body and funding questions Octopus addresses here directly.
Organisations with a broadly similar position (Consultation round): EDF Energy, ElectraLink, Electricity North West (ENWL), and NGED, all of whom questioned or declined to firmly back RECCo’s selection as Delivery Body, generally on the grounds that the assessment criteria underweighted technical track record relative to governance. Design Consultation round (2026)
  • Position / support: Markedly more engaged and constructive than its 2024 stance; agrees with the large majority of the design, grounding nearly every answer explicitly in UK GDPR articles.
  • Key concerns raised:
    • Disagrees that EDPs should continue sharing data by default during a CCS outage (Q9) — argues this risks processing data without a valid lawful basis if consent was withdrawn shortly before the outage, and recommends data sharing pause during outages with a failover/skeleton system instead.
    • Flags performance/latency risk in the ‘check every time’ consent model for high-frequency data streaming use cases, suggesting a decentralised, long-lived consent model as an alternative for EDPs to consider.
    • Stresses that MPxN-to-address matching accuracy is ‘paramount’ given the sector’s history of data-quality issues (crossed meters, address mismatches) and the severity of consequence (one customer’s data going to the wrong person).
    • Raises that there is no explicit quantification of consumer demand for the CCS, and voices ‘reservations about the growing complexity and subsequent cost to consumers.’
  • Notable / distinguishing point: The most GDPR-doctrinal response in this round — nearly every answer cites a specific UK GDPR article (5(1)(c), 5(1)(d), 5(1)(f), 7(3), 18, 32) as the basis for agreement or disagreement, in contrast to the more commercial/operational framing used by most other respondents.
Organisations with a broadly similar position (Design Consultation round): ScottishPower and Centrica, both of whom engaged in similarly detailed, broadly constructive but critically engaged responses in this round.

EDF Energy

Consultation round (Oct 2024)
  • Position / support: No to Design Principles as drafted. No to RECCo as Delivery Body. Most directly oppositional response in this round.
  • Key concerns raised:
    • Argues no clear need for a solution has been demonstrated; existing GDPR portability and supplier consent processes already work.
    • Objects strongly to the Delivery Body being given discretion to expand scope to new datasets without further Ofgem consultation — calls this ‘not acceptable’.
    • Argues the RAG (Red/Amber/Green) Delivery Body assessment was unweighted and should have prioritised technical/operational capability and funding model over governance criteria — believes Electralink would have scored higher if weighted properly.
    • Opposes supplier funding outright; wants the model run on a commercial basis with the Delivery Body recovering costs from users, not suppliers.
    • Opposes the licensee obligation (Q8) and SLC0 as a mechanism.
  • Notable / distinguishing point: The clearest ‘No’ on both the Design Principles and the RECCo appointment of any respondent in either round.
Organisations with a broadly similar position (Consultation round): ElectraLink, Electricity North West (ENWL), NGED, and Octopus Energy, all of whom opposed or questioned RECCo’s selection — EDF’s response is the most directly oppositional of this group, being the only one to also reject the Design Principles outright. Design Consultation round (25 Mar 2026)
  • Position / support: Consistently and comprehensively oppositional — the clearest, most direct ‘No’ of any 2026 respondent; explicitly calls for development of the CCS to be halted entirely.
  • Key concerns raised:
    • Argues the case for the CCS has still not been made — no demonstrated consumer detriment from the status quo, benefits remain speculative, and costs (borne by consumers via bills) are real and immediate; warns of a repeat of the ‘midata’ scheme, where significant cost produced little benefit because the tool was rarely used.
    • Raises a detailed, specific technical objection not found in other responses: argues the consultation doesn’t explain how a CCS consent token would actually integrate with DCC Service Requests (which use GUID/Device ID, not MPxN), how token refresh would work for scheduled/recurring data retrieval, or how DCC would know which SRs require a token check at all — concludes the CCS ‘does not seem to be fit for purpose’ for managing DCC access as currently designed.
    • Disagrees that consent should sit with the occupier (Q3) — argues UK GDPR consent for an energy account is properly given by the bill payer (the contractual data subject for that account) regardless of who physically resides at the property, and that the proposed model ‘does not work for energy.’
    • Disagrees with the zero-trust ‘check every time’ model (Q8) and prefers a periodically-synchronised local-consent model at the ATP, partly to reduce CCS availability requirements; also disagrees with FAPI 2.0/mTLS as proposed, preferring strong signing and TLS 1.3 except for the highest-risk CCS-to-EDP leg.
    • Raises a previously-unaddressed legal question: whether Elexon has a lawful basis to share supplier-collected HH data via the SDR for purposes (e.g. third-party services) beyond the settlement/forecasting purpose suppliers originally notified customers of — calls for urgent ICO consultation on this point, arguing supplier consent (not just consumer consent) may be required since suppliers hold IP and cost interests in the data too.
    • On funding (Q25), opposes supplier-funded development outright on the same grounds as its 2024 response — argues suppliers have little incentive to use a service that duplicates capability they already have, and that RECCo is building something serving its own future commercial interests at suppliers’ (and ultimately consumers’) expense.
  • Notable / distinguishing point: The only response to challenge the technical viability of DCC integration in concrete protocol-level detail (GUID vs MPxN, SR scheduling, token refresh) rather than at the level of policy or principle — and the only response to call explicitly and directly for RECCo to halt further development of the CCS until a credible business case is demonstrated.
Organisations with a broadly similar position (Design Consultation round): Luxon Group and SSE, both of whom raised comparably fundamental objections to the MMP’s viability and cost case in this round; its DCC-integration critique is a distinctive, more technical variant of concerns ElectraLink and Auth Energy raised about architecture and scope more broadly.

E.ON Next

Design Consultation round (2026)
  • Position / support: Broadly the most security-maximalist and detailed response in this round — supports nearly every centralising and security-hardening design choice RECCo proposed, while raising substantial governance, liability, and long-term-funding questions; first response from this organisation in the tracker.
  • Key concerns raised:
    • Strongly opposes the ‘guest’ consent option (Q6) on security/auditability grounds — argues a persistent, authenticated account is essential for consumers to have a real-time ‘single point of truth’ over who holds their data, for auditability in a GDPR dispute or Subject Access Request, and to avoid fraud risk from low-assurance, transient guest sessions; sets out a detailed feature-by-feature comparison table contrasting guest vs authenticated access.
    • Strongly supports the zero-trust ‘check every time’ consent model (Q8) and FAPI 2.0/mTLS (Q10) as proportionate to the sensitivity of HH consumption data, framing both in UK GDPR Article 5(1)(f)/32 security-principle terms; proposes a 30-minute threshold for when a CCS outage should trigger suspension of data sharing rather than continued sharing (Q9).
    • Raises a detailed multi-occupancy liability question: how will the system handle frequent move-in/move-out events without invalidating existing consent records, and how should disputes be handled where a landlord’s ATP contract conflicts with a tenant’s data-access wishes?
    • On accreditation (Q26/Q27), raises a concern echoed by several other 2026 respondents — that the proposed ISO 27001/Cyber Essentials Plus standard may not fully replicate the assurance already provided by the existing SEC Trusted Framework for SEC Other Users, and recommends RECCo integrate rather than duplicate it.
    • On funding (Q25), accepts the principle of initial supplier-funded cost recovery but wants a clearly defined transition trigger and timeline toward a ‘user pays’ model, and separately raises a distinct equity concern: that a “tech savvy” early-adopter segment could gain access to cheaper data-driven tariffs while less digitally engaged households indirectly subsidise the platform’s foundational costs through standing charges.
  • Notable / distinguishing point: The only response to argue, in detail and against the prevailing tide of this round’s commentary, that the guest-access option is itself a design weakness rather than a welcome flexibility — directly opposed to the position taken by RLBA, Meet George, Citizens Advice, and several others who see guest access as essential for reducing friction.
Organisations with a broadly similar position (Design Consultation round): Octopus Energy, whose response is similarly GDPR-doctrinal and security-focused throughout, though E.ON Next’s specific opposition to guest access is not shared by Octopus; its ‘digital divide’/equity-in-funding concern is closely related to points raised by Luxon Group and CGI IT UK about disproportionate impact on less digitally engaged or vulnerable consumers.

Ecotricity

Consultation round (4 Oct 2024)
  • Position / support: Supports RECCo as best placed (REC code-holder, most representative of industry).
  • Key concerns raised:
    • Prefers a hybrid model over centralised or decentralised.
    • Opposes SLC0 as the implementation route — wants a bespoke licence condition instead, to avoid ambiguity.
    • Wants costs not to fall disproportionately on consumers who don’t benefit; floats a ‘users pay a premium’ early-stage funding option.
Organisations with a broadly similar position: Centrica, Cadent Gas, BUUK Infrastructure, equiwatt, Chameleon Technology, n3rgy, ETG, MCS Foundation, and Gemserv, all of whom supported RECCo’s appointment; Ecotricity’s preference for a hybrid architecture is also shared by ADE, MCS Foundation, n3rgy, equiwatt, Chameleon Technology, ETG, and Octopus Energy.

OVO Energy

Consultation round (4 Oct 2024)
  • Position / support: No strong view on Delivery Body — wants outstanding process questions resolved before any selection is finalised.
  • Key concerns raised:
    • Wants a full cost-benefit analysis and detailed assessment completed before any solution development proceeds.
    • Notes that current funding-model proposals would put the upfront cost burden on a specific set of licensees, which would ultimately fall on consumers.
    • Wants central, broadly-distributed funding rather than burden falling on a subset of market actors.
  • Notable / distinguishing point: Among the more procedurally cautious responses — broadly supportive in principle but unwilling to back specifics yet.
Organisations with a broadly similar position: Arup, Centre for Net Zero, Energy Saving Trust (EST), GreenSync, and Icebreaker One (IB1), all of whom declined to take a firm position on Delivery Body selection in this round, generally pending a fuller cost-benefit case.

SSE

Design Consultation round (25 Mar 2026)
  • Position / support: Sharply critical — argues the MMP as scoped doesn’t achieve the CCS’s own stated objective of simplifying the consent journey, and recommends it be treated as a beta/test product rather than a marketable one; opposes non-domestic implementation at this stage.
  • Key concerns raised:
    • Argues that restricting the CCS to explicit-consent-only access creates a fragmented landscape, since many real-world data-sharing scenarios rely on other lawful bases (contractual necessity, legal obligation, Power of Attorney) that the CCS won’t show — consumers will see only a partial picture of who holds their data, undermining the simplification goal.
    • Disagrees that consent should sit with the occupier rather than the bill payer (Q3) — argues suppliers (especially non-domestic) have no reliable operational means of identifying the occupier, and that requiring this represents a ‘fundamental expansion’ of data-collection obligations without a clear lawful route to fulfil it.
    • Raises a distinctive ‘consent sabotage’ risk with the lead-occupant model (Q4): because any matched occupant can revoke a lead occupant’s consent immediately, the model creates unavoidable service instability and a GDPR-conflict risk where someone not party to the original ATP relationship can unilaterally end it.
    • On funding (Q25), explicitly rejects mutualised/socialised cost recovery given the genuine uncertainty over how much the CCS will actually be used, and argues for a ‘User Pays’ model instead so non-domestic businesses aren’t forced to fund a service they’re unlikely to interact with for the foreseeable future.
    • On disputes (Q30), wants a ‘suspended’ status introduced rather than automatic termination on every dispute, warning the current design creates incentives for repeated or malicious revocation with no prevention mechanism, directly impacting flexibility and optimisation service continuity.
    • Repeatedly and explicitly opposes any non-domestic rollout until the MMP has demonstrated robust, valuable domestic use cases first.
  • Notable / distinguishing point: The clearest explicit recommendation in this round to reclassify the MMP’s status entirely — from ‘marketable product’ to ‘beta/pilot’ — rather than simply requesting changes within the existing MMP framing.
Organisations with a broadly similar position (Design Consultation round): EDF and Luxon Group, both of whom raised comparably fundamental objections to the MMP’s cost case and viability; its dispute-resolution ‘suspended status’ proposal closely echoes Ohme’s and ScottishPower’s separate calls for an investigation window before termination.

ScottishPower

CFI round (26 Jan 2024)
  • Position / support: No — directly answers that a new solution is not justified as framed.
  • Key concerns raised:
    • Existing GDPR data-portability rights and demand-flexibility consent processes already function; no demonstrated benefits case for Ofgem’s preferred option.
    • Criticises Ofgem for reaching a preferred option (the technical dashboard) before completing cost-benefit or behavioural-insights analysis.
    • Raises specific unresolved practical questions: consent on change of supplier, multi-occupancy/house-share consent, whether consent attaches to person or meter.
    • Flags digital exclusion: cites Citizens Advice data that ~2.9m UK adults don’t use the internet and ~11m lack basic digital skills.
  • Notable / distinguishing point: The most directly oppositional CFI response; explicitly says it is ‘surprised that Ofgem has reached a preferred option’ without a cost-benefit case.
Organisations with a broadly similar position (CFI round): Energy Saving Trust (EST) and Energy UK, who likewise rejected Ofgem’s default framing rather than simply choosing among the three options offered. Design Consultation round (2026)
  • Position / support: Marked shift from the CFI-round ‘No’ to detailed, constructive engagement; broadly supports the MMP scope but disagrees with several specific design choices on consent ownership, IDV, and the consent-checking model.
  • Key concerns raised:
    • Disagrees that consent should sit with the occupier rather than the bill payer (Q3) — its data-controller approach treats the named account holder as the data subject for all account data, and it would require assurance the account holder approved any third-party disclosure.
    • Disagrees with the ‘guest’ consent option (Q6) on security-integrity grounds; prefers CCS accounts only.
    • Disagrees with the zero-trust ‘check every time’ model (Q8); prefers an ATP-issued, CCS-authenticated token valid for its full duration as more cost-effective.
    • Disagrees that EDPs should continue sharing during a CCS outage (Q9) — wants data sharing to cease immediately until the CCS is confirmed reliable again.
    • Raises a detailed EDP-liability concern: if an ATP fails to notify the CCS of a revoked consent and the EDP relies on the (stale) CCS record, the EDP could end up in breach of data protection law despite having no control over or visibility of the ATP’s conduct — wants Data Sharing Agreements to allocate this risk to the ATP.
    • On funding (Q25), explicitly does not find Hybrid Model B convincing as currently framed — agrees accreditation/enforcement costs should sit with individual users but wants a transactional element added too, and proposes the initial funding period be capped at six months with a mandatory review of the enduring model.
  • Notable / distinguishing point: The most legally risk-focused response of the round on the EDP/ATP liability split — repeatedly traces specific failure scenarios (erroneous transfers, ATP non-notification, CCS malfunction) through to who bears the consequence, and consistently argues EDPs should not be exposed for failures outside their control.
Organisations with a broadly similar position (Design Consultation round): Centrica and Octopus Energy, both of whom engaged in similarly detailed, broadly constructive but critically engaged responses in this round; its funding-model skepticism is also shared, in different terms, by SEC Panel and Auth Energy.

Luxon Group

Design Consultation round (25 Mar 2026)
  • Position / support: Comprehensively oppositional, submitted on behalf of Utilita (a prepayment- and vulnerable-consumer-focused supplier); argues the consultation has exceeded Ofgem’s original remit and that costs have not been shown to outweigh benefits; first response from this organisation in the tracker.
  • Key concerns raised:
    • Argues customer-facing businesses, not RECCo, are best placed to own the customer journey, and that mandating a common journey via Customer Experience Guidelines would create a barrier to innovation; strongly opposed to including CEGs in the REC at all, calling this a ‘backwards step’ inconsistent with Ofgem’s broader move toward outcomes-based regulation.
    • Disagrees with the high-confidence photo-ID IDV standard — argues existing SEC validation checks are already proven and less arduous, and that REC hasn’t justified treating household consumption-data consent with the same rigour as NHS data access; separately raises that photo-ID requirements will disengage digitally excluded consumers who rely on trusted third parties for help.
    • Raises a sharp process complaint, also echoed by ElectraLink: states that RECCo has confirmed no material changes to the technical architecture can be considered at this stage, which it says limits the value of substantive technical feedback at this point in the consultation.
    • Questions the cost-justification for the proposed 99.9% availability target, noting Open Banking operates at only 99.5%, and asks for a cost-differential analysis before committing to the higher figure.
    • On funding (Q25), opposes the proposal that early users bear no transactional cost — argues this shifts costs onto consumer bills at a time when government policy is focused on reducing them, and that organisations deriving commercial benefit (including EDPs, not just ATPs) should contribute from the outset rather than relying solely on supplier-funded cost recovery.
    • On accreditation (Q26/Q27), argues a CCS-specific accreditation regime duplicates existing SEC assurance for DCC Other Users and goes against the broader direction of code manager reform toward cross-code efficiency; separately argues it may not be legally possible to mandate certification costs onto CCS users in the way proposed.
    • Recommends RECCo deliver only a minimal core service (a consent database, a simple consumer-facing interface, and a full review of IDV options/costs) and treat anything beyond that as scope expansion requiring its own cost-benefit case.
  • Notable / distinguishing point: The clearest ‘minimal viable core, everything else is scope creep’ framing of any 2026 respondent — proposes a specific, named floor for what RECCo should deliver rather than simply critiquing the current proposal in the abstract.
Organisations with a broadly similar position (Design Consultation round): EDF and SSE, both of whom raised comparably fundamental cost/viability objections; its CEG opposition and architecture-freeze process complaint are closely related to points raised separately by EDF (CEG status) and ElectraLink (process transparency).

Thermal Storage UK

CFI round (19 Jan 2024)
  • Position / support: Did not give a direct Yes/No on whether a consent solution is required; response is limited to general comments on a narrower, adjacent issue rather than engaging the consultation’s core question set.
  • Key concerns raised:
    • Focused almost entirely on ensuring alignment with the parallel Smart and Secure Electricity System (SSES) programme and the PAS 1878 standard for energy smart appliances (ESAs).
    • Wants automatic asset registration to extend to all qualifying appliance types (EV chargepoints, batteries, heat pumps, storage heaters, heat batteries), not just the shorter illustrative list Ofgem used in the consultation.
    • Sees benefit for smart-heating-appliance manufacturers in gaining structured access to relevant data, but frames this as a heat-decarbonisation and ESA-registration issue rather than commenting on the consent mechanism’s design directly.
  • Notable / distinguishing point: The narrowest-scope response of either round — does not engage the Design Principles, delivery body, funding, or architecture questions at all, focusing solely on appliance-registration alignment with a separate, parallel government programme.
Organisations with a broadly similar position: No other respondent in the file store shares this response’s narrow focus on ESA/appliance-registration alignment rather than the consent mechanism itself — this is a distinct, narrowly-scoped submission with no close match among the other 39 organisations tracked here.

Network Operators

SSEN Distribution

CFI round (2 Feb 2024)
  • Position / support: Broadly supportive of a solution; favours an ‘ecosystem’ of federated data-sharing rather than a single central database.
  • Key concerns raised:
    • Risk of inconsistent rules across four overlapping parallel workstreams (Smarter Regulation, Non-Domestic Consultation, this CFI, Vulnerability Strategy).
    • Wants assurance that smart meter data’s recent reclassification as Open Data isn’t undermined by this work.
    • Flags PSR lawful-basis confusion (legitimate interest vs explicit consent) as a live risk area.
    • Raises a specific edge case: a DNO required to aggregate to 5 customers may lose legal basis for consumption data use if one of the five withdraws consent.
  • Notable / distinguishing point: Proposes (with the ENA) a multi-database ‘data sharing ecosystem’ model as its preferred alternative framing of Option 1.
Organisations with a broadly similar position: SGN, SPEN, DCC, RECCo, Citizens Advice, FDATA, and Open Data Institute (ODI), all of whom backed some version of Option 1 in the CFI round, though SSEN’s own preferred model was a federated ‘data sharing ecosystem’ rather than a single central database.

SP Energy Networks (SPEN)

CFI round (26 Jan 2024)
  • Position / support: Yes to a solution; prefers Option 1.
  • Key concerns raised:
    • Worried a bilateral, Open-Banking-style consent model would leave DSOs without access to data needed for network planning — wants DSO/DNO data parity with flexibility providers.
    • ICO has separately advised that consent may not be a suitable lawful basis for PSR/vulnerable customers — wants this addressed directly.
    • Wants automatic consent invalidation/update on change of occupancy built in technically from the start.
  • Notable / distinguishing point: Distinct DNO/DSO-specific framing not shared by most respondents — worried the consent model could structurally disadvantage network planning access to data.
Organisations with a broadly similar position: SGN, SSEN Distribution, DCC, RECCo, Citizens Advice, FDATA, and Open Data Institute (ODI), all of whom backed Option 1 in the CFI round.

SGN

CFI round (26 Jan 2024)
  • Position / support: Yes to a solution; prefers Option 1.
  • Key concerns raised:
    • No clarity yet on who would own/operate the central solution centrally.
    • Concerned about disengagement risk for digitally-excluded or less digitally-literate consumers.
  • Notable / distinguishing point: Disagrees that ‘Consumer empowerment, protection and trust’ is a valid standalone use case — sees it as substantively overlapping with ‘Retail specialisation’.
Organisations with a broadly similar position: SPEN, SSEN Distribution, DCC, RECCo, Citizens Advice, FDATA, and Open Data Institute (ODI), all of whom backed Option 1 in the CFI round.

Electricity North West (ENWL)

Consultation round (4 Oct 2024)
  • Position / support: Disagrees with RECCo as sole Delivery Body.
  • Key concerns raised:
    • Believes the Delivery Body assessment contains inconsistencies and risks a conflict of interest between current and future stakeholder needs.
    • Wants governance on accountability and decision-making more clearly defined — unclear how the Delivery Body will be held to account by stakeholders.
    • Concerned about concentration of power in a single Delivery Body across technical design, marketing, and consumer trust functions.
  • Notable / distinguishing point: Proposes a collaborative joint-venture delivery model leveraging existing industry capability, as an alternative to a single-organisation appointment.
Organisations with a broadly similar position: EDF Energy, ElectraLink, NGED, and Octopus Energy, all of whom opposed or questioned RECCo’s selection as Delivery Body.

NGED (National Grid Electricity Distribution)

Consultation round (4 Oct 2024)
  • Position / support: Notes but does not firmly endorse RECCo’s selection; raises fairness concerns about the assessment.
  • Key concerns raised:
    • Questions the ‘Amber’ rating given to ElectraLink for Implementation & Governance, especially given RECCo itself is currently unlicensed and upcoming Code Reform/licensing changes may close the gap.
    • Argues ElectraLink, via Distribution Licence extension, represents an already-embedded governance route that could deliver at comparable speed.
    • Supports centralised architecture specifically for consent data (not underlying consumer data), and wants alignment with the emerging DSI framework.
  • Notable / distinguishing point: More measured than EDF/ENWL/ElectraLink but raises the same RAG-weighting critique — part of a broader pattern of DNOs questioning the fairness of RECCo’s selection.
Organisations with a broadly similar position (Consultation round): EDF Energy, ElectraLink, Electricity North West (ENWL), and Octopus Energy, all of whom opposed or questioned RECCo’s selection, with NGED specifically sharing ElectraLink’s view that the governance/RAG assessment treated ElectraLink unfairly. Design Consultation round (2026)
  • Position / support: Markedly more constructive and detail-focused than its 2024 Delivery-Body-fairness critique; broadly cooperative but withholds firm views on several questions pending more design detail (e.g. procurement of a technical provider).
  • Key concerns raised:
    • Wants clearer interoperability diagrams showing how EDPs, industry, and other parties connect — notes it isn’t yet confident enough in the design to agree or disagree with some proposals.
    • Flags that voluntary (rather than mandated) SEC Other User participation “immediately undermines” the CCS business case, and separately worries consumers won’t understand the difference between an SEC Other User consent and a CCS consent during the transition.
    • Raises a data-resale concern not found elsewhere in this round: how will the CCS prevent data shared under tenant consent from being passed on to a party (e.g. a landlord) who hasn’t obtained equivalent consent?
    • Disagrees that EDPs should continue sharing data during a CCS outage (Q9) — wants EDPs to always explicitly check consent given the inability to verify token validity during an outage.
    • Withholds comment on several governance and technical questions (funding model, roadmap fit) explicitly because RECCo has not yet procured a technical delivery provider, making it hard to assess design maturity.
  • Notable / distinguishing point: One question (Q32, additional comments) was left as an unfilled template placeholder in the version reviewed — a minor completeness gap, much smaller in scale than DCC’s largely incomplete submission, but worth noting for accuracy.
Organisations with a broadly similar position (Design Consultation round): Xoserve, which shares NGED’s pattern of broadly cooperative engagement with several technical questions deferred pending further design maturity; its data-resale/landlord concern echoes points raised separately by Centrica (Q1) about onward use of data by EDPs.

Engineering & Consultancy

Arup

Consultation round (9 Oct 2024)
  • Position / support: Agrees with Design Principles (with additions); no comment on Delivery Body, options assessment, or funding (Q5–Q7, Q9).
  • Key concerns raised:
    • Recommends adding interoperability with non-energy sectors (health, water, transport, finance) and a dedicated ‘futureproofing’ design principle.
    • Flags that accreditation/verification processes for the consent solution should be checked for overlap with separate verification regimes for DSI, FMAR, and other market platforms, to avoid duplicated onboarding burden.
    • Notes all proposals require a baseline level of digital maturity and recommends alternative/assisted access routes be considered from the outset for inclusivity.
  • Notable / distinguishing point: Declines to comment on the most contested questions (Delivery Body, funding, SLC0) — confines its input to technical/interoperability design principles, drawing on its own Digital Spine Feasibility Study and Flexibility Markets Unlocked work.
Organisations with a broadly similar position: Centre for Net Zero, Energy Saving Trust (EST), GreenSync, Icebreaker One (IB1), and OVO Energy, all of whom declined to take a firm Delivery Body or funding position in the formal consultation round.

Auth Energy

Design Consultation round (25 Mar 2026)
  • Authorship note: This submission was written by the project user (not an independently-sourced third-party position). Treat the analysis as the user’s own advocacy/critique rather than as independent stakeholder corroboration when assessing consensus across the consultation round.
  • Position / support: Supportive of the CCS’s underlying policy objectives but the most sharply and comprehensively critical response of this round on implementation — argues the proposed design has expanded materially beyond what Ofgem actually decided in April 2025; first response from this organisation in the tracker.
  • Key concerns raised:
    • Central argument: the design consultation introduces a single centralised API endpoint, mandatory mTLS for all ATP-to-EDP data exchange (not just CCS interactions), and a full accreditation/governance regime that go well beyond the hybrid model Ofgem’s Consumer Consent Decision actually mandated — none of which were consulted on or cost-benefit assessed, and calls this ‘unjustified scope expansion.’
    • On resilience, calculates that the stated 99.9% availability target equates to roughly 8 hours of downtime a year and argues the consultation doesn’t adequately assess the cascading commercial/consumer harm of an outage of that length given the single-endpoint design; asks for a published failure-mode analysis.
    • Argues mandating mTLS for bilateral ATP-EDP channels (not just CCS-facing ones) imposes disproportionate cost on smaller ATPs and new entrants, directly undermining the stated goal of lowering barriers to entry — and notes UK Open Banking itself doesn’t mandate mTLS for all participant-to-participant exchange.
    • Flags that the legal/regulatory status of the Customer Experience Guidelines (CEGs) is unresolved — are they a binding REC obligation or indicative guidance? — creating compliance uncertainty for ATPs building consent journeys now.
    • Identifies a gap in the behavioural archetypes: no ‘digitally/disengaged consumer’ archetype, which it considers the most prevalent and most at-risk group.
    • On the funding model (Q25), supports continuing the RECCo cost-recovery model short-term but wants a specific, defined review trigger (e.g. a participant or transaction-volume threshold) written into the REC, not an open-ended ‘initial period.’
    • In two addenda submitted after the main consultation, flags that CCS scope expansion is directly cited as the justification for deferring Tariff Interoperability Phase 1b (per TIWG slides published 24 Feb 2026), and separately proposes a three-part framework for managing consent visibility at multi-occupancy properties as data changes hands between occupants.
  • Notable / distinguishing point: The only response structured as a thematic critique with a formal five-point call to action (publish a scope baseline, commission a supplementary cost-benefit analysis, revert mandatory mTLS to a recommendation, confirm the MMP timeline against the original summer-2026 MVP commitment, and publish a market-transition impact assessment) rather than as sequential answers to RECCo’s own question numbering.
Organisations with a broadly similar position (Design Consultation round): DCC and SEC Panel, both of whom separately raised the over-centralisation and SEC-duplication concerns; its funding review-trigger concern echoes ScottishPower’s call for a capped, time-limited initial funding period.

Candidate Delivery Bodies

DCC (Data Communications Company)

CFI round (26 Jan 2024)
  • Position / support: Yes to Option 1; explicitly volunteers DCC itself as delivery body.
  • Key concerns raised:
    • Wants Option 1 build wrapped into DCC’s licence reset (due ~2028) for governance/accountability.
    • Flags need to coordinate with parallel SEC reform and Other-User onboarding work to avoid duplication.
    • Notes Option 1 will likely cost more than Options 2/3 and that funding mechanism is undefined at CFI stage.
  • Notable / distinguishing point: Most assertive CFI-stage self-nomination as delivery body, citing its existing smart-metering infrastructure (55m meters, 100m devices) and licence framework.
Consultation round (Oct 2024)
  • Position / support: No standalone DCC submission to this round was found in the file store; DCC was not selected as the eventual Delivery Body. The note below describes how other organisations characterised DCC’s role in this round, independent of any direct DCC submission.
  • Notable / distinguishing point: Several smaller respondents (Chameleon, n3rgy, equiwatt) recommended in their own submissions that DCC retain a funding-mechanism or centralised-component role working under RECCo, even though DCC itself was not selected as Delivery Body — citing DCC’s existing funding model (used for the Central Switching Service) as a ready-made mechanism RECCo could reuse rather than build from scratch.
Organisations with a broadly similar position (CFI round): RECCo, Citizens Advice, FDATA, Open Data Institute (ODI), SGN, SPEN, and SSEN Distribution, all of whom backed Option 1 in the CFI round, though DCC was the only one of this group to directly nominate itself as the delivery body. Design Consultation round (2026)
  • Position / support: Genuinely supportive of the trust-framework concept in principle, but raises substantial structural concerns about SEC/CCS overlap — though this submission is itself incomplete, with only Q1 and Q10 substantively answered and all other 30 questions left as unfilled template placeholders (e.g. “[Q3 Response]”) in the version reviewed.
  • Key concerns raised (from the two answered questions):
    • Supports the centralised consent ledger, token-based validation, and hybrid model in principle as reducing fragmentation and barriers to entry — but warns that including SEC Other Users in MMP scope creates a material risk of contradictory duties between SEC and REC obligations (e.g. over revocation precedence, liability, and assurance) unless an explicit cross-code alignment plan is published first.
    • Argues DCC ‘cannot carry risk for data access it does not control’ — if the CCS revokes consent but the SEC still legally requires DCC to provide data, this creates an unresolved compliance conflict.
    • On FAPI 2.0/mTLS (Q10), notes DCC’s existing PKI/security model (400m+ certificates, 10+ years’ operation) is already equivalent or better, and offers to let RECCo reuse this infrastructure rather than build a parallel one — while warning that mandating these standards for ATP-to-EDP data exchange (rather than just CCS-to-participant) may be scope creep beyond the CCS’s role as a consent layer.
    • Argues there must be a clear separation between consent management and energy data sharing, warning that blurring this boundary risks ‘governance incoherence’ and ‘unacceptable risks for MMP.’
  • Notable / distinguishing point: The only response in this round that is itself materially incomplete — whether this reflects a genuine partial submission, a placeholder version being circulated by mistake, or an intentionally limited filing is not stated in the document; it should be treated as a partial data point only, not as DCC’s complete position on the 30 unanswered questions.
Organisations with a broadly similar position (Design Consultation round): SEC Panel and Auth Energy, both of whom separately raised the same core concern about SEC/CCS overlap, duplicated assurance effort, and the degree of centralisation in the proposed architecture; its PKI-reuse offer is a distinctive point not raised by other respondents. Consultation round (Oct 2024)
  • Position / support: Disagrees with RECCo’s selection; argues ElectraLink should be appointed instead.
  • Key concerns raised:
    • Believes its own design was the basis referenced in the consultation’s preferred architecture, and that delivery capability cannot be safely outsourced/procured.
    • Disputes the ‘Amber’ governance rating it received, arguing it can demonstrate equivalent governance via Distribution Licence extension.
    • Cites two decades of experience managing similarly sensitive data flows (PSR, MHHS, Gas ETs, RGMA, CSS) as evidence of operational readiness.
  • Notable / distinguishing point: The only respondent to make a sustained, structured self-nomination case against RECCo’s selection, point-by-point.
Organisations with a broadly similar position (Consultation round): EDF Energy, Electricity North West (ENWL), NGED, and Octopus Energy, all of whom opposed or questioned RECCo’s selection — ElectraLink is the only respondent to make a sustained, structured case for its own appointment instead. Design Consultation round (25 Mar 2026)
  • Position / support: Having lost the Delivery Body question, now argues the MMP itself is too narrow and structurally compromised to deliver the consumer trust the project was created for; disagrees with the proposed scope, IDV model, and several governance points, while becoming notably more cooperative on funding and accreditation than in 2024.
  • Key concerns raised:
    • Argues the MMP is too limited to build trust: a multi-year period of partial coverage, a two-tier access model (SEC Other Users included, DCC not treated as the primary baseline route), the omission of gas entirely, and a single centralised IDV approach together risk producing ‘a low-value, confusing early experience that damages confidence’ rather than a credible foundation.
    • Strongly opposes hard-wiring a single, centrally governed IDV route — argues this risks the same public backlash seen around other centralised digital-identity initiatives in the UK, and that retrofitting plurality later is typically slow and costly; wants multiple IDV providers from MMP launch.
    • Argues the consent model as described doesn’t meet the ‘informed consent’ bar Ofgem itself set out — deferring key disclosures to secondary pages, or allowing consent to data sharing ‘for all purposes’, risks long-term trust failure once consumers realise data has been reused in ways they didn’t expect.
    • Raises a sharp process complaint: Working Group suggestions that deviate from RECCo’s preferred route have reportedly been overlooked with little transparency on why, and asks RECCo to publish the rationale for design decisions that departed from industry SME input.
    • On disputes (Q30), argues the proposed paths focus too narrowly on administrative error and don’t address deliberate misuse of consumer data, nor clarify what powers RECCo would have to suspend a misusing party.
    • Explicitly states that, given the scale of unresolved design issues, ‘a pause may be more appropriate’ to properly align stakeholders and develop a more realistic, accountable roadmap.
    • By contrast, is now broadly comfortable with the initial funding model, accreditation model, and use of the existing REC change process — a marked shift from its all-fronts 2024 opposition focused on the Delivery Body decision itself.
  • Notable / distinguishing point: The clearest example in this round of an organisation’s critique migrating from ‘who should deliver this’ (2024) to ‘how the chosen design has been put together, and by what process’ (2026) — explicitly calling for a pause rather than simply flagging concerns within the existing timeline.
Organisations with a broadly similar position (Design Consultation round): Luxon Group, which separately complained that RECCo had confirmed no material architecture changes would be considered at this stage; its IDV-pluralism argument is shared, for different underlying reasons, by Centrica, CGI IT UK, and East Lothian Housing Association.

Tech / Data Platform Providers

n3rgy

Consultation round (4 Oct 2024)
  • Position / support: Supports RECCo as the delivery/administration body, despite preferring a different architecture.
  • Key concerns raised:
    • Argues a single centralised portal is a ‘one size fits all’ approach that will create high friction for some consumer segments.
    • Believes large centralised builds have a poor track record of cost/time efficiency in the energy sector specifically.
    • Proposes a hybrid model that minimises the central component, letting multiple organisations run their own front-ends against shared technical/legal standards.
  • Notable / distinguishing point: Argument and structure closely mirrors equiwatt’s and Chameleon’s responses — likely a shared/templated position among this group of vendors.
Organisations with a broadly similar position (Consultation round): equiwatt and Chameleon Technology, whose submissions share substantially the same argument and structure (likely templated or coordinated) and the same conclusion: support RECCo as Delivery Body while preferring a hybrid, minimised-central-component architecture over the consultation’s proposed central portal. Design Consultation round (25 Mar 2026)
  • Position / support: ⚠️ This submission is textually identical, word-for-word, to Auth Energy’s 2026 response in this round — same executive summary, same nine bullet concerns, same question-by-question answers, same two addenda, with only the respondent’s name and a single self-description clause (‘seasoned energy data provider and third-party user of energy data’ vs Auth Energy’s ‘seasoned and experienced advisor’) differing between the two documents. Confirmed cause: both submissions were authored by the project user, filed under two different organisation names — not a coincidental industry template. The content as filed therefore cannot be treated as an independent second data point — see the Auth Energy entry under Engineering & Consultancy for the substantive position (unjustified scope expansion, centralised IDV/liability concerns, disproportionate mTLS mandate for bilateral ATP-EDP exchange, ambiguous CEG status, missing ‘digitally disengaged’ archetype, undefined funding review trigger).
  • Notable / distinguishing point: Originally logged as “the clearest instance of likely templated/duplicated submission” found across either consultation round — now confirmed as a single author filing under two names, rather than two organisations independently coordinating or sharing a template. Distinct from the 2024 ‘shared argument and structure’ pattern seen in n3rgy/equiwatt/Chameleon, which varied in specific wording even while sharing a common position and were presumably independent. Both the Auth Energy and n3rgy 2026 responses must be treated as one voice, not two, in any consensus count.
Organisations with a broadly similar position (Design Consultation round): Auth Energy — whose response this submission duplicates verbatim; not an independent corroborating view.

equiwatt

Consultation round (Oct 2024)
  • Position / support: Supports RECCo (‘the clear choice’ of the three candidates).
  • Key concerns raised:
    • Same core critique as n3rgy/Chameleon: single centralised portal is not viable on cost, speed, or consumer-experience grounds.
    • Proposes a hybrid model minimising the central component.
  • Notable / distinguishing point: Near-identical content/structure to n3rgy’s and Chameleon’s responses.
Organisations with a broadly similar position: n3rgy and Chameleon Technology, whose submissions share substantially the same argument and structure and the same conclusion: support RECCo while preferring a hybrid, minimised-central-component architecture.

Chameleon Technology

Consultation round (4 Oct 2024)
  • Position / support: Supports RECCo, but wants DCC retained for funding mechanism / centralised component delivery.
  • Key concerns raised:
    • Same hybrid/minimise-the-centre argument as n3rgy and equiwatt.
    • Believes the proposed security/verification requirements are ‘naive’ and add cost without proportionate value if the hybrid model is adopted.
    • Wants a bespoke licence condition rather than SLC0.
  • Notable / distinguishing point: Recommends DCC’s existing Central Switching Service funding mechanism be reused, and that SECAS/ElectraLink also play supporting roles alongside RECCo.
Organisations with a broadly similar position: n3rgy and equiwatt, whose submissions share substantially the same argument and structure and the same conclusion: support RECCo while preferring a hybrid, minimised-central-component architecture.

Gemserv

CFI round (26 Jan 2024)
  • Position / support: Yes to a solution; prefers Option 1 layered with a ‘light touch’ Option 2.
  • Key concerns raised:
    • Produced a detailed pros/cons table on Option 1: flags centralisation-of-risk, cost, and ‘minimum viable capability’ risk explicitly.
    • Does not trust a voluntary code (Option 3) alone to deliver sufficient assurance.
    • Flags unresolved questions: periodic reconsent cadence, and whether ‘business information’ (e.g. tariff data) needs to sit alongside personal usage data for full consumer benefit.
  • Notable / distinguishing point: Most structured methodological critique of any CFI response (formal pros/cons table).
Consultation round (4 Oct 2024)
  • Position / support: Agrees with the Design Principles; agrees RECCo is well placed as Delivery Body.
  • Key concerns raised:
    • Wants a tighter definition of ‘interoperability’ — considers the current definition too broad.
    • Wants compatibility confirmed with the parallel Data Sharing Infrastructure (DSI) work and the Interim DSI Co-ordinator role.
    • Suggests an independent assurance body could sit alongside RECCo to oversee delivery.
  • Notable / distinguishing point: One of the few organisations to respond substantively to both rounds with a consistent, constructive (rather than oppositional) position throughout.
Organisations with a broadly similar position: Centrica, Cadent Gas, BUUK Infrastructure, Ecotricity, equiwatt, Chameleon Technology, n3rgy, ETG, and MCS Foundation, all of whom supported RECCo’s appointment as Delivery Body in the formal consultation round; Gemserv is among a small number of organisations (with DCC, EST, and NESO/ESO) that responded substantively to both the CFI and the formal consultation.

Icebreaker One (IB1)

CFI round (Jan 2024)
  • Position / support: Rejects all three of Ofgem’s options; proposes a fourth: a ‘Trust Framework’.
  • Key concerns raised:
    • Believes an overly technical framing (Option 1) misses governance, legal, and engagement dimensions that a true trust framework requires.
    • Recommends adding carbon accounting as a fifth high-priority use case, citing its own Perseus scheme.
  • Notable / distinguishing point: Only CFI respondent to propose an entirely new option rather than choosing among the three given — notable in hindsight since RECCo’s eventual CCS explicitly brands itself a ‘Trust Framework’.
Consultation round (Oct 2024)
  • Position / support: Declines to endorse RECCo or any of the three shortlisted Delivery Bodies.
  • Key concerns raised:
    • Argues the proposed centralised system in para 1.6 adds friction (new account, password, MFA) rather than reducing it.
    • Wants the Delivery Body shortlist itself reconsidered — asks why only retail-energy-sector organisations were considered.
    • Wants DCC, RECCo and ElectraLink to publicly respond to points raised in the consultation before a final view can be reached.
  • Notable / distinguishing point: Position hardened between rounds: from ‘reject the three options, propose a fourth concept’ (CFI) to ‘reject the shortlist of candidates entirely’ (formal consultation).
Organisations with a broadly similar position: Arup, Centre for Net Zero, Energy Saving Trust (EST), GreenSync, and OVO Energy, all of whom declined to firmly back any of the three shortlisted Delivery Bodies in the formal consultation — IB1’s response goes further than this group by explicitly questioning why the shortlist itself was limited to retail-energy-sector organisations.

Open Data Institute (ODI)

CFI round (Jan 2024)
  • Position / support: Yes to a solution; supports Option 1.
  • Key concerns raised:
    • Stresses ‘responsible data stewardship’ and harm-reduction framing throughout.
    • Recommends an independent data institution (akin to Open Banking Ltd) operate the solution, with Ofgem delegating delivery rather than running it directly.
  • Notable / distinguishing point: Strong institutional overlap with IB1’s framing, though ODI works within Option 1 rather than proposing a new option.
Organisations with a broadly similar position: Icebreaker One (IB1), whose CFI response shared a similar institutional framing (an independent body akin to Open Banking Ltd operating the solution), and Citizens Advice and FDATA, who also backed Option 1.

ESG Global

Design Consultation round (25 Mar 2026)
  • Position / support: Broadly agrees with the proposed scope but answers most detailed questions with ‘no comment’, reflecting its position as a software vendor awaiting firmer requirements before committing a view; first response from this organisation in the tracker.
  • Key concerns raised:
    • Seeks a joint CCS/Tariff Interoperability Solution (TIS) solution design — believes the proposed ‘EDP checks CCS each time’ model (Q8) conflicts with the TIS webhook-based notification model it already understands, and doesn’t think it sensible for an Energy Supplier (as EDP) to check the CCS before every TIS notification.
    • Flags that the architecture diagram’s stated encryption/token/certificate requirements appear to vary by integration pair (EDP–CMS vs ATP–CMS vs EDP–ATP) despite FAPI 2.0 being cited as the uniform standard, and asks RECCo to clarify the discrepancy.
    • Notes the consultation doesn’t address the multi-year TLS lifespan, domain-validation, and EKU-separation changes already underway industry-wide through 2029, and asks for this to be factored into the architecture.
    • Repeatedly stresses value-for-money: asks for explicit business-case and cost-benefit checks against every optional Annex G roadmap item, warning the roadmap ‘should not be gold plated’ given energy suppliers and consumers ultimately bear the cost.
  • Notable / distinguishing point: The most consistently cost/value-skeptical response on roadmap scope of any 2026 respondent, explicitly asking ‘who is going to play the role of critical friend in CCS when it comes to scope and decisions?’
Organisations with a broadly similar position (Design Consultation round): Its TIS-alignment concern is closely related to Ohme’s call for clearer cross-programme coordination; its cost-proportionality concerns are echoed by Stark and SEC Panel.

CGI IT UK Ltd

Design Consultation round (25 Mar 2026)
  • Position / support: The most detailed, evidence-rich critique of the IDV and accreditation proposals in this round, drawn from eight years’ direct experience as an SEC Other User; broadly disagrees with several core proposals while proposing specific, constructive alternatives; first response from this organisation in the tracker.
  • Key concerns raised:
    • Lists nine concrete operational disincentives for SEC Other Users to migrate to the CCS as proposed (system changes, contract changes with existing IDV partners, new accreditation costs, double-jeopardy exposure to both SEC and REC charging, inability to migrate a client’s consumers all at once given staggered consent expiry, among others) and asks RECCo to help resolve them.
    • Disagrees with the proposed ‘high confidence’ GPG 45 IDV standard for HH consumption data (Q5) — argues ‘medium confidence’ is proportionate, and cites a Manchester University study on voter ID exclusion rates to estimate that requiring photo ID could cause roughly 2.7 million UK adults to fail the CCS IDV process; separately states that in eight years as an SEC Other User it has experienced no disputes arising from its existing non-photo-ID verification approach.
    • Disagrees with the proposed accreditation model (Q26) — sets out in detail the three-part SEC qualification process (Sections H1.10, G, and I) that Other Users already complete and are annually re-assessed against, and argues this meets or exceeds what CCS accreditation would require, so should be recognised rather than duplicated.
    • Proposes a novel ‘de-minimis’ tier (Q32) for low-volume or time-limited use cases — research projects, small pilot/innovation trials, consumer apps under common ownership with their EDP — exempting them from full FAPI 2.0, REC accreditation, and WCAG 2.2 obligations below a proposed threshold (e.g. up to 20,000 MPxNs, two data extracts), to avoid making such use cases commercially unviable.
    • Raises a distinctive technical-debt question: how will Change of Tenancy be detected and acted on within the CCS, given this is already, in its own words, “probably the least robust of the industry processes” today due to dependencies across multiple third parties.
    • Also flags post-quantum cryptography readiness and recommends RECCo commission penetration testing of CCS infrastructure, particularly consumer-facing components — points not raised by any other 2026 respondent.
  • Notable / distinguishing point: The only response to propose a fully worked-out de-minimis exemption tier with specific numeric thresholds, rather than simply objecting to one-size-fits-all requirements in the abstract; also the only response to quantify IDV-exclusion risk with an external academic data point.
Organisations with a broadly similar position (Design Consultation round): Its SEC-equivalence argument for accreditation is shared by Luxon Group, SEC Panel, E.ON Next, and Auth Energy/n3rgy; its specific IDV-confidence-level critique (medium vs high) closely parallels Centrica’s NHS App comparison and Luxon Group’s argument from existing SEC practice.

Perse

Design Consultation round (2026)
  • Position / support: Conditional ‘yes’ to MMP scope, with four explicit qualifications (fair ATP accreditation access, technical concerns, consent/identity clarifications, and unquantified cost); first response from this organisation in the tracker.
  • Key concerns raised:
    • Pushes back hard on the case for adding new IDV/consent barriers on top of existing SEC-approved processes, citing its own DESNZ-funded Smart Meter Data Repository research finding only 31% of DCC Users (and just 8%, 13 entities, of Other SEC Parties) had completed onboarding — argues this shows existing barriers are already a problem, and asks what evidence of actual harm justifies adding more.
    • Disagrees that multi-occupant household consumption data should automatically be treated as personal data, given it ‘is not impossible’ to attribute to a single individual on Ofgem’s own framing — wants a separate framework for data deemed not personal.
    • Disagrees with the zero-trust ‘check every time’ model (Q8) — argues this should be the ATP’s liability to manage, and that EDP-side checking is disproportionate ‘given the lack of evidence of abuse.’
    • On accreditation, wants existing SEC Other Users explicitly recognised rather than required to requalify.
    • As a white-label/third-party-brand provider (powering brands such as Compare the Market), specifically asks that ATPs have input into how they’re described to consumers in the consent interface, so the underlying brand relationship can be made clear.
  • Notable / distinguishing point: The most consistently evidence-demanding response of the round — repeatedly asks what data RECCo has analysed on actual consumer harm or breach rates under existing SEC processes before adding new requirements on top of them.
Organisations with a broadly similar position (Design Consultation round): ESG Global and SEC Panel, both of whom argued against introducing CCS requirements that duplicate or go beyond existing, already-functioning SEC processes.

Novoville – Shared Works

Design Consultation round (2026)
  • Position / support: Consistently and uniformly supportive across nearly every question; first response from this organisation in the tracker.
  • Key concerns raised: None raised as objections; comments are framed throughout as forward-looking suggestions rather than disagreements — principally that the CCS should remain open to future interoperability with wider property-data and digital-identity ecosystems (e.g. UPRN-based property identifiers, Open Banking-style federated IDV) as it matures beyond MMP.
  • Notable / distinguishing point: The most uniformly supportive response of the round — agrees with the proposed approach on every substantive question (scope, IDV, centralised/decentralised split, funding, accreditation) without raising a single point of disagreement, while consistently flagging cross-sector interoperability as a long-term consideration for later phases.
Organisations with a broadly similar position (Design Consultation round): RLBA, which shares Novoville’s interest in property-data interoperability, though RLBA raises this as a substantive objection to the current design (rejecting the guest-consent model and centralised CCS-account approach) rather than as a forward-looking suggestion within an otherwise fully supported design.

Meet George

Design Consultation round (25 Mar 2026)
  • Position / support: The most uniformly enthusiastic response of this round — an AI-powered, self-service energy-switching platform for UK SMEs that strongly supports nearly the entire design, with its sole substantive request being committed timelines for non-domestic/microbusiness expansion; first response from this organisation in the tracker.
  • Key concerns raised:
    • Repeatedly asks for firm, published delivery dates for microbusiness/non-domestic inclusion, Tariff Interoperability dataset inclusion, and delegated authority access models — argues these three capabilities are interdependent and together would enable a fully digital, consent-based SME switching service, but that the current roadmap’s complete absence of dates for ‘Next’ and ‘Later’ horizons prevents organisations from planning investment decisions.
    • Strongly supports centralised IDV (Q5) as levelling the playing field, but asks RECCo to consider a tiered model — full photo-ID IDV for ongoing data access, a lighter ‘medium confidence’ tier for one-time, read-only comparisons (e.g. checking whether a tariff is competitive) where data isn’t stored.
    • Strongly supports the zero-trust consent-checking model and FAPI 2.0/mTLS, framing both as the right approach for consumer trust and citing their proven use in Open Banking; asks for a comprehensive SDK, sandbox environment, and certificate-lifecycle documentation to lower the integration barrier for smaller technology entrants.
    • On the dispute resolution model, generally supportive of automatic termination on dispute but suggests a brief “do you recognise this service?” prompt before termination to reduce false-positive disputes from consumers who have simply forgotten signing up.
    • Distinctively, asks that the architecture and monitoring framework explicitly account for AI-powered and automated platforms as a first-class integration pattern, distinguishing legitimate high-volume automated consent processing from suspicious activity in fraud/assurance monitoring.
  • Notable / distinguishing point: The only respondent in either consultation round to argue from the perspective of an AI-native, fully self-service platform, and the only one to ask RECCo to explicitly design assurance/monitoring baselines around automated (rather than purely human-driven) consent journeys.
Organisations with a broadly similar position (Design Consultation round): Its push for a committed non-domestic timeline stands in direct contrast to Stark’s view that no sufficient case for non-domestic CCS development has yet been made — the two responses represent opposite ends of the non-domestic-expansion debate in this round.

Tech / Smart Device Manufacturers

myenergi

CFI round (Jan 2024)
  • Position / support: Yes to a solution; prefers Option 3 (industry code of conduct).
  • Key concerns raised:
    • Believes a technical solution (Option 1) would be the costliest and slowest option, with no cost/timeline information yet provided.
    • Cites Ofgem’s own history of ‘prematurely over-regulating’ as a reason for caution.
    • Notes the supplier/consumer trust relationship is double-edged: useful infrastructure, but also a source of consumer distrust given recent supplier failures and forced prepayment meter installations.
Organisations with a broadly similar position (CFI round): ev.energy and Flexitricity, who also preferred Option 3 and questioned Option 1’s cost and timeline.

Ohme

Design Consultation round (25 Mar 2026)
  • Position / support: Broadly supportive, with detailed UX and operational concerns specific to its position as an app-based EV smart-charging ATP; first response from this organisation in the tracker.
  • Key concerns raised:
    • Flags that the Elexon SDR may not be available at MMP go-live (March 2027) and could slip to 2028 — wants clarity on sequencing for ATPs dependent on the SDR route.
    • Significant concern about consumer drop-off from the proposed photo-ID IDV journey, given Ohme’s customers have already bought and installed a chargepoint before reaching the consent step — strongly supports earlier adoption of federated/delegated IDV (relying on ATPs’ own existing KYC checks) rather than RECCo’s proposed redirect-based model.
    • Wants the ‘guest’ vs CCS-account distinction clarified, given the Ohme app is the primary customer interface and won’t want to redirect customers to an unfamiliar CCS account-creation flow.
    • Raises latency concerns with the zero-trust ‘check every time’ consent model for time-sensitive flexibility/demand-response services, and disagrees with RECCo’s characterisation that ‘mission-critical services’ won’t use the CCS.
    • On disputes (Q30), disagrees with automatic termination of consent the moment a dispute is raised — wants a defined investigation window first, citing UK GDPR Article 18 (restriction of processing) as the more appropriate standard than immediate termination.
  • Notable / distinguishing point: The clearest ‘cumulative regulatory burden’ argument in this round — explicitly maps the CCS against MHHS, FMAR, DSI, SDR, Tariff Interoperability and SSES Regulations as overlapping programmes with their own timelines, and asks Ofgem to clarify who holds overarching coordination responsibility across all of them.
Organisations with a broadly similar position (Design Consultation round): Its concerns about IDV friction are shared by East Lothian Housing Association and Centrica; its multi-programme coordination concern is closely echoed by ESG Global, which separately asked for a joint CCS/Tariff Interoperability solution design.

Flexibility / Demand-Side Response

Flexitricity

CFI round (25 Jan 2024)
  • Position / support: Yes to a solution; prefers Option 3, uncertain about Option 1’s cost/viability.
  • Key concerns raised:
    • Raises a specific edge case: how would a customer who opts out of general supplier-led consent, but wants to consent to one specific third party (e.g. a DSRSP), be accommodated (‘boutique consents’)?
    • Wants clarity on governance of a third-party data hub — who is accountable for granting/revoking access.
    • Flags absence of a load control licence as a current gap allowing unlicensed aggregators to access domestic flexibility data.
  • Notable / distinguishing point: Raises the single-party/‘boutique consent’ edge case not found in other responses.
Organisations with a broadly similar position: ev.energy and myenergi, who also preferred Option 3 over Option 1, citing cost and governance uncertainty.

Flexibility / LCT Integration

GreenSync

Consultation round (3 Oct 2024)
  • Position / support: Respects Ofgem’s minded-to position; considers all three shortlisted organisations capable.
  • Key concerns raised:
    • Slight preference for a centralised model if consumer trust/usability can be maintained; otherwise open to hybrid.
    • Wants implementation time/cost included explicitly in any final Delivery Body assessment.
  • Notable / distinguishing point: One of the most neutral/non-committal responses on Delivery Body selection.
Organisations with a broadly similar position: Arup, Centre for Net Zero, Energy Saving Trust (EST), Icebreaker One (IB1), and OVO Energy, all of whom took a neutral or non-committal position on Delivery Body selection in the formal consultation round.

Energy Technology Group (ETG)

Consultation round (Oct 2024)
  • Position / support: Qualified support for RECCo — ‘in the absence of any other consumer-focused organisation’.
  • Key concerns raised:
    • All three shortlisted Delivery Bodies are industry-focused, not consumer-focused, and the assessment criteria did not consider end-consumer experience at all — considers this a significant oversight.
    • Wants the Customer Consent solution database aligned architecturally with the separate Flexibility Market Asset Register to avoid duplicate/inconsistent records.
    • Concerned smaller ETG members lack the resource base of large suppliers to engage fully in ongoing working groups, risking biased future design input.
  • Notable / distinguishing point: Notes RECCo intends to fund initial work from existing contingency/change allowances — welcomes this as avoiding new unbudgeted costs for smaller ESA operators.
Organisations with a broadly similar position: Centrica, Cadent Gas, BUUK Infrastructure, Ecotricity, equiwatt, Chameleon Technology, n3rgy, Gemserv, and MCS Foundation, all of whom supported RECCo’s appointment, though ETG’s support is the most heavily qualified of this group, given its concern that none of the three candidates have consumer-facing experience.

Cross-Sector / Financial Data

FDATA (Financial Data and Technology Association)

CFI round (Jan 2024)
  • Position / support: Yes to a solution; supports Option 1.
  • Key concerns raised:
    • Notes consumer groups were not directly consulted in Ofgem’s process and recommends this be corrected, citing Open Banking’s practice of direct consumer-rep involvement throughout delivery.
  • Notable / distinguishing point: Recommends Ofgem adopt an equivalent of Open Banking’s Customer Experience Guidelines (CEGs) — a recommendation RECCo later acted on directly for the CCS programme.
Organisations with a broadly similar position: Citizens Advice, Open Data Institute (ODI), DCC, RECCo, SGN, SPEN, and SSEN Distribution, all of whom backed Option 1 in the CFI round.

Market Infrastructure Bodies

Elexon

Consultation round (4 Oct 2024)
  • Position / support: Cooperative; does not contest RECCo’s selection.
  • Key concerns raised:
    • High-level architecture descriptions need more scrutiny / detail before final design decisions are made.
    • Wants to be closely involved in the design phase given its smart meter data repository (Kinnect/SDR) is a key initial use case.
  • Notable / distinguishing point: Positions itself as a delivery partner/integration stakeholder rather than a Delivery Body contender.
Organisations with a broadly similar position: Centrica, Cadent Gas, BUUK Infrastructure, Ecotricity, equiwatt, Chameleon Technology, n3rgy, ETG, Gemserv, and MCS Foundation, all of whom were broadly supportive of or did not contest RECCo’s selection — Elexon’s response is distinctive in positioning itself purely as an integration partner (via its SDR/Kinnect platform) rather than commenting on Delivery Body merits directly.

NESO (National Energy System Operator) / ESO

CFI round (26 Jan 2024)
  • Position / support: High-level supportive holding response; no firm option preference stated.
  • Notable / distinguishing point: Procedural CFI response; flags its own Virtual Energy System programme as a related parallel initiative.
Consultation round (2 Oct 2024)
  • Position / support: Generally supportive, with constructive design suggestions; does not contest RECCo.
  • Key concerns raised:
    • Consumers should only need to give consent once per dataset, not repeatedly for every new product/service signed up to.
    • Consent solution should explicitly provide for cases where the bill payer does not live or work at the property.
    • Stresses the solution must be co-designed with consumer groups, not just industry, to earn trust.
Organisations with a broadly similar position: SEC Panel (Smart Energy Code), whose CFI response was similarly high-level and procedural at this stage.

SEC Panel (Smart Energy Code)

CFI round (26 Jan 2024)
  • Position / support: No substantive position taken — procedural holding response.
  • Notable / distinguishing point: Notes a new SEC Privacy Sub-Committee was being stood up (expected Feb 2024) and would engage substantively at a later stage.
Organisations with a broadly similar position (CFI round): NESO (National Energy System Operator) / ESO, whose CFI response was similarly high-level and procedural, deferring substantive engagement to a later stage. Design Consultation round (2026)
  • Position / support: Substantively engaged this round (in contrast to its CFI holding response); broadly supportive but consistently presses for proportionality and avoidance of duplication with existing SEC frameworks.
  • Key concerns raised:
    • Frames the CCS as something that should enhance and standardise existing SEC Other User consent practices rather than introduce parallel or duplicative requirements, given the SEC OU framework is already regulated and GDPR-compliant.
    • Wants clarity on what happens if the Elexon SDR is not available at MMP go-live, given its inclusion is explicitly conditional.
    • Questions the degree of centralisation in the architecture, asking RECCo to better justify reliance on a central endpoint and consider whether the chosen design still matches the hybrid model decided by Ofgem.
    • Flags a transition-period risk: a fragmented consumer experience where some consents are visible in the CCS and others aren’t, while migration is voluntary and renewal-based.
    • On accreditation (Q26) and minimum security standards (Q27), repeatedly asks RECCo to align with — rather than duplicate — existing SEC assurance processes, given the CCS approach is more prescriptive than the SEC’s broader assurance-based model.
    • On funding (Q25), warns that low consumer uptake could undermine the programme’s anticipated benefits and wants funding arrangements to flex with actual adoption levels.
  • Notable / distinguishing point: Consistently positions itself as the institutional custodian of two decades of SEC operational experience, repeatedly asking RECCo to justify departures from established SEC practice rather than simply accepting the new CCS framework on its own terms.
Organisations with a broadly similar position (Design Consultation round): DCC and Auth Energy, both of whom separately raised concerns about CCS-SEC overlap, duplication of assurance/accreditation effort, and the degree of centralisation in the proposed architecture.

Gas Networks

Cadent Gas

Consultation round (3 Oct 2024)
  • Position / support: Broadly supports the proposed solution and RECCo’s selection.
  • Key concerns raised:
    • Wants third-party competency, use case, and not-for-profit status checks before granting data access.
    • Flags a funding-fairness point: as a Gas Distribution Network, currently pays nothing toward REC management under the existing charging methodology, and does not believe parties who don’t benefit should be brought into the charging arrangements.
  • Notable / distinguishing point: No strong model preference (centralised/decentralised/hybrid).
Organisations with a broadly similar position: Centrica, BUUK Infrastructure, Ecotricity, equiwatt, Chameleon Technology, n3rgy, ETG, Gemserv, and MCS Foundation, all of whom supported RECCo’s appointment as Delivery Body in the formal consultation.

Xoserve

Design Consultation round (25 Mar 2026)
  • Position / support: Supportive of the MMP as a pragmatic starting point, responding as the gas industry’s Central Data Service Provider (CDSP) and an anticipated future Energy Data Provider; first response from this organisation in the tracker.
  • Key concerns raised:
    • Central, recurring theme across nearly every answer: the architecture, MPxN-to-address matching, and non-functional requirements must explicitly accommodate gas as well as electricity from the outset, given differences in market systems, supply-point characteristics, and institutional structures between the two fuels — repeatedly requests bilateral discussions with RECCo on this point.
    • On outages (Q9), argues that if EDPs ultimately bear the legal risk of sharing data, EDPs should be able to immediately and without penalty cease sharing during a CCS outage if they judge the risk unacceptable, and separately raises an open question about how GDPR compliance risk/liability would be allocated if data is shared during an outage but the consent record later shows it had been revoked.
    • Explicitly declines to comment on UX design questions (Q16–Q23), noting only that “we have not provided views on User Experience design” — the only respondent in this batch to abstain from the entire UX section as a block.
    • On accreditation and the REC change process, consistently asks for clear mechanisms through which gas-sector EDPs and other affected parties can input into CCS governance, working groups, and consultations going forward.
  • Notable / distinguishing point: The only respondent in either consultation round to engage from an explicitly cross-fuel (gas and electricity) perspective — every substantive answer is framed around ensuring the CCS doesn’t become an electricity-only design that creates rework or exclusion risk for gas market participants later.
Organisations with a broadly similar position (Design Consultation round): No other 2026 respondent shares Xoserve’s consistent gas/electricity cross-fuel framing; its general ‘broadly supportive, several open implementation questions’ posture is closer to NGED’s than to either the strongly oppositional (EDF, Luxon, SSE) or strongly critical (ElectraLink, Auth Energy) responses in this round.

Gas Networks / Utility Infrastructure

BUUK Infrastructure

Consultation round (4 Oct 2024)
  • Position / support: Supports REC/RECCo as Delivery Body, citing its track record and forthcoming licensed status.
  • Key concerns raised:
    • Flags that this solution must cover all GB properties from day one, unlike comparable schemes (Open Banking, GOV.UK) that scaled up gradually — sees this as a harder delivery challenge than usually acknowledged.
    • Linking static property records to the correct consenting individual will require new approaches beyond existing analogues.
    • Public education on the solution’s purpose will be the single largest determinant of success.
Organisations with a broadly similar position: Centrica, Cadent Gas, Ecotricity, equiwatt, Chameleon Technology, n3rgy, ETG, Gemserv, and MCS Foundation, all of whom supported RECCo’s appointment as Delivery Body.

Metering

Stark

Design Consultation round (25 Mar 2026)
  • Position / support: No strong objection to the domestic MMP as scoped, but consistently and pointedly argues the roadmap should not assume any future non-domestic/microbusiness extension follows naturally from the domestic model; first response from this organisation in the tracker.
  • Key concerns raised:
    • On almost every question, repeats a single structural point: non-domestic energy data consent and authority is already commonly handled through portfolio authority or delegated written broker/TPI authority, so extending the domestic CCS occupier-consent and IDV model to non-domestic settings should not be assumed and would need its own separate legal/lawful-basis assessment.
    • On funding and accreditation, supportive of the MMP-stage approach but wants RECCo to recognise existing SEC Other User privacy/assurance arrangements rather than impose a duplicate CCS-specific layer.
    • States plainly in its roadmap answer (Q31) that, in its view, ‘a sufficient case for non-domestic CCS development has not been made’ and recommends non-domestic items be removed from the roadmap rather than retained as an implied future phase.
  • Notable / distinguishing point: The only response in this round organised almost entirely around a single recurring argument (domestic/non-domestic separation) applied consistently across all 32 questions, rather than raising a range of distinct issues — reflecting that Stark, as a metering organisation serving non-domestic/I&C customers, does not currently serve the domestic market this MMP targets.
Organisations with a broadly similar position (Design Consultation round): ESG Global and SEC Panel, both of whom separately argued for recognising existing sector frameworks (SEC, TIS) rather than layering new CCS-specific requirements on top.

Property & Housing

East Lothian Housing Association

Design Consultation round (2026)
  • Position / support: Supportive of the CCS in principle but raises a sustained, detailed objection to the proposed identity-verification model as applied to its specific use case; first response from this organisation in the tracker.
  • Key concerns raised:
    • Central argument: as a Housing Association, it already definitively establishes who occupies a property (through the tenancy-granting process) and already verifies tenant identity to set up digital tenancy accounts — so a further third-party photo-ID IDV check via the CCS is, in its words, “a nonsense” that duplicates work already done to a comparable or higher standard.
    • Warns that requiring photo-ID submission to an unfamiliar third party will suppress uptake almost entirely among its tenant base, drawing a direct analogy to Open Banking’s account-linking model (which doesn’t require repeat IDV once an account is established).
    • Proposes a ‘passporting’ mechanism: housing associations and similar organisations with verifiable systems for establishing occupancy should be able to register as ATPs whose requests bypass standard IDV checks, taking on direct responsibility (and accreditation risk) for the accuracy of their own verification.
    • On funding/accreditation (Q25), asks for charges to be waived or reduced, or deferred, for ATPs with a strong social purpose or limited financial resources — explicitly framed around its own non-profit, regulated-sector structure.
    • Proposes a ‘Digital Assistant’ / proxy-access model so trusted intermediaries (family, neighbours, advice agencies) can help vulnerable or older tenants manage consent without losing control of their own account.
  • Notable / distinguishing point: The clearest first-hand ‘differentiated IDV by use case’ argument of the round — doesn’t object to high-confidence IDV as a general principle, but argues a one-size-fits-all approach is wrong because some ATP categories (like housing associations) already meet or exceed the underlying assurance goal through entirely different means.
Organisations with a broadly similar position (Design Consultation round): Its IDV-friction concern is shared by Ohme and Centrica, though East Lothian’s proposed solution (use-case-specific passporting for organisations with pre-existing occupancy verification) is distinct from either.

Residential Logbook Association (RLBA)

Design Consultation round (2026)
  • Position / support: Broadly agrees with the CCS’s objectives but raises a structural objection to siloing ‘energy data’ apart from the wider property-data ecosystem, and rejects two specific design choices (the property/energy data split, and the guest/account consent model) on those grounds; first response from this organisation in the tracker.
  • Key concerns raised:
    • Argues the property/energy data split embedded in the CCS design is a supplier-led framing not supported by consumer research — residents think of all data about their home together, and would be better served by Digital Building Logbooks (DBLs) or similar single consent dashboards spanning property, energy, EPC and solar PV data, rather than a separate CCS-specific dashboard.
    • Disagrees with the proposed centralised IDV approach (Q5) — wants the CCS to integrate with identity systems already being built and tested in the property sector rather than introduce a further, conflicting ID system.
    • Disagrees with the binary ‘CCS account vs guest’ framing (Q6/Q7) — argues these aren’t the only two options and that the better model is a single, federated interface (akin to smartphone notification management) through which a resident manages all data-sharing consents across multiple providers, with DBLs as the natural home for this.
    • On UX archetypes (Q16), argues the proposed four archetypes ignore tenure type (owner-occupier vs renter) entirely, which it considers a more significant differentiator of need than the archetypes used.
    • Recommends RECCo’s design principles explicitly enable new categories of third party — like DBL providers — to build consent dashboards that embed CCS functionality, rather than treating the CCS portal as the only consumer-facing interface; suggests this may need a new participant class beyond the current ATP definition.
  • Notable / distinguishing point: The only response to argue, on principle, that the CCS’s energy-specific framing is itself a design flaw — not because the consent mechanics are wrong, but because residents’ practical experience of “managing data about my home” doesn’t separate cleanly into energy vs non-energy categories the way the REC/SEC institutional structure does.
Organisations with a broadly similar position (Design Consultation round): Novoville, which shares RLBA’s interest in property-data interoperability, though Novoville raises this as a forward-looking suggestion for later phases rather than as an objection to the current MMP design.

Consumer & Civil Society Organisations

Citizens Advice

CFI round (Jan 2024)
  • Position / support: Strongly supportive; advocated for this idea since its own 2018 smart-meter-dashboard paper.
  • Key concerns raised:
    • Wants the dashboard user-tested with people who are less digitally confident.
    • Wants clarity on how the new process interacts with existing SEC/licence-condition consent rules.
  • Notable / distinguishing point: Cites its own research that 89% of consumers consider data control important, and that 23% see data-access concerns as the biggest barrier to smart meter uptake.
Organisations with a broadly similar position (CFI round): FDATA, Open Data Institute (ODI), DCC, RECCo, SGN, SPEN, and SSEN Distribution, all of whom backed Option 1 (a single technical dashboard) in the CFI round. Design Consultation round (March 2026)
  • Position / support: Sharply critical of the scope reduction since the original 2024/2025 vision — argues the proposed MMP no longer meets the project’s own founding purpose and ‘does not represent the minimum marketable product.’
  • Key concerns raised:
    • Object strongly to energy supplier data access, pre-portal consents, and SEC Other User access all being moved out of scope or made voluntary — argues this means data flows a consumer would expect to see will simply be missing, and that data access could ‘disappear’ from the portal the moment a provider changes its access method, which would mislead consumers.
    • Argues showing all DCC-based data access (achieved in Citizens Advice’s own 2018 proof-of-concept) should be the bare minimum for a credible MMP, and is concerned RECCo is not reusing this established, tested approach.
    • Warns that an apparently near-empty dashboard at launch risks irrecoverable reputational damage to consumer trust in the tool.
    • On branding (Q14), strongly prefers white-labelling the CCS portal under recognisable existing brands over creating an entirely new bespoke brand, citing its own ‘widget’ model research.
    • On accessibility (Q17), wants the guidelines to go beyond broad principles to specific deliverables (e.g. text-to-speech compatibility) and recommends consulting usability experts directly.
  • Notable / distinguishing point: The only organisation in this round to argue the MMP itself has been mis-scoped relative to the project’s founding purpose, rather than raising implementation-level concerns within an accepted scope; explicitly traces this back through its own continuous policy position since 2013 and through Ofgem’s 2024/2025 consultation documents, arguing RECCo’s framing has drifted from “showing consumers who accesses their data” toward “helping industry establish opt-in consent.”
Organisations with a broadly similar position (Design Consultation round): Which?, whose response raises closely related concerns about scope reduction (particularly DCC data exclusion from MMP) undermining the project’s original transparency purpose.

Which?

Design Consultation round (2026)
  • Position / support: A narrow, single-issue response — substantively answers only Q1 (MMP scope) and leaves all other 31 questions blank; first response from this organisation in the tracker.
  • Key concerns raised:
    • Argues the MMP as currently scoped risks failing the CCS’s core purpose — giving consumers visibility into who accesses their data — because it cannot accommodate DCC data flows until after MMP launch, meaning the initial product may show very little actual consented data use even where a household’s data is genuinely being accessed by multiple parties through the DCC.
    • Cites its own “Building consumer trust in Smart Data” research and Ofgem’s founding language (that the level of transparency “must cover all onward data-sharing”) to argue the current design has narrowed scope relative to the project’s original remit.
    • Wants RECCo and Ofgem to explicitly: clarify how a Minimum Marketable Product without smart meter data flows can support consumer trust; plan for mitigating the resulting trust risk through clear communication of limitations; and set out a concrete plan and timeline for when smart meter data will actually be included.
    • Raises a forward-looking interoperability point: as energy and property data become more intertwined (low-carbon retrofit, Digital Building Logbooks), the CCS should be designed so other consumer dashboards can incorporate its functionality rather than requiring consumers to use multiple separate systems.
  • Notable / distinguishing point: Despite submitting on the official 32-question response form, chose to concentrate its entire substantive input into a single, extended answer to Q1 — the only response in this round to engage with just one question in this much depth while leaving the rest of the form untouched.
Organisations with a broadly similar position (Design Consultation round): Citizens Advice, whose response raises closely related and more extensively detailed concerns about the same underlying scope-reduction issue; Which?’s interoperability point is also echoed, in a property-sector context, by RLBA.

Scottish Pensioners’ Forum

CFI round (Jan 2024)
  • Position / support: Does not directly answer Yes/No; deeply skeptical throughout.
  • Key concerns raised:
    • Distrustful of the framing of ‘trusted market partners’ — argues today’s trusted partner can become tomorrow’s rogue operator.
    • Concerned demand-responsive pricing structurally disadvantages medically vulnerable / fixed-need consumers.
    • Insists on explicit opt-in only, no implied consent, and no resale or onward transmission of data.
    • Skeptical that any real benefit reaches consumers versus commercial organisations harvesting the data.
  • Notable / distinguishing point: The clearest consumer-advocacy dissenting voice across either round; frames the entire premise as posing more questions than it answers.
Organisations with a broadly similar position: ScottishPower, whose CFI response shared a broadly skeptical posture toward the consultation’s framing, though for different reasons (cost-benefit case vs consumer-protection risk).

Open Data Institute / University of Bristol – REPHRAIN (academic)

CFI round (Jan 2024)
  • Position / support: Yes, cautiously — warns against overpromising an ‘easy’ solution.
  • Key concerns raised:
    • Cautions against principles-based (Option 2) and voluntary-code (Option 3) approaches based on published research showing both tend to under-deliver in comparable digital-policy contexts.
    • Flags risk that the mechanism could be repurposed for surveillance/profiling if ‘third parties’ scope is not tightly defined.
    • Recommends avoiding the phrase ‘technical solution’ in public communications in favour of consumer-facing framing (e.g. ‘consumer energy data dashboard’).
  • Notable / distinguishing point: Only response grounded explicitly in peer-reviewed academic literature on consent-mechanism design (joint submission via the Bristol Cyber Security Group / REPHRAIN national research centre).
Organisations with a broadly similar position: Citizens Advice, FDATA, and Open Data Institute (ODI), who also supported Option 1, while sharing this response’s specific caution — grounded in published research — against principles-based (Option 2) and voluntary-code (Option 3) alternatives.

Energy Saving Trust (EST)

CFI round (30 Jan 2024)
  • Position / support: Yes; broadly supportive of the goal, opposes the ‘centralised database’ framing specifically.
  • Key concerns raised:
    • Concerned Ofgem is moving too fast from problem-identification to a centralised-database solution.
    • Opposes a supplier-funded model; if centrally run, should be centrally funded to avoid a ‘free rider’ problem.
    • Flags unresolved practical questions: multi-occupancy consent, consent transfer on change of tenancy.
  • Notable / distinguishing point: Represents 100+ members; rejects the centralised framing while supporting the underlying aim — wants an interoperable, API-first model instead.
Consultation round (4 Oct 2024)
  • Position / support: No view stated on Delivery Body or funding model.
  • Key concerns raised:
    • Wants a privacy principle added distinct from security — covers explicit, periodically-refreshed consent and easy revocation.
    • Shares a concrete cautionary data point: previously had to discontinue its own smart-meter-data-driven (DCC ‘Other User’) service due to the cost of ongoing accreditation/audit requirements.
    • Wants secure-by-design measures (encryption at rest/in transit, zero-trust architecture, real-time threat detection) specified more explicitly than the consultation currently does.
  • Notable / distinguishing point: Provides rare first-hand evidence of accreditation/audit cost actually forcing a market exit — directly relevant to ongoing CCS qualification-cost debates.
Organisations with a broadly similar position: In the CFI round: Energy UK, and less directly ScottishPower, who shared a similar ‘yes to the aim, no to a centralised-database framing’ position; In the formal consultation round: Arup, Centre for Net Zero, GreenSync, Icebreaker One (IB1), and OVO Energy, all of whom declined to take a firm Delivery Body or funding position.

Centre for Net Zero (Octopus Energy Group)

Consultation round (Oct 2024)
  • Position / support: No view offered on Delivery Body or funding mechanism (explicitly declines to comment).
  • Key concerns raised:
    • Agrees with the direction toward a less centralised design; continues to advise against an overly centralised architecture.
    • Focuses response narrowly on its area of research interest (Gen-AI applications to data sharing) rather than engaging the full question set.
  • Notable / distinguishing point: Distinct, more research-focused submission from sister organisation Octopus Energy’s separate, more critical industry response — worth reading as two different voices from the same corporate group.
Organisations with a broadly similar position: Arup, Energy Saving Trust (EST), GreenSync, Icebreaker One (IB1), and OVO Energy, all of whom declined to take a firm Delivery Body or funding position in the formal consultation round; Centre for Net Zero’s preference against over-centralisation is also shared by ADE, MCS Foundation, n3rgy, equiwatt, Chameleon Technology, ETG, and Ecotricity.

Trade Associations

Energy UK

CFI round (30 Jan 2024)
  • Position / support: Yes to the underlying aim; explicitly rejects defaulting to a ‘centralised database’ framing of Option 1.
  • Key concerns raised:
    • Concerned Ofgem is moving too fast from problem identification to a centralised-database solution.
    • Opposes a supplier-funded model outright; if centrally run, should be centrally funded to avoid a ‘free rider’ problem.
    • Critiques Option 3 by analogy: cites six years of patchy harmonisation in the DNO-led ENA Open Networks programme as evidence voluntary coordination doesn’t reliably converge.
    • Flags multi-occupancy consent and consent-transfer-on-change-of-tenancy as unresolved design questions.
  • Notable / distinguishing point: Represents 100+ members; wants an interoperable, API-first, multi-party-maintained model rather than a single centralised dashboard — a distinct architecture position from most other Option-1 supporters.
Organisations with a broadly similar position: Energy Saving Trust (EST), and less directly ScottishPower, who shared a similar ‘yes to the aim, no to this specific framing’ position in the CFI round.

Association for Decentralised Energy (ADE)

Consultation round (4 Oct 2024)
  • Position / support: Supports RECCo as Delivery Body.
  • Key concerns raised:
    • Prefers decentralised or hybrid over centralised — cites reputational and single-point-of-failure risk of full centralisation.
    • Wants close coordination with the SSES Load Controller licensing timeline given the expanding pool of actors gaining access to consumer data.
    • Cannot yet judge the proposed accessibility/inclusivity standards until the Usage Governance Mechanism is published.
  • Notable / distinguishing point: Explicitly cautions that RECCo’s prior consumer-consent work, while valuable, ‘must not entirely influence’ the solution’s development — wants continued flexibility-sector co-design from the outset.
Organisations with a broadly similar position: MCS Foundation, n3rgy, equiwatt, Chameleon Technology, ETG, Ecotricity, and Octopus Energy, all of whom preferred a decentralised or hybrid architecture over full centralisation; ADE’s support for RECCo’s appointment is shared by Centrica, Cadent Gas, BUUK Infrastructure, Ecotricity, equiwatt, Chameleon Technology, n3rgy, ETG, Gemserv, and MCS Foundation.

MCS Foundation

Consultation round (Oct 2024)
  • Position / support: Agrees with Design Principles; supports RECCo as Delivery Body; agrees with the options assessment.
  • Key concerns raised:
    • Opens with a pointed caveat: government/regulator-led IT programmes have a ‘less than stellar track record’ of on-time, on-budget delivery, and this ‘cannot be allowed to happen here’ given how much rides on flexibility.
    • Prefers decentralised or hybrid over centralised, citing consumer and sector reputational risk if consent is mishandled centrally.
    • Wants funding to be fair and not used as a justification for new consumer bill levies; notes paras 4.12–4.14 raise the fairness issue without yet proposing how it translates into a concrete funding mechanism.
  • Notable / distinguishing point: One of the more procedurally supportive responses overall, but frames its support inside an explicit warning about public-sector technology delivery risk.
Organisations with a broadly similar position: Centrica, Cadent Gas, BUUK Infrastructure, Ecotricity, equiwatt, Chameleon Technology, n3rgy, ETG, ADE, and Gemserv, all of whom supported RECCo’s appointment as Delivery Body; MCS Foundation’s preference for a decentralised or hybrid architecture is also shared by ADE, n3rgy, equiwatt, Chameleon Technology, ETG, Ecotricity, and Octopus Energy.

Code Bodies / Self-Interested Party

RECCo (Retail Energy Code Company)

CFI round (26 Jan 2024)
  • Position / support: Yes to a solution; supports Option 1 (single technical dashboard).
  • Key concerns raised:
    • Sees consumer trust and buy-in as the single biggest implementation barrier, citing recent sector-wide trust erosion.
    • Suggests a phased, agile MVP rollout rather than a big-bang delivery.
  • Notable / distinguishing point: Submitted ahead of its own April 2025 appointment as Delivery Body; already referenced its own Sept 2023 discovery work, 5 design principles, and full support for the Energy Digitalisation Taskforce’s recommendations — effectively pre-positioning itself for the role it was later given.
Organisations with a broadly similar position: DCC, Citizens Advice, FDATA, Open Data Institute (ODI), SGN, SPEN, and SSEN Distribution, all of whom backed Option 1 in the CFI round — RECCo’s own CFI submission pre-dated its April 2025 appointment as Delivery Body.

Cross-cutting observations (as of this update)

(This section is intentionally relational — unlike the entries above, it draws comparisons across organisations and is meant to be read as a summary, not as a standalone reference for any single organisation.)
  • Delivery Body selection is the most contested question in the formal consultation round: at least five respondents (EDF, ElectraLink, ENWL, NGED, Octopus) directly question or oppose RECCo’s selection, mostly on grounds that the RAG assessment criteria were unweighted and underweighted technical/operational track record relative to governance.
  • Funding remains unresolved across both rounds: no respondent in either round had a completed cost-benefit analysis or Impact Assessment to react to; multiple respondents (Centrica, EDF, Energy UK, EST) independently raise the same structural concern — that whoever funds the Delivery Body may not be the same parties who use or benefit from the solution.
  • A cluster of smaller tech/data vendors (n3rgy, equiwatt, Chameleon) submitted near-identical arguments and structure, suggesting coordinated or templated input — worth treating as a single voice with three signatures rather than three independent perspectives when weighing consensus.
  • Consumer-side concerns (Citizens Advice, Scottish Pensioners’ Forum, ODI/REPHRAIN) are consistently more skeptical of — or attach more conditions to — consent-based mechanisms than most industry respondents, particularly regarding vulnerable consumers, implied consent, and digital exclusion.
  • EST’s CFI and Consultation responses, considered together, supply a concrete real-world data point: a respected non-profit actually exited a smart-meter-data service due to accreditation/audit cost — a useful evidence anchor for later cost-related questions in the CCS programme.
  • Several respondents (RECCo, ODI, IB1, ADE) anticipated the eventual ‘Trust Framework’ branding RECCo later adopted for the CCS — IB1’s CFI response in particular proposed this concept as an alternative to all three of Ofgem’s original options, well before RECCo’s own appointment.
Design Consultation round (2026) — additional observations:
  • The centre of gravity has shifted: in 2024, the contested question was who should deliver the CCS; in 2026, with that settled, the contested questions are the specific design choices — IDV standard, the zero-trust ‘check every time’ consent model, and the degree of centralisation. At least nine respondents (Centrica, ScottishPower, East Lothian Housing Association, Ohme, Octopus, RLBA, EDF, Luxon Group, CGI IT UK) raise substantive objections to the proposed photo-ID-based ‘high confidence’ IDV standard, making it the single most contested design choice across both batches of this round.
  • A second recurring theme is overlap and duplication with the existing Smart Energy Code (SEC) framework: DCC, SEC Panel, Auth Energy (whose submission is also filed under n3rgy’s name — see authorship note, one voice not two), Ohme, Stark, Perse, E.ON Next, Luxon Group, and CGI IT UK all separately argue that CCS-specific accreditation, IDV, or security requirements risk duplicating assurance work organisations have already completed under SEC, BSC, or other industry codes, and call for mutual recognition rather than a parallel regime. This is now the most frequently repeated cross-organisational concern in the Design Consultation round.
  • The ‘zero-trust’ real-time consent-checking model (Q8) splits respondents along an operational/legal line: ScottishPower, Perse, ESG Global, and Octopus raise cost, latency, or proportionality objections and prefer a longer-lived token model, while Citizens Advice, Novoville, and East Lothian Housing Association support real-time checking as a stronger consumer-protection safeguard.
  • Funding has moved from ‘wholly unresolved’ (2024) to ‘broadly accepted in the short term, contested for the long term’: most 2026 respondents accept continuing the RECCo Cost Recovery Model with Hybrid Model B (assurance-cost-only) through MMP, but ScottishPower, SEC Panel, and Auth Energy (the project user’s own submission — see authorship note) each separately argue for a defined, time-bound trigger to review the enduring model — a concern not resolved by RECCo’s published rationale (see project memory on the four funding options and the undefined review trigger).
  • Several non-2024 respondents (RLBA, Novoville, East Lothian Housing Association, and to an extent Which? and Citizens Advice) converge on a theme absent from the 2024 rounds: that energy data consent should not be designed in isolation from the wider, fast-emerging property-data and digital-identity ecosystem (Digital Building Logbooks, UPRN-based identifiers, federated/Open-Banking-style IDV). This wasn’t a live design question in 2024 and reflects how much the surrounding digital-infrastructure landscape has moved since.
  • Auth Energy’s response — written by the project user, not an independent third party (see authorship note on that entry) — is the clear outlier of this round in tone and structure: the only 2026 submission to argue RECCo’s detailed design has materially exceeded the scope Ofgem actually decided in April 2025, organised as a formal call to action rather than as sequential question answers. Its critique of mandatory mTLS for bilateral ATP-EDP exchange (as opposed to CCS-facing interactions) is not raised by any other 2026 respondent in similarly technical terms, though Centrica and ESG Global separately raise related architecture-clarity questions. Treat this as a deliberately-argued position fed into the consultation, not as independent stakeholder corroboration of the scope-creep concern.
  • At least one submission in this round (DCC) is materially incomplete, with only two of 32 questions substantively answered — this should be read as a partial data point, not as DCC’s considered position on the unanswered majority of the consultation.
  • A cluster of comprehensively oppositional 2026 responses has emerged that goes beyond raising design objections to questioning the MMP’s basic viability or process legitimacy: EDF calls for development to be halted entirely pending a credible business case; SSE recommends the MMP be reclassified as a beta/pilot rather than a marketable product; Luxon Group proposes RECCo deliver only a minimal core and treat the rest as unjustified scope expansion; and ElectraLink explicitly states ‘a pause may be more appropriate’ given the volume of unresolved design issues. Three of these four (EDF, Luxon, ElectraLink) separately raise a related process complaint that RECCo has not been transparent about how Working Group feedback that conflicted with its preferred design was considered or why it was set aside.
  • n3rgy’s 2026 submission is textually identical, word-for-word (save the organisation name and one self-description clause), to Auth Energy’s — confirmed as the same author (the project user) filing under two organisation names, not independent industry corroboration. This should be treated as a single voice appearing twice in any consensus count.
  • The SEC-duplication theme deepened substantially in this batch: CGI IT UK (an SEC Other User of eight years’ standing) sets out in detail the three-part SEC qualification process it already completes, and is the only respondent to propose a specific, numerically-bounded ‘de-minimis’ exemption tier for small-scale or time-limited ATP use cases (research projects, pilots, common-ownership consumer apps) rather than simply objecting to one-size-fits-all accreditation in principle.
  • The ‘guest access’ question has split into a genuine two-sided debate in this batch: E.ON Next is the first respondent to argue, in sustained detail, that guest access is itself a design flaw (citing auditability, fraud-risk, and right-to-withdraw concerns), directly opposed to the broader pattern of support for guest access from RLBA, Meet George, Citizens Advice, Ohme, and others who see it as essential to reducing friction.
  • The non-domestic/microbusiness expansion question has emerged as a new axis of disagreement not present in 2024: Meet George and Stark take opposite positions, with Meet George pressing for a committed non-domestic timeline within 12 months of MMP go-live and Stark arguing no sufficient case for non-domestic CCS development has yet been made and that roadmap items implying future non-domestic scope should be removed altogether.
  • Several 2026 respondents now explicitly frame the CCS in relation to the DCC’s technical mechanics rather than treating the consent layer as separable from underlying data access: EDF raises detailed, protocol-level questions about how a CCS token would integrate with DCC Service Requests (which key on GUID/Device ID rather than MPxN), while Xoserve and CGI separately ask how Change of Tenancy — already a known weak point in industry data flows — will be detected and reflected through to consent revocation.
Last modified on July 17, 2026