• Here’s why and how telcos could join together and play the responsibility card on Internet of Things with the proposition that the telco IoT business is not just about mining data: it’s about being the customer’s data custodian and, if instructed, its broker.

Last month a UK morning radio news programme featured an item on the popularity of Amazon’s Alexa digital companion. But the story became really interesting the next day when it turned out that broadcasting the word ‘Alexa’ had caused dozens of listening Alexas out in radioland to wake up and start chatting with their owners.

As a result the radio audience had suddenly realised that Alexa and the other digital assistants were permanently alert and listening. That, they all thought, was ‘creepy’.  “And what else were they listening to?” they asked the broadcaster the next day. “ How do we know that Amazon isn’t recording all our conversations?”

How indeed?

The ‘Alexa incident’ is just one of a slew of recent techno-privacy ‘moments’ which, little by little, have been waking the public up to what they should have known for a while: which is that if you’re not explicitly paying for something in the technology world, then you’re probably offering up valuable information in exchange for it.

People ‘sort of’ knew this already. They knew that Google collected information about our likes to better deliver ads, for instance.  But the Internet of Things (IoT) technology behind the recent problems and the increasingly intrusive services using it, have a way of sneaking up and surprising us all into ‘Ah-ha’ and ‘Uh-oh’ moments.  

There’s been the ‘listening Barbie’ incident – doubly shocking because it was apparently recording little girls. Very recently there has been news of both the UK and US spying organisations working together to bug television sets which could be deployed to record conversations.

And it isn’t just information-gathering in the spotlight. Online enterprises like Yahoo, TalkTalk and many more, seem to have a problem holding on to personal data once it’s collected, causing a steady stream of ‘big data’ thefts – complete with credit card details – and yet more public outrage. And don’t forget the biggest security worry of all – IoT device hacking to launch distributed denial of service attacks (DDoS).

As a result there are already reports of flagging interest in IoT because of privacy and security concerns. Is the still-emerging IoT industry about to shoot itself in the foot?

We say it’s already taking aim, but there’s still time to fix things and telcos can play a major role if they and the equipment suppliers/IoT application providers, step up to the plate together.  But first, a recap.

So far the world’s telcos have not generally joined in with Google, Samsung, Amazon, Apple and the rest in a mad scramble for data, despite often expressing a desire to do so. In both Europe and  America telco advocates often argue that they have been unfairly constrained by regulation and, not surprisingly, many have praised the most recent actions of the FCC’s new chairman, Ajit Pai,  in rolling back the FCC’s privacy requirements for telcos. They figure it will assist them to proffer IoT data-gathering business models on the same basis as their OTT rivals.

But instead of piling in with ‘me too’ propositions, when it comes to the deployment of IoT services, we think we can make a good case for telcos to get together with a common approach and to rise above the fray and differentiate themselves with a progressive business model. We’ve worked on an alternative pitch to the IoT consumer which might go something like this:

“The Googles and the Samsungs might be making a business out of taking your personal information and selling it off and keeping the profits. We are doing something different. First of all, we understand that it’s your data, not ours. So we undertake to collect the data you authorise us to collect on your behalf and look after it for you. We will send it to other parties and service providers – perhaps where doing so forms part of a warranty obligation – only with your permission.  

If you want us to sell your data, we will follow your instructions. Likewise when you want us to delete the data after a period we will do that too. Essentially, you are in charge.  In return, because we are not earning money from your data, we will charge you a small amount per month on your bill to fund the service.

It goes without saying that there will be no bad actor moves by the Telco IoT Alliance, such as recording or analysing customers’ conversations. Our slogan is  ‘Don’t bother asking – we’re NOT listening’”

Just as important as a set of solid terms and conditions, telcos will be able to flex their most important selling point: that their hard fought reputation for running bullet-proof networks and systems will be what they bring to the IoT party. Telcos will invest, not just in new systems, but on protecting the integrity of the their customers’ data.

And this is not ‘ethical’ window dressing. We will not be asking customers for ‘trust’ which won’t work because trust has long gone. Neither should a Telco IoT Alliance backstop itself with some sort of external regulation because that would be a sign of failure. The customer-focussed business model should be understood to be the result of enlightened self-interest, rather than sullen compliance to regulations.

The Telco IoT Alliance is simply offering the user a way out of the ‘should I tick the box to share my data’ conundrum with this straight-forward proposition – that the cost of ongoing connection has been worked into either the initial purchase price of the IoT gadget, or is compensated by a small subscription (or both), thereby allaying any suspicion that the missing revenue is being dragged back surreptitiously.

Where personal information is gathered and has value, users must be asked to opt in and share the value. Most important of all, telcos following this path need to proclaim loudly and rudely that they are doing so.

Because of multiple data privacy breaches and apparent bad faith by some players, the conditions are right to gain favour with the consumer market by uniting on an implicit pledge – not a dry as dust ‘document’ dressed up in cliche and words like ‘trust’ –  but to make it clear that the privacy and data stewardship aspects ARE the service, not just some extra words tacked on the side.

Here’s what we think telco customers should see in their contracts:

1. Customers will be able to cancel the data collection and cancel the use of the data. This is already a widespread issue for consumers when installing smartphone apps which ask for the rights to access various functions, but without offering context.
2. There needs to be an agreement posted by the third party service provider describing what kind of data is being mined and what they are looking for.
3. The third party provider needs to say how long it will retain the data.
4. The user must have access to the data to see that what has been said to be mined and stored is actually what is mined and stored.

Could telcos – should telcos – come together and pursue a user-oriented IoT service (rather than a rampant info-gathering one) and make this approach their unique selling point?

Certainly there is a need for the development of new technology to address the issues of integrity, data transparency, policy based handling of data, escrows, encryption, third party data handling, data exchange, and so on. But as things currently stand, very few companies are putting effort into overcoming the integrity challenge: at least compared to the effort being put into creating the challenge in the first place. Perhaps this is a vacuum that might be part-filled by the 3GPP.

Those who first see the commercial value in overtly and loudly taking the side of the customer could have a lot to gain. Let us know more about how you feel about this in the comment box below.

This blog is the fruit of a discussion betwen Ian Scales, Managing Editor, TelecomTV and Tord Nilsson, Director of Global Marketing at Dell EMC.