The role of Telco in a privacy-conscious future
Privacy concerns are at an all-time high and will keep growing
Privacy can be defined as the state of being free from unauthorized intrusion and the ability to protect your property from being exploited. Framed this way, it is evident that privacy is not a new phenomenon that arose in the Internet age. It is a long-standing fundamental and universal need and human right1,2.
The explosion of the data economy and its unintended consequences is the key reason behind this growing concern. The sheer amount of customer data collected by companies has been growing exponentially thanks to the proliferation of connected devices and digital services. Unfortunately, personal data has been shared consciously and unconsciously and subsequently misused. In 2015, the University of Pennsylvania looked at the top 1 million most popular websites and found that 90% of them leaked personal data to an average of 9 outside domains, where that information was tracked and used for commercial purposes. A large proportion of those domains were owned by Facebook or Google.
An evident paradox exists. On one hand, consumers cite privacy as a concern, perhaps fueled by Cambridge Analytica-type press reports, yet on the other, are willing to trade their personal data in exchange for nominal value (i.e. an email address for a discounted Pizza). Other value exchanges are perhaps more equitable, such as the use of Google Maps in exchange for targeted adverts.
However, most enter into the value exchange contract with a degree of unconsciousness.
- Whilst legislation such as GDPR in Europe and CCPA in the US has sought to bring transparency to the situation, 99% of people do not have the time nor inclination to sieve through the endless pages of opt-ins and opt-outs. Creating complexity has been a conscious tactic.
- As such, most are unaware of the depth and breadth of data being collected and how it is used and sold to other companies. For instance, only 14% of Internet users realize their browsing history is being tracked4.
- Almost all are unaware of the ease by which data aggregators are able to acquire data and how easily and frequently they get hacked, as exemplified by the millions of records hacked from Apollo, Exactis and Verifications.io. 99.99% of consumers have never heard of these companies, let alone given their explicit consent to share data with them.
The situation is not isolated to Internet browsing. Many apps sold for Google Android devices contain trackers that leak personal information when not being used. In a 2010 study, a German federal agency found that Google street view cars were not only taking pictures, but scanning Wi-Fi networks and gathering personal data from unencrypted transmissions which led to a subsequent investigation that found Google to have broken laws in 9 out of the 12 countries investigated.
This does not mean the status quo should or will remain. We anticipate increased societal consciousness and a heightened call for action. It could be that we reach a watershed event, possibly precipitated by actions and interventions related to COVID-19, such as the anticipated tracing app (which could generate an Orwellian surveillance backlash).
Figure 1 – Key trends affecting public concern about privacy
Key data economy players have largely failed consumers and are unlikely to change
Today, a handful of technology and social media platforms yield disproportionate power and influence on the data economy and the use and protection of consumer data. Their dominant digital consumption position (as illustrated in Figure 2) could suggest they are perfectly positioned to take a moral stance and proactively shape an appropriate regulatory framework to safeguard consumer privacy and data. In truth, whilst grandiose statements have been made, such firms have largely been paying lip-service, not altogether surprising given their inherent conflict of interest.
Figure 2 – Share of screen time in the US - 2019
Source: Nielsen; Delta Partners analysis
The challenges are obvious: Google and Facebook generate 98% and 84% of their revenues from advertising, Apple is pivoting its revenues towards services and applications and all are seeking to leverage artificial intelligence (AI) and machine learning to enhance their personalization capabilities. Customer data coupled with AI is the fuel of the data economy. The sheer scale of these platforms gives them an untouchable level of competitive advantage. Oligopolistic many would argue. In 2015, a study found that visiting the 100 top websites would result in the collection of 6,000 cookies, of which 83% came from 3rd parties, not the websites. Google’s tracking infrastructure was found to be active on 92 of the top 100 sites.
As such, we should not expect the FAANG community to proactively drive the agenda.
Equally, the current regulatory frameworks are insufficient. Despite the recent efforts by the EU (GDPR) and the Californian state (CCPA) to govern privacy, the impact of their interventions have been limited, as noted by the EU Commission study in 2019 on GDPR5. As long as the penalties remain low, companies will not be incentivized to heighten their privacy standards.
“At consumer level, there is no relationship between awareness of GDPR and level of feeling in control” (EU commission, Jun 2019)
More stringent regulatory frameworks are required yet the current situation has been shaped by very conscious historical interventions such as the dismantling of the double movement, the decision not to implement the Fair Trade Commission’s (FTC) automated protocol that would have limited information extracted by cookies and, following the events of September 11th, the introduction of the Patriot Act which loosened surveillance regulations. The subsequent collaboration between the National Security Agency (NSA), CIA and Google on search and behavioral pattern analysis created a mutually beneficial relationship between the parties and a license for Google to extend its surveillance activities.
So what? Lobbying for a more stringent regulatory framework, appropriate for the digital age, is clearly necessary but not sufficient. Whilst more regulation is needed, giving customers control and choice in how they share their data and ultimately benefit from doing so is also good.
We made reference to the notion of value exchanges earlier, whereby customers are rewarded for sharing their data. The question is how do we shift what has been a largely asymmetric relationship, in favor of the 3rd party (i.e. social media surveillance capitalists) to a more mutually beneficial and equitable model.
Going forward, the value of such data will increase significantly. As AI and personalization technology continues to mature, having the ability to perfectly tailor products, services, medicines, experiences and beyond to the individual (before they even know they want or need them) will create significant value for companies across all sectors. The stakes will get higher. In his articles for the New York Times, Jaron Lanier suggests the average household could conceivably generate circa. $20,000/annum in ‘selling’ their data to 3rd parties through some form of brokerage. Whilst we believe such a quantum is optimistic, we do not dispute the concept and its relevance. But how could this happen in the current asymmetric and unregulated reality?
Opportunity for Telco’s to become trusted data custodian?
The current situation leaves a void that could offer a very meaningful opportunity for telecom operators. Operators have been routing and switching sensitive data for decades. It’s what they do. Whilst it is true they also use (subject to opt-ins) customer data to personalize services, their core business is not advertising funded and they are arguably well suited to play the role of a trusted data broker or data fiduciary, arbitrating between consumers and an ecosystem of businesses.
Such a role could potentially elevate the industry (in terms of positioning with customers, redressing years of disintermediation) and reset power lines with tech players. Most operators have long-standing trusted relationships with their customers and have a comparatively clean track record, in terms of data usage and privacy protection.
To play the data custodian role, telecom operators will need to execute a number of actions:
- Become privacy advocates, promoting awareness, educating consumers and agitating for regulatory change;
- Lead by example by setting the highest internal privacy standard, providing subscribers with full visibility, control and choice over their data and its use;
- Help customers preserve their privacy while dealing with 3rd parties, acting as an intermediary between individuals generating data and companies that use it. This intermediation would encompass a number of dimensions including;
- Allow customers to choose who can have access to their data, for what purpose and on what terms (leveraging OS cloud technology)
- Create an ecosystem of participating 3rd parties (retailers, banks, financial services and beyond) underpinned with a data exchange
- Help customers monetize their data and reap direct financial rewards by facilitating and overseeing a value exchange
By doing so, operators have an opportunity to position themselves in the middle of the data economy. Unlike many other potential areas of growth (e.g. OTT video, e-commerce, fintech, etc.) where Telcos are frequently playing catch-up, becoming a trusted data custodian could offer meaningful opportunity in a relatively unoccupied space.
Operators that succeed will have a unique value proposition to offer customers, creating brand equity and differentiation in the market. Beyond the positioning benefits, direct value creation would be generated via 3rd party transaction and/or licensing fees in addition to incremental customer stickiness and possible ARPA uplift (through personalized offers).
To participate in this area, operators would need to develop new tech capabilities. Blockchain has been explored by several privacy startups in a bid to create a scalable and immutable data ledger where individuals can decide who should have access to specific data in a secure and traceable manner. New frameworks are being developed to allow the user to revoke access or ‘claim back’ the information once it has been used for a given purpose. There are still some questions that need to be resolved (such as the inability to erase personal information from the blockchain itself, impeding the ‘right to be forgotten’).
Additional challenges include consumer awareness, 3rd party participation interest, value exchange immaturity, appropriate regulation (or lack thereof) and organization skillset.
All in all, privacy remains a highly relevant and unresolved issue of our time. Like many complex and challenging situations, it offers up interesting opportunities and for once, opportunities that could conceivably be addressed by telecom operators. However, the industry has historically been plagued by indecision and inherent conservatism. Succeeding will require real conviction. So who is willing to place a bet?
1 Privacy and human behavior in the age of information, Acquisti, Alessandro and Brandimarte, Laura and Loewenstein, George, Science, 347(6221), 509--514, 2015 [JEL]
2 Should animals be given the right to privacy as well? Mills, B., 2010. Television wildlife documentaries and animals’ right to privacy. Continuum: Journal of Media and Cultural Studies 24 (2), pp. 193–202.
3 SAS Data Privacy study: Are you concerned? – 2019; Axios – 2019
4 Customer Data: Designing for Transparency and Trust, Timothy Morey, Theodore Forbath, Allison Schoop – Harvard Business Review – May 2015
5 Special Eurobarometer 487a – European Commission June 2019
Andrew is a Senior Partner based in our NYC office. He has over 21 years of strategic consulting and M&A experience and has worked with major telecommunications, media and technology / digital firms in the US, UK, Ireland, Sweden, the Middle East, Africa and Asia.
Anton is a Principal in our San Francisco office. He has over 10 years of strategic consulting experience in TMT space with focus on customer experience, digital transformation and value proposition revamp. Anton holds MBA from Wharton School of the University of Pennsylvania and MSc in Management from London Business School.
Francesc is an Engagement Manager at Delta Partners’ Dubai office. His area of specialization includes digital strategy, sales & distribution and strategic business planning. At Delta Partners, Francesc focuses mainly on the telecom and tech clients in the Americas, Western Europe and the Middle East. Francesc holds a Master in management from HEC Paris and a bachelor’s degree in business administration from ESADE.
If you would like to contact the author to further discuss this topic, you can email to:
© 2020 Delta Partners.