Artilium

Tuesday, November 17, 2009

Using personal data

It is generally a requirement for mobile operators to store the call detail records (CDRs) for some period of time mainly for billing and auditing purposes. Similarly internet service providers (ISPs) are required to store the IP detail records (IPDR). In banking all financial transactions are recorded in statements or financial transaction records (FTR).  While these records all have primary purposes for being retained for a period of time, there are secondary uses for the data by applying data mining and analysis.

Traditionally, CDRs are analysed to determine data on network performance by detecting dropped and blocked calls and for calculating or verifying customer bills. IPDRs are also used for performance monitoring and for detection of improper use.  FTRs are used to provide statements, for auditing and to detect fraud. With data mining these records can reveal even more about an individual and about groups of people. When combined they can give real insights into customer behaviour. Increasingly mobile operators have access to, not just CDRs, but to IPDRs from mobile browsing and FTRs from mobile payment systems. It would be naive to think operators will not utilise this data for customer intelligence and marketing activities. Without compromising customer privacy it is possible to intelligently match services and advertising to individuals based on the customer insights derived from live and historical data. The key to the privacy concern is that personal data is never given out to third parties unless of course the subscriber requests this via opt-ins. Third parties may provide the services and advertising, but the context matching needs done within the network operators domain if they are to have 100% control over the use of the data.

It is suggested that operators may abuse customer data privacy issues for commercial ends, but the evidence appears to be the complete reverse. Operators fear that if privacy is compromised, or is perceived to be compromised, their name will be tarnished and the commercial impact will be a lot of churn so their approach is a very cautious one. Meanwhile in the market for phone based applications the market is much less restrained. For example the free to download application for the iPhone called “Date Check” (i) allows you to enter a name and phone number, and the application’s “Sleaze Detector” looks for personal data about a person; if they are married, their marital history, property ownership, crime details including sex assaults, drug arrests and drunk driving, if they live alone with friends or parents. While this may seem like an invasion of privacy this information is available on request in many countries. The same is true of financial data where credit checks on individuals are very frequent.

In short, mobile operators have access to very useful data that give insights into customer’s behaviour, interests and financial status. However they are being very cautious in their use of this data since they have a lot to lose if they get the privacy balance incorrect. The mobile applications industry has less to lose and the attitude towards customer privacy is consequently more cavalier. Just because it is legal to access certain types of personal data does not automatically make it acceptable to the customer, and this fact seems to be well understood by most mobile operators.

(i) http://www.intelius.com/mobile, accessed 17 Nov. 2009