Malawi’s Regulator Implements Technology for RA… or to Spy?

The Malawi Communications Regulatory Authority (Macra) is reportedly buying equipment to check call records of all phone subscribers in Malawi, despite protests from operators and consumer rights groups. You can read the story here and here. Macra’s new technology is called a Consolidated ICT Regulatory Management System (CIRMS) and was supplied by Agilis of the US as part of a reported USD6M contract. The regulator states that the purpose of CIRMS is to monitor RA, fraud, QoS and spectrum management. However, those opposing the regulator state their fear that the technology will actually be used to invade the privacy of customers.

Taken at face value, it is reasonable to question why a regulator would directly test for integrity of revenues and look for frauds. Telcos are businesses, and are already motivated to enhance the bottom line by implementing any and every check that would support this goal in a cost-effective manner. The story in the Nyasa Times highlights this point of view:

Telecom operators submitted that they did not have any problems with the collection of Quality of Service data using the device. However, they argued that to verify the volume of traffic for revenue and Fraud management functionalities “seem to be questionable as to whose interest the authority it will be done.”

Why should a regulator hence duplicate the efforts of telcos? One simple conclusion would be that the regulator’s motives are not what they say they are. This is the line being taken by sections of the press concerned that customer privacy is being abused to satisfy security objectives. It is also possible that the regulator has a different objective, which does link to revenues, but which is not properly explained to the taxpayers who, one way or another, fund the regulator’s activities. After all, failing to bill customers does not harm customers, so, put simply, RA is not an activity that directly benefits customers. However, if the government benefits from increased tax due to reduced revenue leakage, then that would give the regulator a straightforward motive for introducing what is effectively an automated audit of telco revenues. Evidence that this is the real driver for CIRMS was reported in the Weekend Nation:

…Minister of Information and Civic Education Symon Vuwa Kaunda on Thursday defended the project, saying it is there “simply to monitor revenue generated by the operators and not to listen to phone conversations.”

“Tax was removed on handsets and imposed on airtime. Government has no mechanism to monitor revenue generated by these operators. We are at their mercy. They declare at the end of the year how much they have generated. They can give any figure. The facility is to do with revenue generation to help MRA [Malawi Revenue Authority] tax accordingly,” said Kaunda.

In other words, the government interferes with the free market by imposing a tax on airtime – effectively a tax on consumers – and then feels compelled to follow-up by auditing its tax revenues. This behaviour, which is not in the interests of customers, is then mangled with messages about QoS and spectrum management to confuse customers about how the government spends their money in order to tax them more, under the guise of regulating the telecoms market. It is small wonder that some might perceive more draconian goals when they try to see through the obfuscation.

Over the years, I have taken a consistent line on stealth taxation of communications services. When governments levy taxes and charges directly on services, and not just on the profits of the businesses providing those services, they hurt their own economy, and undermine their own tax base. Communications fuel wider economic growth. The lower the cost of communications, the better for growth. Taxing calls and texts is economically regressive. However, some governments love to use telecoms as a way to get money from the people without the people knowing, in the hope that subscribers will blame high usage charges on the greed of telcos.

The actions of Malawi’s regulator also highlights the thinning line between where RA stops and surveillance begins. Their only riposte to the accusation that CIRMS will be used for spying is to say they will not use it for spying, and that such use would be illegal. They do not deny that CIRMS could be used for spying on customers. Relying solely on a legal barrier to the improper use of technology provides little comfort to customers. They can look at the behaviour of totalitarian governments, or at the repeated stories about violations of customer privacy worldwide, and draw their own conclusions about the desirability of systems that enable mass surveillance. It would be better for RA to keep well clear of this line in how it audits the integrity of revenue streams. Better still, governments and regulators should be genuinely transparent about why they implement monitoring systems, and the safeguards they will put around them to prevent misuse.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.