The Privacy Iceberg

More years ago than I care to remember, I came up with an analogy to explain the fundamental dilemma of revenue assurance. Leakage was like an iceberg. Focus just on dealing with what you see, and you fail to appreciate how much is hidden from view, under the surface. But whether you see it or not, invisible leakage hurts the business just as much as visible leakage. So you have to motivate businesses to do comprehensive RA through a process of inference: “if we’re finding such-and-such leakage where we currently look, then we also need to spend time and money at looking for leakage elsewhere, because that might be worth even more.” These days, I tend to think some of the RA world has swung too far the other way. To continue the analogy, some people seem to believe we should buy submarines to go hunting for every last ice cube. So after years spent trying to persuade people to look harder for leakages, I find myself now arguing for balance – and saying there are some leakages too small to be worth looking for.

From the perspective of a risk manager, the argument for not chasing down every little leak is straightforward: it means money is diverted away from where it provides most benefit to the company. In other words, spending too much effort mitigating some risks inevitably leads to sub-optimal performance, and defeats the original purpose of risk management. If visibility was a problem for RA, it is more of a problem for risk management in general. Think of this way: how do you know you ‘see’ all the risks, and even if you do, how do ‘see’ the economic impact, which may be near impossible to measure? From this perspective, other icebergs loom into view. Take a look at this quote from the summary of a research paper on managing subscriber data:

[We expect] mobile operators will overcome privacy concerns and move forward with using subscriber data for targeted mobile advertising in such a way that protects subscriber data and complies with subscriber preferences and regulatory constraints

Hoorah! It sounds so simple. Deceptively simple. The thing with privacy violations, like revenue assurance, is that they may be ‘invisible’. Private information can leak without you knowing about it. So if you ask me, one of the biggest dangers facing telcos is the privacy iceberg: the accumulation of a great mass of personal data coupled with an overconfidence that you not seeing any leaks means there are no leaks. The experience of RA tells us leaks occur – even small leaks – because we do not look for them, and they are hard to spot. Why should we be optimistic that telcos will do so much better at keeping personal data private? And how hard do we look for the leaks before we conclude that it is not worth looking any harder? When the problem is revenue leakage, the cost vs. benefit argument is simple: how much does it cost to prevent a leak compared to how much is lost through the leak. Now consider a cost vs. benefit argument based around the privacy of your data. How much is your privacy worth, and whose measure do we take? If a telco overbills you, then the error can be refunded, but how do you recompense someone for the harm caused by a privacy violation?

Drawing on the experience of RA, I can only feel that the glib quote given above reveals a complacent attitude that runs right throughout the telecoms world. The same complacency existed in the 1990’s, when you tried to explain the potential for revenue leaks. In a connected world with lots of competition, customer trust and loyalty is worth an enormous premium. Just ask Apple, who benefit from the loyalty of their customers, and Sony, who must fear the backlash after the hacking of personal data on the Playstation network. Did Sony think they had done everything necessary to protect their customers’ data? I am sure they did. It was not enough. The privacy iceberg looms large, if we look at it properly. For those that choose to look the other way, it could sink them all the same.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.

1 Comment on "The Privacy Iceberg"

  1. Eric,

    Excellent points. I do think privacy has the potential of becoming a very big “bump in the night”.

    To be sure, guarding sensitive customer records is not the same as catching revenue leaks, but in the privacy case, there’s the added criminal magnet of identity theft via insider fraud and cyber hackers. In that context, privacy violations could be an even bigger black swan.

    But where you really hit home for me was your comment about “buying submarines to go hunting for every last ice cube.”

    Last week at the TMF show in Dublin I reflected on another submarine mission in telecom: wireless service assurance.

    There must have been 20 service assurance vendors on the Dublin exhibit floor touting their ability to improve the customer experience throught fine grain analysis of wireless network performance.

    But when I attended the conference session: “Changing your Culture to Offer Killer Customer Experience”, I discovered a disconnect because the two speakers who talked about B-to-C customer experience never even mentioned service assurance or QoS in their presentations!

    What’s more, the speakers were world experts. First up was Flavio Lang, the Customer Relationship Planning General Manager at Brazil’s largest carrier, Oi. And the second speaker was Brian Brueckman, SVP of Direct to Customer at T-Mobile USA. Brian led the same team who won the coveted J.D. Powers U.S. Telecom Customer Service Excellence Award seven out of eight years.

    So at the end of the session, I asked a question: Where do service assurance metrics fits in the bigger picture of customer experience? And here’s what I heard:

    Oi Brazil: “We developed a Platinum segment of customers which is roughly 7% of our customer base. And these customers also represent 40% of our gross margin. So if you do something wrong, don’t do it with these customers. . . “

    “In the end, customer experience is very simple. You only need to do three things. First, don’t make problems. Customers won’t call if they don’t have a problem. Second, if they call you, make it easier to get to the point where you can solve the problem. And third, solve the problem.”

    T-Mobile USA: “QoS measures are important but it’s not going to deliver a great customer experience by itself. Where you win is eliminating problems at the front end. Make your products easy to use and work.”

    “A great IT solution for a particular problem is really treating the symptom. If you have a problem that you need an IT solution for, it seems to say: ‘Wow, am I focusing on the right area?’ ”

    Finally the moderator, John Myers of Blue Buffalo Group (ex-Subex fame), chimed in: “It’s easy to throw technology at a problem, but you could miss the mark. Once you have the culture of customer experience excellence. Only after that’s in place can you bring in the tools. Only then do you know what you want to do for each customer group. “

    * * *

    I found this all to be great perspective. And it certainly begs the question: should telecoms spend big money chasing customer experience ice cubes with full-throttle service assurance submarines?

    Or can they get by with occasional sonar dips from the surface?

Comments are closed.