Blog

Broadband Consumer Privacy Changes and Implications for Internet Service Providers for Business Intelligence

March 31, 2017

On March 23, 2017, the Senate approved a resolution to undo Obama administration Federal Communications Commission (FCC) rules relating to internet privacy and Internet Service Provider (ISP) ability to collect, use, and share this information which puts ISPs on equal footing with over-the-top (OTT) service providers like Google and Facebook under Federal Trade Commission (FTC) requirements.

FTC Stance on Privacy

The FTC issues best practices reports, urges opt-in policies, and consumer education about data privacy while still taking a hard stance on important safety issues like children’s on-line privacy matters and protection of information that could lead to identity theft. Three key tenants of the FTC stance are:

  • Privacy by Design: Companies should build consumer privacy protection into every stage of product development including customer data security, limited collection and retention, and procedures that promote data accuracy.
  • Simplified choices: Consumers should have the option to decide what information can be shared and with whom without the mechanism to do so being overly complex. Something like a simple “do-not-track” where consumers can control the tracking of their online activity.
  • Greater transparency: Companies should disclose details about their collection policies and how consumer information is used, including consumer access to the data collected from them.

FTC Requirements:

2016 FCC Policy Summary

By contrast, the October 2016 FCC actions (FCC 16-148, Adopted October 27, 2016 – link here: https://www.fcc.gov/document/fcc-releases-rules-protect-broadband-consumer-privacy) took the path to regulate rather than recommend. The action justifies this by claiming ISPs are the gatekeeper at a privileged location in the network where they see 100% of a user’s unencrypted traffic, while Google, Facebook, and Twitter see an estimated 25% of the web page traffic. Of course, one important distinction is that from the ISP perspective a majority of the traffic is encrypted and the decryption occurs at the OTT provider where the information includes audio, video, pictures, commentary, timeline, and location – virtually everything you would ever want to know about an individual.

FCC Requirements: https://www.fcc.gov/document/fcc-releases-rules-protect-broadband-consumer-privacy

Among the FCC regulation requirements are:

  • Transparency: Carriers must provide privacy notices about the information collected, how they use it, circumstances under which they share it, and entities they will share it with. It also requires the customers to be able to opt-in approval for sensitive information and opt out approval for non-sensitive information.
  • Data security and breach notification rules: Rules around contacting government officials and affected subscribers if a security breach happens.
  • Prohibit a “take it or leave it” stance by service providers when offering their internet services as well as heightened requirements when offering incentives for subscribers to opt-in to the data collection and use policy.

The NTCA – Rural Broadband Association (www.ntca.org) describes the resolution to overturn the FCC’s 2016 policy as putting the ISPs on equal footing as the OTT service providers.

What should an ISP consider in light of these developments?

The ability to collect and analyze subscriber on-line information is powerful for streamlining operations, improving customer experience, and opening new revenue opportunities. The key decision for the ISP is to balance monetizing subscriber information with their willingness to provide it and the ability to keep it securely and cost-effectively.

The Yaana Technologies portfolio of compliance, retention, and analytics products and services addresses these issues for the ISP and empowers them to make important decisions on what and how much information to collect and store.

Yaana’s NetDiscovery service allows for a cost-effective, secure, and flexible data retention solution for service providers. The Data Retention System (DRS) can be hosted at the ISP or in Yaana’s highly secure data center. The DRS provides for unstructured data storage which allows service providers to determine what kinds of records they want to store. DRS benefits are:

  • Leveraging Yaana’s highly secure DRS environment meets and exceeds security requirements
  • Cost per record savings
  • Flexible data retention information options and policies.

Yaana’s Data Analytics System (DAS) provides a flexible and agile framework for analysis of key performance indicators in the ISP network. This information can provide business insights to optimize costs, recognize VIP customers, and enhance customer experience. The analytics results can also be monetized for attracting marketing revenue without compromising subscriber privacy.

Coupling Data Retention and Compliance Solutions for Cost Savings

Yaana’s NetDiscovery Compliance Services are being used by over 600 network operators in the United States and many more globally to provide government legal compliance. From a technology perspective, data acquisition technology and network analytics technologies boil down to the same thing. By utilizing Yaana’s data acquisition solution in addition to the DRS and DAS systems, one environment can provide compliance, operational cost savings, and increased revenue, potentially turning the cost sink of compliance into a profit center.

The reversal of the FCC regulations affords ISPs the same opportunity as OTT service providers, but must be tempered with subscriber acceptance of the network data policy. In this brave new world, ISPs are empowered to carefully consider opportunities and risks associated with network data, and align with strategic partners for effective, secure, and non-intrusive solutions.