This article originally appeared on the BeyeNETWORK.
I have always been interested in the concept of:
It can be applied to many things. Some climbers of Mount Everest in 2006 would have benefited from the 1996 lessons of Into Thin Air. NASA could have learned from their own history before the Apollo I, Challenger and Columbia missions. Telecom service providers should take a look at recent events and see what lessons they could learn.
Ripped from the Headlines…
Over the past couple of months, two issues have captured the particular interest of politicians and the media. While one closely relates to the telecom industry, the other provides more of a cautionary tale. The first issue is National Security Agency’s (NSA) reported work to collect call detail records for data mining purposes. The second issue is the disappearance of the personal “identity” information for approximately 26.5 million people associated with the Veterans Administration (VA) via a stolen laptop.
In the current political atmosphere and public relations climate in the United States, these two current events have raised many interesting questions:
- Where do we draw the line in terms what data should be used and for what purposes?
- Who should have access to sensitive data, in particular personal “identity” information, and how should that data be handled?
“…the processes, tools, and technologies for turning data into information, and information into knowledge, and plans that lead to positive actions for the organization.”
For telecom service providers, this means the distillation of billions of call detail records and associated subscription information to determine, among other things:
- Who are valuable customers?
- What offerings can give us a competitive advantage?
- Which products are customers buying?
- Which customers use which services?
To marketing and finance organizations, these are interesting and lucrative questions that can impact the top and bottom lines of the balance sheet. They are also the main reason for the existence of the business intelligence organization. For the most part, the business intelligence organizations have performed their tasks using the data supplied by their customer stakeholders.
However, with the examples above, has much thought been put into how and how much of the information from the call and subscriber data should be used? The following are two interesting comparisons:
Car 54, Where Are You?
Anyone who has seen Mission: Impossible III knows how valuable it can be to locate where a wireless call originated (hopefully I’m not ruining the plot for anyone….). In advance of, and unassociated with, the film, Sprint Nextel launched a new service that “stole” some of MI-III’s thunder. This service allows parents to keep tabs on their children via a GPS-based service. This month Verizon Wireless is capitalizing by starting a similar service. For some of my friends with kids, this is an interesting concept. Is little Suzie at softball practice or the mall? Has little Jimmy strayed too far from the neighborhood? Peace of mind for the parents for sure, but maybe not so much for little Jimmy (particularly if his senior class prank involves crossing a “magical” geographic line….).
In a slightly different twist to the same use of data, a recent article talks about how the NSA could be using similar information associated with call detail records to track the location and movements of people around the United States. This situation raised the ire of politicians and pundits alike. On a “conceptual” level, it has raised civil liberties issues and privacy concerns about how information associated with wireless calls can and should be used. On a regulatory level, senators and congressmen started asking questions about the current, and possibly future, legal boundaries of this behavior:
- Does the data belong to the person who made the call?
- Does the data belong to the provider?
- Can either expect a level of privacy regarding that data if the police, FBI or the Justice Department comes calling?
Right Where I Put It, I Think…
Over the past couple of years, the loss of application data through backup tapes has become somewhat commonplace. In 2005, Marriott “misplaced” archive tapes containing credit card account information and identity information of about 206,000 time-share customers. Also in 2005, Bank of America lost data tapes with federal employee credit card information. This time, the data associated with 1.2 million people was lost. Both of these events had relatively low profiles due to the financial nature of the data and what may now be considered the relatively low number of “identities” involved.
Now, in the case of the missing VA laptop, comes the revelation that among the information stolen was identity data on not only veterans, but also of active duty personnel and their families. The 26 million “identities” was the number that vaulted this issue into the spotlight (for those keeping score at home, that number compare to the combined population of Ohio, Pennsylvania and West Virginia….), but now there are the added concerns about how this impacts our active duty service men and women. This new information represents, at best, great fodder if you are a political pundit or, at worst, a public relations situation headed toward nightmare if you are associated with the VA. The situation as a whole represents serious questions about how organizations work with and protect the personal “identity” data of their customer stakeholders:
- Who can access sensitive personal data?
- How is that data handled in terms of application development and testing?
- What are the rules associated with transport of sensitive data outside a secure facility?
- Who decides what constitutes sensitive data and/or a secure facility?
Smoke or Fire?
What knowledge can telecom service providers gain from the NSA and the VA? I believe that the lessons revolve around not only what data protection procedures are established and how those policies are followed, but also around how to set policies and procedures in advance of situations. Just as telecom service providers use their imagination for marketing efforts or fraud detection activities, they need to be just as creative as to the thinking surrounding using and protecting sensitive data of their customer stakeholders.
To be fair, both the NSA and the VA situations are probably being overblown and/or over-hyped based on the sensitive nature of their topics – civil liberties and mass “identity” theft. In the case of the NSA’s programs, there has been little in the way of confirmation from either the NSA (no surprise here…) or the telecom service providers who supposedly supplied data to the NSA. Most, if not all, of the providers listed in the original story from the USA Today have denied their involvement. One has gone so far as to threaten legal action.
In the case of the missing VA laptop, it would be my guess that the hard drive was wiped the day after it was stolen. It is hard to believe, but relatively easy to imagine, that a foreign group, government or terrorist organization targeted that particular laptop for the identity theft of active military service personnel.
In both cases, the public relations issues will probably be much greater than the actual problems associated with the situation. This is yet another lesson for publicly traded firms, like most telecom service providers. Oftentimes, the bad public relations of the situation will have a greater impact on the company (i.e., stock price, sales, etc.) than the incident that happened in the first place.
Unofficial Book of the Month – Silos, Politics and Turf Wars by Patrick Lencioni is an interesting fiction book about the real divisions that can crop up in any organization. An interesting read for anyone regardless of whether their organization is officially dysfunctional or not.
Interesting MBA Observation of the Month – During their recent IPO, Vonage experienced one of the worst “openings” in stock history. There are several reasons why Vonage chose to become a public company: formalized exit strategy, funding of expansion plans, etc. However, the intense customer/investor scrutiny and negative media visibility that have come with a falling stock price may not balance out the IPO windfalls of the management team and the initial investors.
Highlighted Event of the Month – This month I am going international withMobile Pricing: Tools and Techniques to Manage the Price War. Held in Cambridge (the UK’s version not Massachusetts) on July 12-14, this event intrigues me from a perspective that product and service development is only the start of an offering. The proper pricing can make or break an offering, and telecom organizations in Europe have a much better understanding for unit pricing than the typical U.S. model of subscription-based pricing.
John Myers has more than 10 years of information technology and consulting experience in positions including business intelligence subject-matter expert, technical architect and systems integrator. Over the past eight years, he has gained a wealth of business and information technology consulting experience in the telecommunications industry. John specializes in business intelligence/data warehousing and systems integration solutions. John may be contacted by email at John.Myers@BlueBuffaloGroup.com.