Encryption could spell the end of customer analytics as we know it
It started with a throwaway line at a recent analyst lunch. “Of course,” said a prominent analyst, “with ‘speedy’, operators are looking into a dark hole.” Those of us in the BSS world smiled intelligently and pretended to know what she meant. What she was actually referring to was ‘SPDY,’ an open networking protocol developed primarily at Google for transporting web content – soon to be replaced by HTTP/2.
A bit of Googling went on later that day, and we discovered that SPDY was actually owned by Google and was developed to “manipulate HTTP traffic, with particular goals of reducing web page load latency and improving web security”. It achieves “reduced latency through compression, multiplexing, and prioritization” (a not too popular word with net neutrality pundits).
This sounded like a good thing until – triggered by a press release from OpenWave that claimed 80% of traffic on mobile networks would be encrypted in 12 months – we dug a little deeper.
It turns out that the real problem for operators is that, according to The Register, SPDY (and its offspring – mainly HTTP/2) “employs ‘pointless encryption’ even for applications that don't need it – or, perhaps, are legally banned from using it – while doing little to enhance privacy protections for individuals.”
What this means is that operators cannot see what their customers are doing on their networks.
This has several ramifications. First, there are the parental control issues. If an operator cannot see what is travelling over his network, it has no way of blocking traffic that is offensive or that parents wish to be blocked. Parents, of course, are not the only people who want to filter content. Governments want (and sometimes need) to be able to filter content to cut off extremist nonsense influencing people who might subsequently commit heinous crimes on innocent people.
If operators can’t see the content that their customers are consuming, they cannot optimize their networks to deliver appropriate levels of quality to match the needs of the content.
More relevant to our own industry, this “darkening” of the web means that the analytics nirvana we all talk about is beyond our reach. Without the data to apply analytics to, operators are missing a crucial chunk of a picture. They will know where a customer is, what handset he is using, what price plan he is on, when he last updated his device, how old he is and where he lives. Possibly more. But they will no longer know what he is doing.
This, added to the other privacy issues triggered by Mr Snowden, makes for terrible headaches for operators trying to get a grip on what their customers really want.
With 80% of many operators' traffic encrypted by next year, will this leave mobile operators completely in the dark? It certainly seems so.
It may be that the Digital Service Providers where the content is coming from will have more information on what customers are doing than their operator colleagues. Between that, the ever-increasing paranoia over online data security and a long line of suppliers offering encryption and VPNs for everything else, network operators will have little left to analyze. They may have to build a whole new set of decrypting tools to have any chance of knowing what is going on – assuming the regulators will ever allow it.
Ovum predicts that there will be major opportunities and challenges for the TMT sector