Cellular subscribers' personal information is strongly protected under RICA, with the network operators and their contractors facing potentially heavy fines and sanctions, should there be any breech, says Swist Technology Solutions (Swisttech) MD Yanesh Ramiah.
Stellenbosch-based Swisttech is an operational systems support developer that specialises in providing systems to the telecommunications operators. This includes tracking, monitoring, and analysing subscriber behaviour and information aimed mainly at ensuring network performance and prevention of fraud.
Vodacom is Swisttech's major client; however, the company is looking at expanding its services to other telecommunications operators, especially in Africa.
“Telecommunications operators around the world face similar issues and challenges, and this includes ensuring their networks are running optimally and that they are on guard against its misuse,” Ramiah says.
The Regulation of Interception of Communications and Provision of Communication-Related Information Act (RICA) came into effect from 1 July, meaning the networks have to register their prepaid and contract subscribers within 18 months. They also have to keep detailed records of these customers for up to three years. The aim of this legislation is to help the law enforcement authorities to track criminal behaviour, although a court-issued warrant has to be obtained first.
Monitoring the estimated 40 million SIM cards and 250 million calls made on average per day in SA is a mammoth task for the network operators in terms of the Act.
Vodacom's Oracle database, which collates its subscriber information, is considered to be one of the largest in the world.
“The requirement to prevent fraud and to allow the police to track criminals has always been there. So has the requirement that they need a warrant,” says Michael Hamilton, Swisttech GM for development.
User profiling has always been important for the network operators to help boost average revenue per user, ensure network dimensioning (ensuring base stations located in high call areas have the correct capacity), and that calls follow the least-cost path to their destination.
Hamilton says the systems the company has developed help a network operator to obtain detailed data going back three years and summary data right back to the beginning of the system's start.
“This helps with fraud prevention as we can see from a user's profile that he or she uses their phone in a certain way and only spends a certain amount of time and money doing so. When there is an aberration in this pattern, the network operator can be alerted and the user queried if all is fine,” Hamilton says.
Data collated is kept separate and under strictly controlled physical and software security conditions. The servers containing the personal data are physically secured in “cages”.
Law enforcement agencies, such as the police, are provided with a Web-based front-end; however, they must have a case number and warrant to access the system.
Once that information is supplied and verified, only then will the identity of the subscriber be matched with the call records and then a physical form in the format of an affidavit will be printed that can be used in court.
“The call records and the subscriber information are kept totally separate. We, as developers of the system, have not got actual access to the subscriber information. If we leaked any of that information, then we can be held liable and be fined up to R10 million,” Hamilton says.
Related stories:
An Act of nightmare proportions
Operators walk the talk
Cellular law an 'inconvenient fact of life'
All ready for mass subscriber registration
Share
