Since the advent of the information age we have an abundance of data at our fingertips, and while this has brought massive benefits it has also raised questions of personal privacy and data security.
Privacy has always been a hot-button issue when it comes to the web, whether it’s a data breach or sharing of personal information on social networks, but with the rapid rise in mobile applications and related areas such as location-based services and in-application billing, the need to obtain and manage user consent has risen to the top of the agenda.
Recently consent was in the spotlight when new restrictions were proposed on how the US Government and firms collect and use customer location data. The two senators championing the changes called specifically for companies and software developers to get express consent from application users before sharing location information with third parties.
An ever-increasing number of business and brands are recognizing the marketing potential of location-based services. Just last month group-buying site Groupon announced it wants to start collecting location information from phones in order to tell people about deals in their vicinity, even when the Groupon app is not running on the device —but only after obtaining user consent.
With location-based deals like Groupon and other couponing apps increasing in popularity, consumers are also changing their attitudes towards privacy and sharing their data. A recent survey, carried out by location-based ad sale house JiWire, found that over two-thirds of UK mobile phone owners and 53 per cent of those polled in the US say they would opt-in to location services to receive relevant content. This shows customers are much more willing to provide access to data such as location if there is a perceived value to the service.
Aside from location, obtaining and managing user consent is equally important for other enablers such as customer profile and direct-to-mobile billing. For example, a Pizza Delivery app may include features allowing the customer’s name and address details to be retrieved directly from the mobile operator, and for the ordered goods to be paid for via the customer’s mobile bill. Both of these interactions between the device application and the operator require the customers’ consent to be obtained and optionally held (usually for a defined period), whilst keeping the customer experience as streamlined as possible.
With the emergence of intermediaries such as Mobile Cloud Providers that provide cross-operator access to mobile network and billing capabilities, the interactions between the various stakeholders in the application delivery value chain can become multi-directional. For example, an application developer may use a Mobile Cloud Provider’s APIs to access location data or make a payment request against a specific end-users mobile account, often from within the application itself. However, the mobile operator is still the ultimate custodian of the customer’s data and must ensure that customer consent is obtained and retained for all applications, even when it does not have a direct relationship with the application provider.
For all of these reasons, Consent Management has become an essential feature of platforms that expose network and billing APIs towards 3rd party application developers, whether these APIs are exposed by mobile operators directly, or indirectly via intermediaries such as commercial Cloud Service Providers and industry collaboration initiatives (for example, GSMA OneAPI and the Wholesale Application Community). Aepona’s Universal Service Platform (USP) incorporates comprehensive Consent Management functionality, allowing explicit end-user consent to the obtained over multiple channels and maintained for all applications and types of interaction with the end user, for both the direct and indirect scenarios referred to above.
In summary, obtaining and managing end-user consent has become a critical requirement for any Service Provider offering 3rd party application developers and content providers the ability to interact with end-users. This has been brought into focus recently with the proposed legislation in the US regarding location data, but is equally applicable to other enabler services such as direct-to-mobile billing and customer profile data.
