Intelligent CIO Europe Issue 05 | Page 37

+ EDITOR’S QUESTION TOM HARWOOD, CHIEF PRODUCT OFFICER AND CO- FOUNDER AT AERIANDI ///////////////// G DPR is mandatory – not a choice – and regulators will want to make examples of companies that don’t comply. For example, the ICO recently raided a firm responsible for making 200 million nuisance calls. But it currently relies on enforcing fuzzy rules around people giving inferred, rather than specific, consent for their phone numbers to be used in this way. It’s likely most fell victim to the ‘opt out of marketing’ tick box exercise we see on so many forms these days. The ICO is also currently limited by a maximum penalty of £500,000, which for some companies is worth the risk. This type of thing has reduced consumer trust in telephone calls from legitimate businesses and at times serves as another avenue for criminals looking to commit fraud. Essentially, these are spam calls. While this is not a new phenomenon, technology has enabled it to scale to a level where it is a significant problem. The same thing happened with email. It’s estimated up to half of all emails sent are now spam, because while physical junk mail is limited by production costs, email is free. Internet telephony, particularly Voice over IP (VoIP) services such as Skype, has dramatically reduced the cost of making phone calls. Add in an automation platform and you have the ability to run an operation that can remarkably make 200 million recorded calls and still turn a profit. Advanced telephony does, however, provide us with a range of tools to defend against this, including secure ways of providing credit card details using the telephone keypad, voice fraud detection and speech analytics. Voice fraud detection, for example, looks at far more than the user’s voice print; it considers hundreds, if not thousands, of other parameters. For example, is the phone number being used legitimate? Has it been used fraudulently before? These tools are www.intelligentcio.com becoming increasingly important in the fight against telephony misuse, but the ICO needs more teeth. With GDPR, the ICO’s position will be greatly improved for cases like this. Consumers will have more rights over how their phone numbers are used and the ICO will be in a better position to investigate and fine organisations making broad-brush marketing calls. While the ICO has said that it will take a ‘fair and reasonable’ approach to enforcement after the May 2018 implementation date, it is likely it will be looking to make examples of those companies that have failed to prepare for the changes. These businesses will have to comply or face the consequences. INTELLIGENTCIO 37