The Rwanda Utilities Regulatory Authority (RURA) has imposed a fine of Rwf7, 030,000,000 (U$8.5M) for being “non-compliant” with its “license obligations.
RURA in its capacity as a telecommunications regulator says that MTN Rwanda Limited implemented IT managed services under an MTN Regional hub outside the country, which is in contravention with the directive earlier issued.
“MTN Rwanda Limited proceeded with this implementation despite having discussed the matter with the regulator and having been warned that such action would constitute a serious breach of license obligations and appropriate measures would be taken,” RURA said in a statement.
MTN Rwanda has apparently admitted it breached the law instrument.
But what exactly is the substance of the matter? Why the big fine?
Sources told Taarifa that MTN has basically been allowing a third party to access ‘Big Data’ from outside Rwanda.
This data, we are informed, includes consumption patterns of MTN subscribers, that is to say, details of phone calls, sms, internet, and they can actually listen to your calls, if need be.
They can even access your recorded phone calls, internet browsing details, and much more.
MTN being the leading telecom, with over four million subscribers, stores a huge database of collected data on Rwandans for over two decades.
The Rwandans include everyone who has been on MTN network, and the President of the republic of Rwanda being one of them, apparently.
More so, government is the biggest client of MTN. Security agencies, government ministries and other agencies all are on MTN network. The Rwanda National Police, The Army, The Prisons (Correctional Services), Intelligence Agency and many others are all on MTN network.
It is more than just breaking the law; it is an attack on Rwanda’s sovereignty. It is a national security matter.
Why would MTN allow access to the data?
Let’s begin with understanding the term Big Data.
Big data is a term for data or a collection of information sets that are so large and complex than traditional data processing applications and software can handle.
Some of the challenges of big data include capturing, storing, analysising, data curating, searching, sharing, transferring, visualization, querying, updating and information privacy.
The term “big data” is habitually used to mean ‘predictive analytics, user behavior analytics, or certain other advanced data analytics methods that extract value from data, and seldom to a particular size of data set, according to IT experts.
What matters in the Data Usage business, is not the quantities of data available in the data ecosystem, but the relevancy of this data, the analysis of data sets and finding new correlations to spot business trends, prevent diseases, combat crime or even worse, cause crimes, disrupt markets and so on.
Why is Big Data important?
The importance of big data doesn’t revolve around how much data you have, but what you do with it. You can take data from any source and analyze it to find answers that enable 1) cost reductions, 2) time reductions, 3) new product development and optimized offerings, and 4) smart decision making. When you combine big data with high-powered analytics, you can accomplish business-related tasks such as:
Determining root causes of failures, issues and defects in near-real time. Generating coupons at the point of sale based on the customer’s buying habits. Recalculating entire risk portfolios in minutes. Detecting fraudulent behavior before it affects your organization.
How is this relevant to MTN’s case?
MTN’s IT hub has a collection of data experts. Their job is to facilitate MTN in figuring out market strategies using data. Strategies include, understanding individual subscriber consumption patterns and thus coming up with packages that suit those clients.
But that is not the problem because all telecoms have this data and that is what they use to strategies for marketing and growth purposes. The issue is that, this data is accessible by another person outside Rwanda. Yet, by law, MTN must protect the data and ensure it does not leave its office, virtually or physically.
Now, this big data is accessible from Uganda. RURA had categorically prohibited the inclusion of MTN Rwanda in the MTN South and East Africa IT hub based in Uganda.
And MTN Group says has been “engaging with the regulator” on this matter over the past four months and MTN Rwanda is currently studying the official notification and will continue to engage with the regulator on this matter.
Normally, data experts are very expensive. Other telecoms in Rwanda have their data experts kept in-house. If it is in imported expert, the person has to be vetted by security agencies for obvious reasons. It is only MTN that has dared the regulator by only using unscreened experts, but also exporting sensitive data out the country.
What are risks involved in such a case?
With the current cyber attacks lingering around the world, it is very threatening that MTN allows access to such data from abroad. This poses a number of risks. One, anyone from MTN can leak this data to anyone, either for financial gains, criminal gains or personal benefits.
Another risk is that this information can easily be hacked. Assume a hacker intercepts the flow of this data? What could Rwanda do? What could MTN Rwanda do?
Meanwhile, this is not the first time MTN Rwanda is fined by RURA, although the cases are different.
In 2012, a Rwf3million daily fine was slapped on MTN over poor services, network failures, dropped calls, unclear calls and slow internet.
As of now, the Rwf7 billion fine has huge consequences. The fine is equivalent to roughly MTN’s monthly revenues. Also, 20% of MTN being traded on the Rwanda Stock Exchange as Crystal Telecom means shareholders will directly be affected if the fine is upheld indefinitely.
Nevertheless, for many, MTN being fined is not a new phenomenon. The firm has arrogantly been playing push and pull with the regulator for years. At first, MTN acted on the basis that it was “big” and “influential.”
“We have constantly been mistreated as customers by MTN, but the company cannot listen, they are just arrogant,” one of the customers who preferred to not be mentioned said.
The fine has also attracted a debate on social media. One of the recurrent subject was that MTN is feeling the heat of competition and is trying all means to maintain its’ “big boy” status. But at what cost?
The Rwf7bn fine, according to RURA, has accumulated from a daily administrative fine of Rwf5 million from October 26, 2014 to June 27, 2016 and a daily fine of Rwf15m from June 2016 28, to March 20, 2017.
MTN Rwanda has not made any comments. The company’s Public Relations Officer, Teta Mpyisi, told Taarifa that, “For now that is the official statement from MTN until further discussions with the regulator.”