By Dr Pieter Streicher, managing director of BulkSMS.com
It seems a bit crazy to call a technology that is coming up for its twentieth birthday a “veteran”. But if you consider the massive explosion of digital communications technology over the past few years, you start to realise just how long SMS has been around for.
Not only that, but SMS has also proved to be an amazingly adaptable technology. For instance, it has often been predicted that the rise of the smartphone would be the death of SMS. Quite the contrary, however: a survey from social communications agency CloudTalk showed that text messaging was the number one activity Americans used their smartphones for, with voice calling in fourth place.
Indeed, ABI Research reported that there were 4.2 billion users of SMS globally at the end of last year, and Portio Research predicts a massive eight trillion SMSs will be sent in 2011, up from 6.9 trillion in 2010.
There are a number of reasons for SMS’s amazing staying power, and I’d argue that top amongst them are its ubiquity; the fact that it is an asynchronous communication channel; and its robustness.
SMS is an open standard that was accepted by and included in the GSM cellular standard. This means that every GSM cell phone has to support SMS. In addition, due to SMS’s popularity, even the competing cellular technology, CDMA, has incorporated SMS. (And if you remember the almost religious wars between GSM and CDMA in the early 2000s, you’ll realise what an achievement this is.)
Because SMS is an open standard, it is not linked to one organisation in the way that communications such as Facebook, Twitter and even Skype are. If anything is a certainty in this day and age, it’s that nothing is certain when it comes to social media. Look at the demise of Myspace – once the king of all social networks. So for consumers and businesses alike, SMS’s ubiquity reduces the concern that it might one day simply “go away”.
Another result of SMS’s ubiquity is that it is linked to a person’s cell number, rather than another naming convention like a username. So if you have the cell number for a person, you know that you can reach them via SMS and that they can immediately read your message, without any complicated set-up.
As the CloudTalk survey shows, people are talking less and using asynchronous communication channels such as SMS and instant messaging more. This has a lot to do with the increase in information and communication we have to deal with every day, especially thanks to an increase in cheap communication channels. We are no longer prepared to interrupt whatever we are doing to accept a call, for instance. Even voicemail is beginning to be seen as an intrusion, with more people requesting an SMS rather. SMS however, offers the two-way nature of a real-time interaction but allows each party to respond in their time.
SMS uses the same signalling systems that are used to set up calls over mobile networks. In addition, there is no denying it is an expensive communication channel compared to some others, which helps keep volumes down. This means it can be used for mission-critical communications, such as banking alerts, or emergency notifications. SMS does not need internet access to work, and oftentimes even when calls cannot go through in a low coverage area, an SMS can be sent and received.
Businesses also need a stable technology, for example, to inform their customers that their car is ready for collection after a service; or to make sure marketing communications are sent out at the right time of the day, to the right people; or to allow customers to opt in to communications at the point of sale or other brand engagements.
In addition an eco-system of application-to-person (A2P) bulk SMS providers has emerged. These service providers both ensure a certain level of quality of SMS routes, and can effectively integrate bulk SMS services into existing business systems, providing an easy-to-use service plus reporting and other administration functions. Juniper expects A2P SMS messaging to overtake person-to-person SMS by 2016.
So while SMS might not be seen as user-friendly or feature-rich as some of the newer communication channels that have sprung up recently, its ubiquitous and robust nature will see it win time and time again.
The Protection of Personal Information (POPI) Bill is at serious risk of being watered down to such an extent that it is rendered ineffective and meaningless when it comes to preventing consumers from receiving email and SMS spam.
The Bill, which has been under discussion since 2009, sets out to establish the minimum requirements for the lawful processing of personal information, i.e. how it is captured, processed and stored by organisations, and gives citizens legal recourse should their personal information be abused.
Key to the efficiency of the POPI Bill is that it is established on a customer opting in to receive direct marketing communications from companies, rather than opting out of communications, as is currently the law under the ECT Act and the Consumer Protection Act. Unfortunately, careful study of the latest draft of the Bill and a comparison with the equivalent 1995 European Union Data Protection Directive shows that the implementation of the opt-in principle in the POPI Bill is not nearly as strong as it needs to be. The EU Directive is clearly the basis for the South African Bill, with word-for-word copy-and-paste similarities, so any differences between the two documents are extremely revealing about the intentions behind POPI.
I am specifically concerned with the wording of section 10(1) in the 2011 draft POPI Bill and sub-section 10(1)(f) in particular. This section details the circumstances under which personal information may be processed.In the POPI Bill it reads as follows:
Processing is necessary for pursuing the legitimate interests of the responsible party or of a third party to whom the information is supplied.
The equivalent sub-section (f) of the 1995 EU Directive provides that personal data may only be processed if:
Processing is necessary for the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are disclosed, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subject which require protection under Article 1.
Section 10(1)(f) of the POPI Bill has quite clearly been materially copied from the EU Directive, but with a significant omission. The EU law balances the legitimate interests of an organisation with the fundamental rights of the individual – in this case article 1 refers to their right to privacy with respect to the processing of personal information. The South African draft does not balance the rights of the company with individual rights.
This is problematic as it sets a far lower barrier for companies capturing personal information. It is likely that direct marketers will regard the collection of consumer data as a legitimate business interest, especially since section 66(2) gives them the right to contact any consumer at least once. This potentially opens the door for companies to scrape the internet for any personal details – irrespective of the reason the details were published by the individual in the first place. So, the classified advert you placed to sell your car that included a cell number and email address could result in your details being added to a direct marketing list.
In 2009, the South African Law Commission produced an 860-page report on the draft Bill in which it states that it should be considered illegal to collect personal information from the internet without the individual knowing. Unfortunately, if the revised 2011 wording of the Bill stands, those original intentions are now going to be of little value when the Bill becomes law.
This is especially alarming when one looks at another dilution of the POPI Bill that I have mentioned above and highlighted previously. Possibly as a result of lobbying by direct marketers, an additional clause was added to the Bill that allows companies to approach non-clients via an unsolicited email or SMS, and ask them if they would like to receive future marketing communications, thus building an opted-in database.
This is concerning because it begs the question where the company got the contact details in the first place. Also, it would be very easy to include a marketing message in the initial communication. Finally, what is to stop a company changing its identity and simply sending the message again in another guise? If the customer gives consent in the first place, then the original wording of the Bill - before this addition was made - is enough to both protect consumers and allow business to continue with legitimate direct marketing to non-customers.
Around the world it is considered best practice to base direct marketing on robust opt-in principles. In my opinion the EU Directive hits the nail on the head, and both the UK and Australian Direct Marketing Associations’ guidelines support opt-in principles. Spam simply does not make sense: at best, your message will be ignored, but more than likely your business will be named and shamed publicly thanks to the rise of social media.
I’d urge those drafting the POPI Bill to revisit the Law Commission report, remind themselves of the original intentions of the Bill, and redraft the relevant sections accordingly. Businesses and consumers need to become aware of the implications of the latest changes to the Bill as it winds its way towards becoming law.