Digital Confidence: Key Takeaways 4

Digital Confi dence Securing the Next Wave of Digital Growth

POLICY SERIES Digital Confi dence Securing the Next Wave of Digital Growth DIGITAL CONFIDENCE: KEY TAKEAWAYS 4

I. EXECUTIVE SUMMARY 7

II. THE NEXT GROWTH WAVE IN DIGITAL LIFE: USAGE, 15 NOT THE NUMBER OF USERS, DRIVES GROWTH

1. Digital Life: Introduction ...... 15 2. Digital Life: A Defi ning Force in Today’s Economy, Politics, Society, and Education...... 16

3. Revenue and Growth Drivers: Content and Advertising, Not Access ...... 23

III. DIGITAL CONFIDENCE: SECURING THE FUTURE GROWTH OF DIGITAL LIFE 27

1. Threats to Digital Life ...... 27 2. Digital Confi dence: Concept and Overview ...... 28

3. Network Integrity and Quality of Service ...... 30

4. Privacy and Data Protection ...... 36

5. Minors’ Protection ...... 38

6. Piracy and Theft Avoidance ...... 39

7. Summary ...... 41

IV. TODAY’S APPROACH TO DIGITAL CONFIDENCE: SIGNIFICANT 45 ROOM FOR IMPROVEMENT

1. Case Studies: How to Get Digital Confi dence Right—Or Wrong ...... 45 2. The Regulators’ Agenda ...... 70

V. RISK/BENEFIT ANALYSIS: DIGITAL CONFIDENCE PAYS OFF 75

1. Financial Summary: Downside Risks of Digital Confi dence Outweigh Potential Benefi ts ...... 76 2. Digital Confi dence Scenarios—From Divergence to Convergence ...... 77

3. Key Financial Drivers: Advertising and Content Are Most Exposed to Digital Confi dence ...... 78

4. Conclusion ...... 78

VI. FRAMEWORK FOR ACTION 81

1. Industry Needs to Develop Leadership in Digital Confi dence ...... 81 2. Network Operators and ISPs Need to Take a Clear Position on Digital Confi dence...... 82

3. Network Operator Call for Action: The Five Key Initiatives for Digital Confi dence...... 83

4. Implications for Other Stakeholders ...... 85

5. Priorities for Regulators ...... 86

Booz & Company 3 DIGITAL CONFIDENCE – KEY TAKEAWAYS

• The digital economy in Europe is expected top of the €436 billion base case. However, to grow by 18 percent per annum until 2012 the downside of a failure to enhance Digital to a volume of €436 billion from €236 billion Confi dence is greater: 18 percent (or €78 in 2008. billion) could be lost or signifi cantly delayed.

• Until recently, growth in the digital economy • All players in the industry agree on the was largely driven by infrastructure rollout importance of building up Digital Confi dence and technology development, such as digital credentials and have launched a wide array of TV (DTV) migration and next-generation activities accordingly—yet, to date, there is a broadband technologies. clear lack of coherence and common focus, as most actions are ad hoc, having been triggered • Going forward, there will be a very by high-profi le incidents of trust or security signifi cant shift in value from access—though breaches and political pressure. still profi table and growing, albeit at single- digit rates—to electronic commerce, online • Legislation alone cannot keep up with the and digital content offers, and online speed and scope of challenges in this market. advertising. Hence, successful companies do more than just comply with legislation; they stay ahead of • Increased usage and spend per user will fuel the curve by adopting proactive policies and strong growth in the next 5 years: Specifi cally, practices to drive Digital Confi dence. content and advertising businesses will show double-digit growth. e-Commerce will remain • Digital Confi dence is built on four pillars, the biggest market in absolute terms. which, taken together, address the most vital areas of consumer and industry concern: • However, these growth drivers will have to prevail over major disruptive forces in the 1. Network Integrity and Quality of Service European Information Society such as Web (QoS). Focuses on providing secure and 2.0 services converging across platforms (i.e., resilient enabling technology platforms for online, DTV, mobile) and a new “born digital” digital life and providing an optimal customer consumer generation that is hyperconnected experience and participative but also highly assertive, 2. Privacy and Data Protection. Addresses the feeding into press and political action. security concerns of individuals with respect to their digital data • With the growth and success of digital life 3. Minors’ Protection. Seeks to defend the well- have come many concerns for consumers being of minors in the online world and enterprises relating to the security and 4. Piracy and Theft Avoidance. Seeks to provide integrity of the digital environment. a secure digital business environment for all stakeholders. • Therefore, enhancing Digital Confi dence, as a measure of how much consumers and • As owners of the client relationship, suppliers trust in digital and online services, network operators are challenged to put is becoming a key growth enabler—or in place policies and practices that fi nd inhibitor—for the digital economy. €124 general user acceptance, which goes beyond billion in market volume (2012) could be compliance with legal requirements or serving at risk, approximately 1 percent of GDP the interests of particular stakeholders. for the EU-27, with market value related to content and advertising being most exposed. • Therefore, policies and practices should The economic upside of being successful in not be driven by single issues (e.g., piracy) increasing confi dence and trust amounts to an but should refl ect a holistic view of all Digital extra 11-percent growth (or €46 billion) on Confi dence areas. The policy implications

4 Booz & Company of these different areas converge in practice • Digital Confi dence policies and practices and have shown to produce contradictory need to be embedded within the respective reactions from stakeholders. organisations by establishing internal protocols and governance structures to guide • Key lessons drawn from case studies around product and service roadmaps; choice and the world show that a “can-do” vision is deployment of network-based technologies realistic: With regard to enhancing Digital and security solutions; and communication Confi dence, network operators can go beyond to customers and other stakeholders (e.g., their traditional roles of “mere conduit” and industry peers, content owners, regulators). educator/teacher whilst observing guidelines for acceptable consumer practices and safeguarding legal safe harbours.

• Based on the cases analysed, best practices from a consumer acceptance point of view take shape:

• Consumers accept practices that are transparent and unobtrusive—network operators and content and platform players, jointly with the regulator, are required to drive such communication forward.

• Consumers are concerned about how network operators manage and safeguard consumers’ digital data—clear statements and a consistent, reliable regulatory framework are key priorities.

• Consumers require control over the risks to which they’re exposed—they seek access to the appropriate tools, opt-in/ opt-out mechanisms, and education.

• Consumers accept measures that guarantee quality of service—if this requires active traffi c management, they are open to it, provided there are clearly communicated terms of service.

• To ensure proportional levels of intervention, and to fi nd general user acceptance, when adopting more pro-active policies and practices, network operators should use a graded approach following the E3 paradigm: Educate fi rst; Empower second; Enforce selectively where required.

Booz & Company 5 I. EXECUTIVE SUMMARY

THE NEXT GROWTH WAVE IN DIGITAL appropriate tools and measures that can and LIFE: USAGE, NOT THE NUMBER OF should be applied. The objective of this report is USERS, DRIVES GROWTH to provide a fact base for the debate and intro- Europe’s digital economy has a strong prospect duce frameworks, common language, and ideas of growth spurred by Web 2.0–type services to facilitate a joint view and joint—or coordina- that have become mainstream using the func- ted—policies and action where appropriate. tionality, ubiquity, and increased capacity of broadband networks. The migration to next-ge- DIGITAL CONFIDENCE: SECURING THE neration access networks, proliferation of highly FUTURE GROWTH OF DIGITAL LIFE sophisticated network technologies, and rise of Against this backdrop, promoting and enhan- a new generation of increasingly assertive “born cing trust and security becomes a key driver digital” consumers are potentially disruptive for the future growth of digital life. This driver forces for the digital economy ecosystem. This is particularly important because consumers new paradigm is a significant challenge for the “born digital” are increasingly assertive and industry at large as well as for policymakers and quick to react by reducing usage or feeding into regulators. press and political action—often leveraging The stakes are very high: We expect the Web 2.0 technologies. Based on interviews with European market for digital services to grow to 50 experts from across Europe and the United €436 billion by 2012, with a compound annual States and on a systematic review of market data growth rate of 18 percent (2007–2012). and industry best practices and perspectives, To date, growth in Internet usage has been we believe that four interrelated pillars address driven largely by the rollout of new technologies the most vital areas of consumer and industry (e.g., broadband access and DTV). The techno- concern associated with digital life today, and logy enablers now in place have nearly saturated going forward: many Internet access markets. The next wave of digital growth will therefore be driven mainly • The assurance of network integrity and quality by increasing revenues through growing spend of service for consumers and businesses rela- per user rather than increasing the number of ted to protecting technology platforms against users. This growth is expected to be achieved criminal security attacks, ensuring optimal through more innovative products and services Internet connectivity despite peaks in traffic complemented by new business models gene- load or external criminal attacks, and securing rating incremental revenue streams. The main economic growth areas identified are, in order of their respective growth rates: Advertising, Digital Confidence framework content, e-Commerce, and access. With the growth and success of digital life have come many concerns for consumers and enterprises relating to the security and integrity Social networking of the digital environment. The level of trust Entertainment that consumers place in service and platform Transactions providers in terms of business conduct and the provision of secure service and network environ- Information/ education Digital Confidence ments, as well as their confidence in the ability of governments and regulatory authorities to enforce consumer protection standards, is now a Stakeholders` Perceptions major factor affecting digital economy growth.

There is an urgent need to develop a common Network Privacy and Piracy Integrity and Protection view about priorities in the areas of enhancing Data and Theft Quality of of Minors Protection Avoidance trust and security, defining the roles and res- Service (QoS) ponsibilities for each player, and understanding

Booz & Company 7 the computing environment for consumers and RISK/BENEFIT ANALYSIS: DIGITAL businesses against disruption through viruses CONFIDENCE PAYS OFF and other malware. According to Booz & Company research and analysis, a €436 billion digital access, com- • The protection of privacy and personal data, merce, content, and advertising market with 18 that is, preventing consumers’ private electronic percent compound annual growth is at stake in data (e.g., identities, passwords, usage, and con- Europe by 2012. The difference between “get- sumption profiles) from being accessed, publis- ting Digital Confidence right” in a best-case hed, or commercially exploited without consent, scenario and “getting it wrong” in a worst-case and preventing identity theft and fraud. scenario adds up to €124 billion, or almost 30 percent of the total market at stake—approxi- • The protection of minors, that is, protecting mately 1 percent of total EU-27+2 GDP in 2012! children from exposure to undesired content, The combined downside of failing to establish preventing bullying and other hostile behaviour, Digital Confidence is, at €78 billion, far greater preventing grooming or other forms of child- than the upside at €46 billion—primarily driven ren’s solicitation by adults, and fighting child by the effects of Privacy and Data Protection as sexual abuse content. well as Network Integrity and Quality of Ser- vice, which impact all the revenue areas of the • The avoidance of piracy and theft, that is, digital economy and the level of use and number countering the theft of copyrighted content and of users across the major revenue categories. protecting e-Commerce transactions for all Privacy and Data Protection is financially parties. important, especially but not only because its implications for innovative (targeted) adverti- Industry needs to act proactively based on a sing business models. Consumers may become holistic view of these issues. Such an approach less willing to undertake e-Commerce, digital has been captured in the concept of “Digital content purchases, or subscriptions to innova- Confidence.” Digital Confidence transcends legal tive digital services if they don’t trust how their compliance—it is fast becoming a commercial personal data are being handled and secured. prerequisite and a license to operate. As certain Network Integrity and Quality of Service will case studies will show, legal compliance alone be required to support the continued growth does not buy consumer acceptance. Operators’ of content and video services. Managed well, policies and business practices need to address all networks will be able to deliver high bandwidth legal, economic, and public policy stakes associ- at a quality of service that supports digital life ated with these areas, together and coherently, to for all users. In addition, the area of Piracy and enable the next phase of growth of digital life. Theft Avoidance is relevant for content owners as well as for e-Commerce. Apart from the obvious revenue implications for the content in- Digital life—revenue summary Europe dustry in protecting existing value of their rights portfolios as well as in introducing innovative Revenue Users (billion euros) (millions, line) digital and online content business models, there 436 600 is a sizeable risk related to the negative impact on e-Commerce transactions due to people shif- 400 385 57 500 ting consumption to offline channels, which is 45 19 333 not possible for many new business models (e.g., 18 35 online auctions). 300 283 15 400 26 The revenue categories most sensitive to 236 11 Digital Confidence concerns are content and 18 300 193 9 291 200 advertising markets. Both markets are in a 12 258 6 224 nascent stage and their development is highly 191 200 158 Users (millions) dependent on Digital Confidence: Advertising 128 100 Advertising could be severely held back by adverse reactions 100 Content of consumers if not implemented in ways that 69 e-Commerce 47 51 55 59 64 find general user acceptance, or by too restric- Access 0 0 tive legislation. For example, protecting consu- 2008 2009 2010 2011 2012 2013 mer privacy very restrictively may impact new Note: Europe including EU-27, Norway and Switzerland business models based on targeted and perso- Source: Forrester e-Commerce Forecast, Company Report Apple, Company Report Google, EU TV and Broadband Forecast Model, Booz & Company Analysis nalised advertising—a major contributor to the

8 Booz & Company Digital Confidence impact

Case Analysis Europe Effect 2012 (billion euros) 482 Network Integrity & QoS could 436 Best Case Worst Case 417 124 cause 6% loss in (29%) worst case 385 [%] [€ billion][%] [€ billion] 350 358 333 Network 289 283 330 Integritiy & 3% +13 –6% –26 304 QoS 236 Equivalent to 273 ~1% GDP in Privacy & 193 Europe 2012 Data 4% +18 –5% –21 Protection

Protection 3% +13 –3% –14 of Minors Privacy & Data Protection driving Piracy & 4% potential gain Theft 1% +2 –4% –17 in best case Avoidance 2007 2008 2009 2010 2011 2012

Base Case Worst Case Best Case Total Effect 11% +46 –18% –78 Note: GDP Europe 2012 estimated at roughly 12.5–13.5 tn EUR (Europe: EU-27 + Norway + Switzerland) in 2012 Source: European Union, Booz & Company Analysis

projected €57 billion online advertising market identical way; rather, it is the level of agreement in Europe in 2012. Moreover, advertising will across the industry to follow the same direc- play a central role in monetising all emerging tion. It refers to the extent to which there is a and fast-growing Web 2.0 services such as social common understanding of such a direction and networking sites and innovative content offers. the overall priorities as well as of the resulting Content providers fear that excessive piracy responsibilities of each stakeholder. could fundamentally challenge their digital Network providers need to continue to play business models. e-Commerce is relatively less an important role because their core business is exposed but shows the highest absolute impact a key enabler for the identified economic growth due to its large business volume, contributing drivers. The level of network integrity has a €52 billion to the potential downside, and half major economic impact even if a provider’s own of that to the potential upside, of Digital Confi- core access business seems least exposed to the dence. benefits or risks of getting Digital Confidence The risk/benefit analysis shows that, in purely right or wrong. economic terms and disregarding for a moment the wider societal aspects, the digital industry FRAMEWORK FOR ACTION has a significant economic incentive to cohe- All four pillars of Digital Confidence need to rently address all areas of Digital Confidence to be addressed as a matter of urgency. They are at least avoid worst-case revenue scenarios and highly interdependent, with all areas contribu- ideally to strive for best-case revenue potential. ting to users’ overall awareness of the digital All players in the industry agree on the impor- world being safe or unsafe. tance of building up Digital Confidence creden- Due to the complexity of the issues involved tials and have launched a wide array of activities and the interdependence of many players across accordingly—yet, to date, there is a clear lack of the value chain, it becomes obvious that every- coherence and common focus, as most actions one in the digital economy has a role to play. are ad hoc, having been triggered by high-profile While network operators are instrumental in incidents of trust or security breaches and politi- many areas to deliver a solution, it is clear that cal pressure. they can contribute only their part to the overall The key distinction between the best- and puzzle. worst-case scenarios is the level of alignment between the industry players in the approach to To map out the various roles that network ope- Digital Confidence. Alignment does not neces- rators can play in the identified areas of concern, sarily mean that players do all things in an a Digital Confidence Positioning Framework has

Booz & Company 9 been developed. This framework depicts how In defining their positions in this field, network measures are taken (e.g., passively in a “hands- operators need to be very careful, however, off” manner or actively in a “full-control” when assuming roles outside of their primary approach) and differentiates the underlying prin- business activity and responsibility. Any move ciples. The resulting roles can be clearly linked that may undermine their safe harbour of “mere to generic societal roles. For example: conduit” and expose them to uncontrollable liabilities will ultimately not enhance Digital • The teacher educates users about opportu- Confidence—whilst raising expectations among nities and threats as much as possible, but will the public to the contrary. normally not take active corrective measures Based on our analysis of successes and fai- (e.g., “Web Wise Kids” producing educational lures in the area of Digital Confidence, there material for children on the Internet). seems to be a traditional home ground along these dimensions for network operators: The • The parent educates users about threats and position referred to as the “teacher”—which measures, similarly to a teacher, but will take focuses on educating users about opportuni- measures proactively if deemed necessary to ties and threats as much as possible, but will protect users (e.g., YouTube filtering copyright normally not take proactive corrective measures. protected content). But our analysis clearly shows that leaving this home ground only to comply with legal regulati- • The referee relies on self-imposed enforcement ons will not be enough going forward. of rules on a case-by-case basis and on guideli- Legislation often cannot keep up with the nes rather than on education, but rules are based speed and scope of the changes related to Digital on mutual agreement (e.g., UPC NL proactively Confidence. As owners of the client relationship, restricting access to child sexual abuse content network operators are challenged to put in place domains). policies and practices that find general user acceptance, which goes beyond compliance with • The policeman is naturally inclined towards legal requirements or serving the interests of strong enforcement based on legal mandating, particular stakeholders. takes all measures necessary to do so, and does so based on strict rules such as to block all Hence, successful companies do more than just illegal activities (e.g., the implementation of a comply; they stay ahead of the curve by adop- “three strikes and you’re out” rule in case of ting some key principles to drive Digital Confi- copyright infringement). dence:

• They work on confidence-building procedures and protocols. “Home Ground” positioning for Network operators • They are as open and transparent as possible in their communication with consumers. Voluntary/ Teacher by choice Parent • They make an extra effort to educate and enable consumers to protect their interests in the digital world. “Home ground” To ensure proportional levels of intervention, and to find general user acceptance when adopting more proactive policies and practices, “Hands “Full network operators should also use a graded off” control” approach following the E3 paradigm: Educate first; Empower second; Enforce selectively where required.

Based on the cases analysed, best practices from a consumer acceptance point of view take shape:

Referee Mandatory/ Policeman • Consumers accept practices that are transpa- forced rent and unobtrusive—network operators,

10 Booz & Company service providers, and content and platform panies should be open about the policies they players, jointly with the regulator, are required apply and the rationales behind them—including to drive such communication forward. business rationales. Consumer acceptance is generally high if rules and underlying rationale • Consumers are concerned about how net- are openly communicated. This also opens a work operators and ISPs manage and police dialogue with the consumer, which can be very consumers’ digital data—clear statements and helpful to improve solutions. a consistent, reliable regulatory framework are key priorities. 2. GOVERNANCE Digital Confidence is complex, very sensitive, • Consumers require control over the risks to and cross-functional in nature. Very often, it is which they’re exposed—they seek access to the required to define fundamental positions for the appropriate tools, opt-in/opt-out mechanisms, company—for example, “How do we deal with and education. sexual abuse content?” Getting it wrong bears high reputational and financial risks. Hence, it • Consumers accept measures that guarantee is of utmost importance to devote sufficient top quality of service—if this requires active traffic management attention to the subject. Digital management, they are open to it, provided there Confidence should be clearly embedded in the are clearly communicated, fair, and transparent organisational structure, through, for example, terms of service. a Digital Confidence Board with senior oversight including the authority to oversee and These principles apply to all stakeholders. implement all related activities.

As a next step, Digital Confidence policies and 3. TECHNOLOGY practices need to be embedded within the res- Enabling technologies are largely in place for pective organisations. Exploring the implicati- Digital Confidence, and the focus of attention ons for network operators, it is essential to align turns to deciding individual positioning, defi- activities to achieve the next level of Digital ning appropriate policies, and establishing the Confidence. Providers need to act at five levels: supporting governance structures. Nevertheless, there are certain technology-related investments 1. POLICIES AND PROCEDURES that will need to be made by the majority of net- Network operators and ISPs must have a Digital work operators to prepare for the future. They Confidence positioning statement defining their relate to ensuring that the quality of service strategy and position for each confidence pillar. can be maintained despite the increasing levels This needs to be the basis for all Digital Confi- of multimedia traffic. Network operators will dence-related policies. The positioning statement need to make investment decisions by managing needs to be precise enough to provide tangible the trade-off between adding further transport guidance on the underlying questions related to capacity and active traffic management, that is, these issues, for example, “How does a company via tiered pricing or technical measures. Net- balance the trade-off between inappropriate work operators and ISPs will need to work with content and freedom of expression?” content providers to optimise their networks for As a next step, these policies need to be multimedia content delivery through technolo- embedded in the core processes of the company. gies such as peer-to-peer caches (e.g., approa- In most cases this will have direct impact on ches developed by the P4P initiative) or content the way network operators think about product delivery networks. Regulators will need to know development, for example, by making sure that that they have addressed the issue appropriately. all product and service releases meet the own Another major technology area of risk cur- standards. rently relates to end-user equipment. Such equip- In addition, network operators must keep ment is generally not sufficiently protected from Digital Confidence policies and procedures up to threats such as viruses, botnets, and other forms date by conducting regular legal, public policy, of malware. Software solutions already exist; and technical reviews of existing policies and however, network providers should be even more procedures. active in encouraging customers to use them. Last but not least, as the cases analysed in Service providers must also deploy tools and so- this report show, confidence requires trust, and lutions that empower consumers to control and trust can best be built on open communication; manage their own exposure (e.g., via an opt-in/ transparency pays off. As a consequence, com- opt-out facility). This will require a step change

Booz & Company 11 in the level of activities: Offering solutions for areas, network operators and ISPs are overall download on the website is not good enough; well advised to cooperate with NGOs as broadly network operators and ISPs should launch as possible. Many aspects can be addressed programmes to drive and track the number of much more effectively if one provider takes the installed solutions. initiative jointly with an NGO because the latter can ensure neutrality and industry-wide appli- 4. CONSUMER EDUCATION cability, leveraging the good reputation NGOs Network operators and ISPs should engage in have. Recent surveys show that NGOs rate industry programmes jointly with NGOs and highly in consumer trust. undertake their own appropriate education initiatives (e.g., information campaigns on their PRIORITIES FOR REGULATORS own websites). Regulators and government agencies are chal- These programmes need to cover threats lenged to define their position in this field, related to data publication, targeted advertising, which oscillates between censorship and piracy, and online behaviour overall (including consumer education, heavy regulation and free what constitutes bullying, solicitation, and un- market, self-regulation philosophies. The cross- acceptable content). border nature of Digital Confidence threats Education messages should be targeted to spe- places particular emphasis on international cific user groups, including parents and children. (judicial) cooperation to increase awareness of The parents’ programme should focus on how to the urgency to act and, for governments and monitor children’s activities, build awareness of enforcement authorities, to allocate appropriate the threats of the environment— and showcase resources to establish effective mitigation struc- the tools available to parents to manage their tures and partnerships with industry. To date, children’s online environment. Children’s edu- the lack of a coherent approach comes ultima- cation should focus on recognising and dealing tely to the detriment of the consumer, who lacks with threats. transparency and guidance around the risks and benefits of digital life, whilst businesses are 5. REGULATION challenged to create sustainable, new digital Network operators and ISPs need to encourage business models. regulators to focus on specific actions to support There appears to be a trend in politics and re- industry’s endeavours in proactively building gulatory policies to put greater emphasis on sta- confidence in areas that clearly fall outside keholder cooperation and co-regulation instead service providers’ activity (e.g., blacklisting of of greater legislative activity. At the same time, illegal content, law enforcement). Regulators there will be a need for continued review of should be careful not to proactively create regu- the proportionality of any regulatory activity, latory obligations in these areas unless the pro- particularly with highly interventionist approa- portionality of those measures can be ensured. ches (such as “three strikes” or moves towards In response, industry needs to demonstrate imposing mandatory network filtering) that may that it is serious about Digital Confidence by ta- infringe on basic Internet freedoms and basic king the initiative to develop coherent solutions. consumer rights (e.g., to privacy) and undermine Such solutions must have the commitment of all vested legal certainties for industry players. players and need to proportionately allocate the cost of implementation and the resulting finan- Undoubtedly, regulators have an important cial rewards. Regulators must allow industry to role in securing Digital Confidence. Given the develop such solutions and foster stakeholder complexity of Digital Confidence issues, for cooperation and financial support programmes example, regulators can help foster increased whilst allowing competitive pressures to work stakeholder cooperation. The following areas in favour of consumer interests being upheld, deserve continuous attention of regulators: rather than applying regulation that, although well-intentioned, may be counterproductive • Encourage network operators and ISPs to from a consumer point of view and cause eco- establish Digital Confidence policies and proce- nomic damage. For example, our analysis shows dures as well as codes of conduct based self-re- that a strict quality of service regulation ban- gulation on industry level—particularly in areas ning most forms of traffic management could where more intrusive regulatory intervention increase the capex requirements of network could lead to negative economic results (e.g., on operators across Europe by up to €6 billion. traffic management) or infringe basic consumer In executing measures across these five initiative rights (e.g., “three strikes” rule).

12 Booz & Company • Consider measures to limit the legal and in some instances reputational risk for network operators and ISPs introducing Digital Confi- dence policies and procedures, for example, lead the development and foster the industry-wide deployment of a register of sites banned in the interest of minors’ protection—and, in Europe, harmonise the current, scattered approaches across countries, including establishing structures for internationally coordinated proceedings for minors’ protection.

• Create incentives for industry players to take a more active role in consumer education— provide funding and establish umbrella initiatives to leverage scale, for example, building on experiences gathered from the Safer Internet program.

• Increase the effort for international cooperation to develop global solutions or frameworks for solutions to essentially global problems, for example, in the area of copyright protection.

• Put a special focus on the interdependencies of the different areas of Digital Confidence for the different stakeholders, and balance decisions accordingly. For example, enforcing very strict quality of service requirements could unintentionally create significant network upgrade costs that may ultimately increase costs for the consumer.

In summary, Digital Confidence does not necessarily cost a lot—in terms of required investments—to get right. On the other hand, the cost of getting it wrong would be substantial. Ho- wever, getting a Digital Confidence programme right is neither easy nor free. Most CEOs believe that their organisations are engaged in many of the activities suggested above—and rightly so. But in most cases, this will not be enough. Digital Confidence transcends making educational material available on the corporate Web site. It is about engaging with the leading institutions in this field—private and public—at a senior level and launching serious campaigns that make a difference. This will require funding and potentially new skills in the organisation. Digi- tal Confidence is not just about having a data privacy policy on file; it is also about changing the way a company thinks and communicates about these topics internally, with its customers and the community at large. In short, Digital Confidence requires leadership from the top in order to prevail.

Booz & Company 13 II. THE NEXT GROWTH WAVE IN DIGITAL LIFE: USAGE, NOT THE NUMBER OF USERS, DRIVES GROWTH

1. DIGITAL LIFE: INTRODUCTION this point. When communication, community, Digital technologies have revolutionised eve- content, and commerce are combined, the value ryday life—from the office to the home—at added for the consumer is tremendous—and breathtaking speed. Decreasing development in many instances profoundly innovative. The cycles and, as a result, ever-more-powerful exploding growth rates of these services in all devices, when combined with drastically shor- Western economies and beyond are an impres- tening replacement cycles of technologies in the sive testimony. Interestingly enough, all of home, have led to a mass market penetration of these services take immediate advantage of the digital technology. Whether it is connecting and community aspect for their own purposes: Viral communicating with friends, watching movies, marketing, that is, word-of-mouth or PC-to-PC listening to music, or taking pictures—life today communication, is the main growth driver. All is digital. Digital technologies have long stepped of this is possible only in a networked environ- out of their niche as a toy for technology-savvy ment. “geeks” to be at front and centre of modern life. In this context, it is important to note that the Most consumers today find it more upsetting to majority of European households are or soon lose their Internet connection at home than to will be equipped lose their telephone service. with three digital Internet and broadband penetration levels are The latest development of digital services, network connecti- now reaching saturation as penetration has ranging from digital TV to so-called Web 2.0 ons: Internet, digi- reached 70 percent across most central Euro- applications, has made this fact strikingly clear: tal TV, and mobile. pean markets. The full potential of digital technology and ser- All are capable to vices is unleashed only if technologies and appli- different degrees of delivering broadband ser- cations are networked, physically and logically. vices, and all—again to different degrees—are What is the true revolution in digital photo- interactive. graphy: The fact that celluloid film rolls disap- The current migration of broadband networks peared from the shelf, or the fact that pictures to next-generation access networks will further today can be shared with friends in minutes? In accelerate the development of digital life. Next- particular, Web 2.0 applications like Facebook generation networks of cable providers (based and YouTube that focus very much on com- on EuroDOCSIS 3.0 technology), telecommu- munity aspects of digital technology underline nications incumbents (xDSL), mobile operators,

Exhibit 1: Internet users global (million users) Exhibit 2: Broadband penetration

CAGR (percentage of households)

North America 2007 Europe 1.580 2013

Asia/Pacific 1.384 4% Latin America 85% 85% +13% 82% Rest of World 1.169 77% 10% 75% 69% 72% 967 57% 782 52% 45% 551 18%

372

19%

29%

2000 2002 2004 2006 2008 2010 2012 Netherlands Denmark United France Germany Kingdom Source: Economist Intelligence Unit Source: OECD

Booz & Company 15 and local FTTH network providers, in combina- online involvement grew faster than the others: tion with wireless clusters like digital terrestrial News Corp., with its strong digital initiatives networks and satellite, will address demands for such as MySpace, is a good example. increased broadband speeds, ubiquitous connectivity, and individualised media consumption 2. DIGITAL LIFE: A DEFINING FORCE IN across platforms. TODAY’S ECONOMY, POLITICS, SOCIETY, The availability and level of acceptance of the AND EDUCATION Internet are such that the penetration of broad- To date, growth in Internet usage has been dri- band is in excess of 70 percent in many Euro- ven largely by the rollout of new technologies. pean countries and has achieved mass market End-user equipment, such as PCs and mobile de- status similar to other media formats such as vices, provides cost-effective access and storage television and radio. This fact is also driving the platforms. Broadband networks are migrating next wave of change in consumer behaviour: towards ultra-high-speed next-generation net- More and more consumers expect to access the works. All relevant infrastructures provide high service they choose at the time and place they capacity (with standard broadband providing decide using the device available. around 5 Mbps, and in more developed coun- Consumers are shifting behaviour patterns, tries up to 25 or even 100 Mbps) combined with not only by spending more time online but also interactive capabilities and always-on functiona- by interacting more online—through social net- lity. Indeed, mobile network operators (MNOs) works that provide the opportunity to exchange have finally introduced the mobile Internet with content and ideas. On the supply side, compa- the widespread availability of 3G across Europe. ring more traditional media companies with The technology enablers now in place have the new digital giants shows very clearly where driven the penetration levels of Internet access to the growth was in recent years (Exhibit 4). And near-saturation in many markets. Thus, the next even within the category of more traditional wave of digital growth will be driven by exploi- media companies, those companies with more ting the enabling technologies to a far greater

Exhibit 3: Digital life evolution

Web 3.0 “Semantic Web” Breadth and depth of digital life

Web 2.0 Society “Sharing and collaboration”

Consumer Web 1.0 Entertainment “Access“

Education

Business

Access

Time

Source: Booz & Company

16 Booz & Company Exhibit 4: Revenue, online companies vs. media companies (revenue in billion euros)

34.9 33.9 Revenue 2003 Revenue 2007 26.7 25.5 25.0 21.7 21.9

16.6

12.1

5.1

1.4 1.3

Vivendi Time Warner Disney News Corp. Yahoo! Google

CAGR −4.0% −0.7% 1.7% 7.3% 37.2% 74.9%

Online Affinity

Source: OneSource, Company Reports

extent rather than penetrating them further. sophisticated advertising approaches, especially This implies changing usage or user behavi- those that aim to increase their relevance to the our much more than increasing the number of individual consumer, can be deployed only if the users. And we are seeing this already today in digital media exploits a wealth of user and usage many markets. Consumer behaviour is changing information. dramatically: The main source of information For example, users of Google’s e-mail offe- influencing the buying decision for a car is the ring, Gmail, are shown advertising tailored to Internet; almost every second book sold online the content of their e-mails. In the same way, in the United States today is sold through Ama- browsing history, actively zon; and U.S.-based cable operator Comcast administered profiles, and Advertisers are now allocating more registers roughly 40 million on-demand movie other data can be used to tai- of their spend to the Internet—online downloads per month. lor advertising to individual advertising represents 15 percent In response to the changing media consumpti- consumers. Also, in digital of the overall advertising in the UK. on patterns, businesses are embracing the power TV, user data and usage data of the Internet for advertising and marketing can be tracked via the set-top box and used to purposes—in the UK, for example, more than present targeted advertising to specific segments 15 percent of advertising spend is allocated to or individual users. And with interactive DTV, online media. advertising offers the same interactive response The Internet and the digital environment in features as online. general have developed into a very attractive Achieving a high level of privacy protection is platform for di- a very important concern from a consumer point The Internet has changed verse advertising of view that needs to be addressed with great industries: Amazon sells and marketing care even when users’ Internet traffic data are more than $4.5 billion activities: First, used for commercial purposes on aggregated, worth of books in the consumers spend anonymous levels. But as intrusive as this may United States, accounting an increasing sound at first, experience shows that tailored for almost every second amount of time advertising can increase consumer acceptance, if book sold online, compara- with digital me- done well, because the advertising is relevant to ble to Barnes & Noble dia; and second, the consumer. In addition, there are many ways in traditional sales. digital media has to design such advertising so that unwanted both huge ef- participation is avoided: Via opt-in or opt-out ficiency and effectiveness advantages over other procedures. For example, users can be given the advertising formats—a crucial point. Many choice not to have their data used for targeted

Booz & Company 17 Exhibit 5: Digital life—growth levers

Social networking

Entertainment

Transactions Information/ education

• Communities • User-generated content • Peer-to-peer sharing • Video-on-demand • Virtual realities • Interactive TV • e-Commerce • Gaming • e-Banking • Search • e-Payment • Editorial content • t-Commerce • Online learning

advertising—but may then increasingly be asked services, this will be one of the biggest challen- to pay for services in order to contribute to the ges for all industry players concerned. revenue lost on the advertising side. Moreover, advertising will remain one of the major means From an application perspective, we see four for financing many services and offerings in the major growth levers for digital life: digital environment, just as advertising has been financing traditional media for decades. • Information and Education. The traditional Against this backdrop and with the digital Web 1.0 applications combined with some Web economy experiences of the last 15 years, it is 2.0 tweaks like user-generated content, for very likely that advertising in a broad sense will example, in e-Learning. be one of the major revenue categories to support the future growth of the digital economy. • Transactional Services. Mainly e-Commerce Managing the actual and perceived intrusion on and online banking. digital life is a prerequisite for capturing that growth. Particularly against a background of • Entertainment. Digital TV, video services increasing pressure to monetise new Web 2.0 (streaming video and video on demand offers like YouTube), and gaming as well as download services such as iTunes. Exhibit 6: Growth of Google (revenue in million euros) • Social Networking. All services built around the interaction of people, for example, in communities, exchanging content mainly generated

12,106 by themselves or meeting in virtual realities.

INFORMATION AND EDUCATION Information—in particular, search—has been CAGR 8,444 +100% one of the main drivers of growth in Internet usage from the beginning. Search engines have achieved notable success in translating the 4,931 plethora of data available on the Web today into information meaningful to end users. 2,564 The Internet is also facilitating collabora- 1,295 tion and providing consumers with education 380 through user-generated content and ideas, for 2002 2003 2004 2005 2006 2007 example, Wikipedia—which has amassed more Source: Google than 10 million user-generated articles in 250

18 Booz & Company languages. Started only in 2001, Wikipedia is TRANSACTIONS developing into the most accessed source for The Internet has proved to be a medium ideal (encyclopaedic) information, not among Internet for transactional activities. offerings alone—but overall. It is thus beco- When shopping online, consumers enjoy ming one of the most important education and competitive pricing aided by comparison sites, research tools in existence—even leading to dis- among many other advantages. Today, with cussions about students losing the ability to do more than 40 percent of consumers shopping “real” desk-based research in libraries. The open online, annual e-Commerce spending is in ex- and community na- cess of €150 billion in Europe, having grown by ture of Wikipedia, Over 45 percent of com- 50 percent over the past 2 years. This e-Com- both in terms panies use Internet-based merce spending of its user-gener- training regularly. today accounts More than 40 percent of consumers are shopping ated content as well for more than 4 online, and e-Commerce now accounts for more as its user control, percent of total than 4 percent of total European retail sales. makes it a prime example of a true Web 2.0 European retail application entering into the information space. sales, predicted to grow to 11 percent in 2011. According to some, its dynamic nature may For certain products like event tickets, tra- provide more accuracy than many other, more vel, and media (e.g., books, music, video, and static, information sources. software), the share in 2011 is predicted to be Digital TV is another major driver of the between 25 percent and 35 percent. information age. The TV channels broadcast in In addition, the Internet has revolutionised the Europe have reached the staggering number of way consumers operate their finances by allo- 1,703 (in 2005) starting from 93 just 18 years wing digital transactions. While the Internet suc- ago. A large number of the channels available to ceeded in establishing a significant level of confi- consumers today offer news, documentary, or dence in its—generally solid—security, e-banking foreign language programming that was non- has developed into a mass phenomenon. And existent or not accessible in the analogue world. alongside the growth of e-Commerce, a broad Universities and other higher education in- array of e-payment solutions such as PayPal have stitutions increasingly leverage the possibilities been established to support the increasing drive provided by the Internet to distribute informa- towards purchasing goods and services online. tion very effectively and to allow convenient and With the especially high sensitivity around finan- rich interaction, supported by solutions such as cial transactions, however, these fields obviously WebEx (a Web conferencing and collaboration are exposed to security concerns. solution). Particularly, distance learning, which New businesses have been established based involved many physical tasks 15 years ago (e.g., on Internet-only models that take advantage of people travelling, exercises being sent in), is fully the opportunity to operate a virtual business embracing these possibilities. Several universities and colleges (Open University in the UK, for example) started to engage in Second Life to Exhibit 7: e-Commerce retail sales Europe (billion euros) leverage it as a virtual classroom environment. Businesses as well deploy the Internet and associated digital media to deliver training to their e-Commerce Online shopper Sales Europe (share of adult employees, deploying formats such as Webcasts population) or Web-based training (WBT), an extension of 400 60% 54% CAGR the traditional computer-based training (CBT). 50% 350 + 21% Information and education will continue to 46% 50% 300 41% be important growth levers for digital life. In 263 37% 40% particular, search supported by online advertising Rest of Europe 250 229 32% NordNordic will continue to grow strongly. Google, the role 195 BeneluBenelux 200 30% model for translating search into advertising re- 162 ItalyItaly and and Spain SpSpain Franc venue, has enjoyed a compound annual growth 150 131 France 20% in revenue of more than 100 percent over the 102 100 GermaGermany past 5 year as it pushed out its business models 10% 50 aggressively and kept innovation its offerings UK very dynamically with the result that it is today 0 0% more than twice the size of the largest European 2006 2007 2008 2009 2010 2011 TV broadcaster RTL Group. Source: Forrester

Booz & Company 19 model at a fraction of the cost of a bricks-and- In addition, digital TV enables significantly bet- mortar business; they leverage the power of the ter image quality with HDTV offerings. Digital Internet as a low-cost sales channel and as an TV also introduced a number of genuinely new enabler for efficient supply chain management. functionalities such as video on demand and Also, bricks-and-mortar businesses benefit from time-shifted TV, and it supports special features an additional low-cost platform for customer such as interactivity and electronic programme service and billing activities—often charging a guides. premium for users unwilling to use the Internet service. Mobile operators, for example, introduced Internet-only offerings a few years ago. Exhibit 9: U.S. online video streams (billions)

ENTERTAINMENT Online TV 61 User generated Probably the most profound change the digital online video life is bringing to most consumers is in the area 36 of entertainment. The average consumer in Europe spends between 160 and 240 minutes 12 watching television per day, and up to another 8 140 minutes using the Internet—increasingly for entertainment purposes as well. With these 2006 2011 activities taken together, using or consuming Source: eMarketer interactive media is by far the number-one leisure activity in Europe in terms of time spent. And this experience is changing dramatically. In addition, commercial platforms are emer- The Internet is already becoming the leading ging that take advantage of the higher capacity media format in many developed economies of broadband networks to deliver multimedia with people spending more time online and with services over the Internet—for example, the BBC e-mail than watching TV (Exhibit 8). iPlayer provides TV shows and radio over the As consumers have increasingly busy schedu- Internet in the UK. les, they are looking to on-demand entertain- More than half of U.S. Internet users (57 ment services that allow them to watch what percent) have used the Internet to watch videos they want, when they want, and how they want. online, and almost 20 percent of consumers do The higher capacity of broadband networks this every day. And these percentages are even allows services such as video on demand to be higher for users with broadband connections delivered cost-effectively. (74 percent of them watch videos online). Last Digital TV is about to revolutionise consu- year, some agile startups have begun to turn the mers’ TV experience. Recent years have brought Internet into a real TV: Joost, Babelgum, and explosive growth in the number and diversity of others are deploying high-quality TV offerings TV channels, with many regionally or themati- enriched by Web 2.0 elements in a so-called cally specialised channels being added. over-the-top (OTT) approach, that is, “on top” of a cable or telecom operator network without any liaison with the network provider. Exhibit 8: Time spent with media per day, These trends are not only making the Inter- United States 2007 (hours per day) net a more important medium for advertising;

they are also establishing it as a more important shaper of public opinion. Advocates for free- 13.9 14.7 13.4 12.5 11.7 9% 9% 9% 7% 7% Video games dom of opinion and a well-informed public (i.e., 17% 16% 15% 14% 14% IM/e-mail regarding politics, social sciences, and cultural institutions) will exhibit increasing interest in 23% 22% 26% 29% 30% Online such media consumption changes.

29% 32% 25% 21% 15% Radio & music SOCIAL NETWORKING Society is experiencing greater levels of inter-

22% 21% 25% 29% 34% TV action through social networking sites such as Facebook and Bebo, which, on the one hand, 13-14 15-17 18-24 25-54 55-64 have brought functionalities impossible without Age the Internet and allow individuals to live their Source: eMarketer friendships online with physical distance not

20 Booz & Company mattering at all, but which, on the other hand, the 18-to-29 age group, the share is more than also raise some fears around what happens to 40 percent. Obama has taken the use of the traditional societal behaviour such as face-to- Internet as a po- face interaction and friendship. litical tool to new Society has been reshaped by the Internet— Social networking is a relatively recent levels: He is using for example, 60 percent of U.S. consumers phenomenon that is supporting the general it also to collect could give up their phone, but only 55 percent Web 2.0 trend towards online social communi- funds for his cam- Internet. ties. Users—particularly those from the “born paign. More than digital” generation—are part of social interest 1 million individuals contributed an average of groups operating in an online context that are $105—an unknown possibility 10 years ago, but generating, posting, and sharing content online. now one of the major sources for funding. Social networking is used by an increasing por- Blogs, podcasts, chat sites, user forums, tion of the Internet users, with most accessing newsgroups, and other advanced communica- multiple sites on a regular basis. tion and online publishing tools have not only The Internet has for quite some time influ- changed completely the communication needed enced the social behaviour of consumers. In in organisations to fulfil business purposes and a 2004 Social other communication requirements; by having Ties survey in the Social behaviour is chan- made communication so much easier, it also has United States, the ging—people connect faster significantly increased the speed and volume of average Internet and with larger social groups sharing rumours and news. One of the conse- user had a larger when using the Internet. quences is that organisations have been confron- group of people ted with a dramatically increased need to design he interacted with regularly (37 ties for Internet and deploy information and communication users compared to 30 for non-Internet users). policies, especially with respect to confidential More than 30 percent of Internet users further- business information. Opinion portals like ciao, more stated that the Internet increased their which operates in several European countries number of ties and casual acquaintances. and registers visits from more than 38 million consumers each month, and blogs have created CHANGES IN SOCIETY As laid out above and discussed in more detail throughout the report, digital technology is Exhibit 10: Social networks used by adults (UK, 2007) already a major economic force—and will be even more so in the future. But it should not 62% Main site used be restricted to a 49% One of sites used purely economic The Internet is an increa- 46% factor. The Inter- singly important opinion 32% net in particular shaper—Google is fre- 21% and digital services quently cited as one of the 19% 7% more broadly will most reliable global news 6% 4% 6% be major change sources, right after CNN 1% 1% drivers with far- and the BBC. Facebook MySpace Bebo Hi5 Piczo Other reaching impact Source: Ofcom beyond the sales of books or airline tickets. Digital technologies enable everyone to make his or her voice heard and connect to large audiences in any context relevant to the individual. Exhibit 11: Social networks used by adults Politicians use the Internet for presenting (2007; percentage of Internet users per country) themselves and their ideas, for interacting with their supporters, and for organising their 53% campaigns. For example, Presidential candidate 39% Barack Obama in the United States is extensi- 32% 34% vely using social networking applications in his 22% 17% presidential campaign. On Twitter, more than 12% 30,000 users are his “followers,” regularly getting short updates from him. Nearly a quarter of Americans today use the Internet regularly as Germany France Italy Japan USA UK Canada a source for political/campaign information; in Source: Ofcom, Nielsen n=391

Booz & Company 21 a genuinely new source of pre-purchase infor- Generation “Born Digital”—Bringing Digital Confidence mation that can both go clearly in favour or to the Fore strongly against individual marketers, services providers, retailers, etc. The power of blogs and Children and youths in industrialized countries are the first online “syndication” reaches far beyond pure generation that was born into a digital world. They are the e-Commerce and the digital world itself: Kate early adopters of new technology and IT specialists compa- Hanni, an individual airline passenger severely red to most parents. And up to now, only parts of the older dissatisfied by American Airlines’ practices, generation are being “reborn” into this digital life. founded The Coalition for an Airline Passen- gers’ Bill of Rights with some companions in Wired magazine writes on “born digital”: misfortune after having been “stranded on several American Airlines planes for up to 9 hours • A self-characterization: “We learned to crawl alongside at Austin International Airport” in December the PC. We came of age with the Internet. Early-adopting, 2006, without “food, water or access to wor- hyperconnected, always on.” king bathroom facilities.” The coalition now has more than 20,000 members, utilises a website • On technology: “From IM to MP3 to P2P, we lab-test and a blog to exchange “horror stories” and to tomorrow’s culture. While others marvel at the digital future, make its voice heard— and has visited members we take it for granted. Think of it as the difference between a of the U.S. Congress repeatedly, with legislation second language and a first.” and regulation changes now under discussion to avoid the horror stories its members have expe- The generation “born digital” does not distinguish between rienced. on- and offline as much as many adults tend to do—both The power of Web 2.0 offerings such as opi- “worlds” are a lot more interconnected for them; they live nion portals and features such as user reviews in real as well as virtual communities with often significant on Amazon finds confirmation in Edelman’s overlap in their age groups; and they have their own “online” Trust Barometer: The 2008 edition shows that culture, language, and netiquette. in many countries, including the United States, the Netherlands, and Germany, “a person like But the generation “born digital” also poses some challenges, me” is considered the most credible source of infor itself as well as for the rest of society: formation about a company, rating much higher than any official source of information including • Quite a paradox—They broadly expose information about the CEO. Across all countries, four out of five themselves on social networking sites, thereby giving in on respondents said that they “are much more li- privacy, but they react strongly if they dislike the way their kely to believe what you see, read, or hear about data is used—as in the Facebook Beacon case, in which more a company if someone you know has already than 50,000 users signed a petition in December 2007 com- mentioned it to you.” On the institutional side, plaining about a programme intended to integrate Facebook NGOs are rated as most trustworthy, compared with external partner websites for cross-referencing and to business, media, and government—in the UK, targeted advertising purposes. Germany, and France, NGOs lead the rankings by substantial margins. • Parents and schools (the “natural educators”) are over- The pace with which change is taking place burdened by the breadth of new phenomena and the speed of in the digital world is breathtaking for many of innovation. us. At the same time, there is a new generation “born digital” for whom the possibilities of • Traditional legal standards and values are more difficult to the digital world are as common and un-spec- apply to “ambiguous” digital activities and find less accep- tacular as those of radio were to most people tance, for example, around sharing of copyrighted content. 50 years ago: They are the early adopters of new technology and IT specialists compared to Overall, “born digitals” are not given enough guidance on most parents; they do not distinguish between appropriate behaviour in digital environments—which has on- and offline as much as many adults tend put pressure on business models for many years already, in to do, but rather live in real as well as virtual the case of sharing copyrighted content, and will continue communities with often significant overlap in to do so as the industry seeks to implement new advertising their age groups; and they have their own online business models. culture, language, and netiquette. However, the generation “born digital” also poses significant challenges because it lacks guidance around what constitutes appropriate behaviour—with

22 Booz & Company Exhibit 12: Broadband connectivity dilemma

Average Broadband Speed Average Revenue per Broadband Connection UK 2003–2007 in Mbit/s Indexed 2003/2006

Mbit/s CAGR −11% −13% −17% −20% −21% 5 100% 100% 100% 100% 100%

4 70% 65% 3 55% 50% 49% 2 2003 2006 1

0 2003 2004 2005 2006 2007 H1 Nether- Germany France United Ireland lands Kingdom Source: Ofcom, IDATE, Company Reports

respect to sharing personal data or to sharing of (paid Web TV and streaming video), and music copyrighted content. This not only is a burden downloads. for itself and therefore an educational task for society—it is also a tangible problem for digital 3. e-Commerce. Products and services ordered business models, for example, in the fields of di- over the Internet and delivered via traditional gital content or innovative advertising. Industry means (e.g., ordering books from Amazon or an is well advised to come to a collaborative view airline ticket from an airline’s website). on how to deal with the “born digital” generation and identify new ways of working together. 4. Access. Transportation of traffic to the Internet and access to digital TV offers, specifi- CONCLUSION cally the revenue received by network operators The identified growth drivers for digital life (Cable and DSL) for providing Internet access. are stimulating fundamental change across all elements of business and society. What is certain e-Commerce is the most established and largest is that digital life will continue to drive econo- revenue category. Online advertising and content mic growth and prosperity and become a more are relatively new revenue categories, growing at central part of everyday life. The digital infra- 32 percent and 22 percent, respectively, althou- structure is creating new ways of interacting, gh from a low base (Exhibit 13). communicating, and doing business that are still in the early stages of being exploited. To date, the digital economy has been driven to a large extent by technological advancement; 3. REVENUE AND GROWTH DRIVERS: the migration from narrowband to broadband CONTENT AND ADVERTISING, NOT networks created an explosion in Internet pene- ACCESS tration and usage. Broadband access has now The growth areas identified drive increased become a mass market phenomenon in many revenue for the European, Asian, and North digital economy The next wave of growth in American countries and is The total market for digital life will across four reve- the digital economy will be nearing saturation levels in grow by 18 percent per year, nue categories: fuelled by increasing usage certain countries, especially reaching a volume of €436 billion rather than by the number in Western Europe, with by 2012. 1. Advertising. of users. some countries in Southern All forms of and Eastern Europe lagging behind. Therefore, online advertising, including click-through reve- access revenues in these countries are expected nue(1), IPTV advertisements, and sponsorships to remain stable over time, with single-digit (e.g., an online TV show with a sponsor that an- growth. At the same time, transport infrastruc- (1) Click-through revenue refers to nounces “This show is brought to you by xyz”). ture is becoming increasingly commoditised, volume-based pay- which is the result of a highly competitive market ment to a search engine for a sponso- 2. Content. Digital content delivered online, with established technical solutions and limited red link to directed including video on demand, gaming, TV opportunity for differentiation. traffic to a website

Booz & Company 23 Exhibit 13: Digital life—revenue summary Europe a fundamental shift in value distribution across the value chain. Future growth will come from increasing revenues through stimulating spend Revenue Users (billion euros) (millions, line) per user, rather than increasing the number of 436 600 users. This growth is expected to be achieved through more innovative products and services 400 385 57 500 complemented by new business models genera- 45 19 333 ting incremental 18 35 revenue streams. Network operators, as the 300 283 15 400 26 These new enabler of digital life, need 236 11 services will apply to support greater levels 18 300 193 9 291 200 to both consu- of traffic at diminishing 12 258 6 224 mers and business return. 191 200 158 Users (millions) environments. For 128 100 Advertising example, Forrester estimates that Web 2.0-rela- 100 Content ted B2B sales will grow by 47 percent per year, 69 e-Commerce 47 51 55 59 64 resulting in almost $5 billion in growth world- Access 0 0 wide by 2013. 2008 2009 2010 2011 2012 2013 As a result, the next wave of growth in the Note: Europe including EU-27, Norway and Switzerland digital economy will be driven by services and Source: Forrester e-Commerce Forecast, Company Report Apple, Company Report Google, EU TV and Broadband Forecast Model, Booz & Company Analysis applications that can be realised only in step with broadband penetration per country. Consequently, in Slowing growth in subscriber numbers and mo- those countries Network operators need dest growth in access revenue combined with the with a significant to adopt new business increasing traffic demands of more bandwidth- digital divide, models, generating va- hungry applications (e.g., rollout of broad- lue through services and There will be a significant shift in video on demand, P2P) are band infrastruc- applications rather than value pools away from infrastruc- placing pressure on access ture continues to infrastructure rollout— ture: The share of access business for margins. The overall value be the key basis they also need to invest in digital life will drop significantly in share associated with access for growing the NGNs in order to capture the next 5 years—from 24 percent will drop from 24 percent digital economy. growth and be able to offer today to less than 16 percent in 2012. today to less than 16 per- In countries where value-added services. cent by 2012. broadband is As revenues are predicted to grow more rapidly more advanced on its maturity curve, network than Internet users (18-percent compound annual operators will need to continue to push next growth for revenues compared to 4-percent for generation network (NGN) conversion in order users) over the coming years, there is evidence of to prepare for the traffic flows expected from further increasing usage generally and broad introduction of high-quality TV and video Exhibit 14: Worldwide annual sales Enterprise 2.0 specifically. (millions U.S. dollars)

4,646 Widgets Podcasting 3,664 Mashups CAGR +47% Wikis 2,721 Blogs RSS 1,906

1,246 Social 762 Networking 455

2007 2008 2009 2010 2011 2012 2013

Source: Forrester

24 Booz & Company Exhibit 15: Transport perspective: Fixed-line telecoms landscape

Traffic Volume Evolution Audience Business/ Personal Advertising High margin, few 2007=100 mega-players and long tail 750 Contextual 700 650 IP High margin, few mega-players Services 600 and long tail (14–16 EBITDA) 550 500 Value shift 450 Low margin business, 400 Retail only viable at scale in distribution, growth by 350 Fixed Data monetisation through 300 Fixed Voice audience (6–8* EBITDA) Declining old media, new 250 media growth Infrastructure/ 200 Access/ Commodity 150 Devices (BB 5–7 EBITDA, 100 Cable 6–9 EBITDA) 50 0 Media 2007 2008 2009 2010 2011 2012 VoiceVoice and and Broadband Broadband Media Content, TV Content, TV

Note: Europe 27+2 (CH, NO), i.e. including lesser developed broadband markets; conservative estimate for developed markets Source: Ovum, Booz & Company Analysis

Booz & Company 25 III. DIGITAL CONFIDENCE: SECURING THE FUTURE GROWTH OF DIGITAL LIFE

1. THREATS TO DIGITAL LIFE shows that the majority of cases were related to The growth of digital life can be sustained e-Commerce activities and resulted in real and through the continued growth in online usage tangible financial losses of up to $4,000 per and spending. To achieve this, consumers and person (as shown in Exhibit 18 for the top Inter- enterprises need to have confidence in the envi- net scams). Twelve percent of Europeans avoid ronment in which they operate. Consumers will e-shopping specifically because of concerns over need to be educa- Internet security (Exhibit 16). In addition to ted as to what the With the success of digital fraudulent activities, businesses face the growing potential threats life have come concerns for threat of attack from malicious users. Data of the Internet are consumers and enterpri- suggests that in 2005 such attacks were costing and how to deal ses relating to the security the industry in excess of $1,000 billion per year with them—and and integrity of the digital worldwide in lost revenue and the cost incurred will need to feel environment. in idle time, cost to safe and indeed repair damage to One in eight consumers avoids e-shopping due be safe. One of the main challenges for industry systems, and any to concerns over Internet security. will be to provide a secure network environment associated loss of and optimal customer experience. reputation. These costs were growing extremely The proliferation of user-friendly technologies fast between 2000 and 2005 due to the rapid and ubiquitous connectivity have contributed to growth of digital life (Exhibit 19). Even today, the Internet’s position as the main platform of industry experts are not able to assess the full digital life. Cross-platform strategies and “webi- damage. fication” of other platforms will also bring other Web 2.0 is also a major disruptive force for platforms, like digital television and mobile the audiovisual content industry due to online platforms increasingly into the frame. piracy and a wide-spread perception among the With the growth of Web 2.0 economy there “born digital” generation that all content should is also cause for concern, related, first, to the be free. The media industry is grappling with behavioural patterns of consumers themselves, traditional legal standards finding less acceptan- for example the increased flow of personal ce in the context of “ambiguous” digital activity, information over the Internet through profi- for example, sharing of copyrighted content, ling activities over social networking sites. which puts pressure on media industries to find The general pressure on service and platform ways to effectively enforce legal protection in the providers to monetise Web 2.0 applications (particularly in the case of social networking sites) and next-generation network investments Exhibit 16: Percentage of consumers avoiding e-shopping due to increases commercial pressure on consumers, security concerns (Europe, 2007) for example, by new advertising-driven business models and other forms of targeted marketing 27% making use of users’ online profiles. But also 26% in the professional space, users’ online profiles, blogs, and photo albums can have consequences when future employers scan their candidates. 15% 14% 14% Other concerns relate to malicious network EU-27 security breaches threatening the protection of Average 9% 12% personal data online or threatening business 8% continuity and undermining growth in servi- 3% ces relying on secure network environments (Exhibit 17). These concerns are in many cases Spain Finland France Nether- Germany United Austria Ireland justified; for example, an analysis of the top 10 lands Kingdom Internet scams in the United States during 2007 Source: Eurostat

Booz & Company 27 Exhibit 17: Prompted awareness of various Internet issues Exhibit 18: Top 10 Internet scams (U.S., 2007) (UK survey, 2007) Average Loss Home PC Fake check scams 29% $3,311 affected by viruses 80% General merchandise (goods never $1,137 delivered or misrepresented) 23% Making transactions using Auctions (goods never 13% $1,371 other peoples bank details 79% delivered or misrepresented)

Nigerian money offers 11% $4,043 Children accessing adult 78% content via Internet Lotteries/lottery clubs 7% $998

Someone using another Advance fee loans 3% $1,311 persons ID online 77% Prizes/sweepstakes 3% $1,182

Upsetting comments about Phishing 3% $220 others via Internet 63%

Friendship and sweetheart swindles 1% $3,038 Broadband speeds 50% slower in some areas Internet access services 1% $897

0% 20% 40% 60% 80% 0% 10% 20% 30% 40%

Source: Ofcom Source: NCL’s Fraud Center Note for Auctions: “In the fall of 2003, online giant eBay removed the link from its Web site to fraud.org. As a result, the number of auction complaints reported to NCL’s fraud center has dropped to a fraction of its previous levels.”

Exhibit 19: The explosion in overt digital attacks (worldwide) The Internet has spawned an entire under- ground economy that provides a marketplace

No. of attacks Economic Damage for illegal digital activities. For example, it is (million) (billion $ U.S.) possible to purchase digital “products” such as 1,800 1,200 e-mail passwords and addresses as well as servi- Economic Damage 1,064 ces such as spam 1,600 No. of attacks 1,000 mail and “bots” To sustain the growth of 1,400 with custom func- digital life, consumers

1,200 800 tions capable of need to be educated about wreaking havoc on the threats and provided 1,000 targeted compa- knowledge and the tools to 600 800 507 nies. Businesses deal with them. recognise and are 600 400 starting to respond to such threats. Microsoft 400 240 employs about 65 investigators and lawyers wor- 200 119 king full-time on tracking cybercrime (January 200 27 37 2 1 0 1 2 5 21 2008). 0 0 Altogether, the risk now visible in the digital 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 projected world is causing concern for consumers and Source: NCL’s Fraud Center, Congressional Research Service, mi2g, Craig Fosnock, Eurobarometer e-Communications Household Survey 2007, Symantec, McAfee, business alike, which is threatening the conti- Booz & Company Analysis nued growth of the Internet and the digital life Overt attacks are those that become public knowledge including: that has been described. • Data attacks where confidentiality, authenticity or integrity of data is violated, or • Control attacks where network control or admin systems are compromised 2. DIGITAL CONFIDENCE: CONCEPT AND OVERVIEW The level of confidence that both traditional and online environment and to educate the “born di- “born digital” consumers place in industry in gital” generation. Being “born digital” is not an terms of providing secure services and network excuse for illegal behaviour, but it can explain environments and good business conduct, it, as such users have become accustomed to the as well as in the ability of governments and “for-free” Internet model and expect to be able regulatory authorities to protect consumers, is to download digital content without the need for rapidly becoming a major factor affecting the subscriptions or payments. potential growth of the new digital economy.

28 Booz & Company Digital Confidence is therefore becoming a key • Network Integrity and Quality of Service. growth enabler—or an inhibitor—for the digital economy, as a measure of how much consumers • Privacy and Data Protection. and suppliers of digital services have confidence in digital applications in the broadest sense, that • Minors’ Protection. is, feel comfortable in engaging digitally. Industry has become increasingly aware of • Piracy and Theft Avoidance. how important it is to be proactive on Digital Confidence and Industry needs to take steps proactively on the Digital Confidence is a have, to some basis of a holistic view of all these issues, which, key growth enabler—or an extent, started to in this report, has been captured in the concept inhibitor—for the digital do so. However, of Digital Confidence. Fostering Digital Confi- economy and a measure of it is a complex dence transcends corporate responsibility and how much consumers and topic, involving compliance—it is fast becoming a commercial suppliers trust digital life. many players prerequisite and a license to operate. As certain often with diver- case studies will show, compliance alone does ging positions and interests, and with activities not buy consumer acceptance. being undertaken in a fragmented, piecemeal manner triggered by well-reported confidence The four pillars that support the concept of breaches. Digital Confidence (Exhibit 21) cover the major threats, issues, and attacks relevant today and For industry going forward, it is important to experienced as such by consumers. The frame- focus on the key factors on the basis of which work structures and identifies risks that need consumers will judge businesses’ performance to be addressed and the objectives for Digital in providing new digital and online services and Confidence for each pillar: platforms. These key factors are derived from an analysis of the focal points in current Web 2.0 • Network Integrity and Quality of Service. policy and lawmaking processes, parliamentary How to maintain network integrity when faced debates, international (trade) agreements, blog- with malicious IT attacks? How to put in place ging activity, and media attention. These factors network management practices that optimise the relate to four areas: customer experience? Ensure a fair distribution

Exhibit 20: The four pillars of Digital Confidence

Network Consumer Business

Identity theft Children being Viruses and exposed to undesired Illegal sharing of malware content copyrighted content

Phishing Digital theft of copyrighted content/IP Quality of service impediment Loss of personal data Bullying

Spoofing Grooming/ Non-delivery of goods/ solicitation non payment in Denial of service e-Commerce transactions Password attacks attack Child sexual abuse sites Personal data breaches

1 2 3 4 Network Integrity Piracy and Theft Avoidance and Quality of Service Privacy and Data Protection Protection of Minors

Booz & Company 29 Exhibit 21: Digital Confidence framework Across these four pillars, a diverse set of stakeholders either influence or are affected by the level of Digital Confidence. This report aims to highlight certain case Social networking studies on Digital Confidence best practices Entertainment and distil what

Transactions is required to Social networks facilitate accelerate proac- cyberbullying—a 70-per- Information/ education Digital Confidence tive, industry-led cent increase of bullying initiatives being of minors occurred using deployed. It aims social networks.* Stakeholders` Perceptions to contribute to the thinking on appropriate and proportionate Network “levels of intervention” and forms of coope- Privacy and Piracy Integrity and Protection Data and Theft ration by industry and governments; fostering Quality of of Minors Protection Avoidance Service (QoS) Digital Confidence in alignment with fundamental Internet freedoms as well as business requirements.

3. NETWORK INTEGRITY AND QUALITY OF SERVICE of network bandwidth in peak times, dealing Network Integrity and Quality of Service focu- with traffic growth, and protect against malware. ses on protecting the enabling technology platforms for digital life. It has two main objectives: • Privacy and Data Protection. How to handle and protect consumer data and privacy online? 1. Ensure the network platform and computing Prevent identity theft, incidental loss of private environment for consumers and businesses is data, and commercial data exploitation. secure and protec- * Source: Pew Internet & American Life Project ted from external Spam makes consumers • Minors’ Protection. How to ensure child attack—counteract less trusting in e-mail, (2) In a Denial-of- Service (DoS) Attack, safety online? Protect them from undesired the disruption to and 18 percent see it as many machines send content, bullying, and grooming and fight child consumers and a big problem. traffic to a single target machine, essen- sexual abuse content. businesses from tially overloading the malicious digital attacks, for example, viruses, target with data and using up all resources. • Piracy and Theft Avoidance. How to ma- malware such as spyware, and trojans that As a conse-quence, nage copyright infringements? Counter theft of gather or destroy information, and flooding or the target system (2) crashes or at least copyrighted content and protect e-Commerce spamming of websites causing denial of service. becomes un-usable transactions. 2. Ensure end users are delivered a consistent quality of service—ensure that the network is able to manage the increasing traffic volumes in a manner that ensures end-user service quality Exhibit 22: Resulting problems from spam and viruses (UK, 2007) despite peaks in traffic load that strain network resources.

Significant decrease 42% VIRUSES AND MALWARE in performance Viruses and malware are malicious attacks on Computer breakdown 27% end-user devices and local area networks resul- Receipt of ting in various problems (Exhibit 22). The level 23% offensive e-mails of awareness regarding problems with spam Alteration/loss 14% and viruses varies significantly with the level of of data stored Internet usage. Those countries with high levels Missing e-mails 8% of Internet usage have a greater appreciation and Reduction in 8% understanding of the risks of such attacks as well e-mail usage as levels of security employed. For instance, the 0% 10% 20% 30% 40% 50% Nordics and Benelux have a high awareness of Source: Euro barometer e-Communications Household Survey 2007 malicious digital attack: Over 35 percent believe

30 Booz & Company Exhibit 23: Botnets—Bot Herder and his zombies Exhibit 24: Use of botnets for attacks

Bot Herder– Human controlling the botnet

Zombie–infected PC communicates with CommandCommand & Control & Control C&C Server to get (C&C) Server (C&C) Server new instructions Distributed denial-of- 71% service attack

Internet Sending spam 64%

ID theft, User–does not Phishing, notice infection Personal Data 40% Collection

Click fraud <10%

0% 20% 40% 60% 80%

Source: WatchGuard Source: Arbor

they have experienced problems with spam and attacker can then perform almost any task he viruses. Conversely, there is relatively low awa- wants on the zombie computer. reness of such risks in Southern Europe—less Botnets are used for several purposes from than 15 percent spamming and denial-of-service (DoS) attacks to believe they have So-called “botnets” are phishing and click fraud (click fraud is an attack experienced responsible for 80 percent against advertisement providers; the bot pre- problems. In the of worldwide spam. tends to click on the ads several thousand times United States, 55 per hour) and identity theft (see Exhibit 24). percent of Internet users say spam has made The combined bandwidth of several thousand them less trusting in e-mail, and 18 percent see PCs, most with broadband connections, can spam as a “big problem.” cause very significant DoS attacks and are res- The most common consequence of spam, ponsible for an estimated 80 percent of world- viruses, and spyware is usually damage to hard- wide spam. ware. The Consumers Union found that over a 6-month period spyware infections prompted A botnet describes all zombies under control by nearly 1 million U.S. households to replace their a single bot herder. Famous botnets include: computers. As the level of consumer awareness with • Kraken. Almost 500,000 zombies, including respect to this particular risk increases, it is ap- infected PCs in 50 Fortune 500 companies, parent that consumers are more willing to take almost undetectable by anti-virus software. some responsibility for the prevention of viruses and spam affecting their hardware. Indeed, the • Srizbi. More than 300,000 zombies. global software security business is now worth $9.1 billion annually and growing at around 12 • Storm. Around 150,000 to 200,000 zombies. percent each year. • Bobax. Potentially a predecessor of Kraken (3) Bots are a piece of software running BOTS, ZOMBIES, AND BOTNETS or a separate botnet. on a local system and A bot is software used to automate specific tasks receiving tasks from (3) a remote control ser- in a semi-intelligent way. Bots can be used Not just consumers and business can be victims ver. The bot executes in a harmful way by an attacker (bot herder) of bot-nets. Even countries may become targets, the task as autono- mously as possible to remotely control other computers known as as the DoS attack through botnets against Esto- and then waits for zombie computers, as shown in Exhibit 23. The nia in 2007 shows. Targets of the DoS attacks new commands.

Booz & Company 31 Exhibit 25: IP traffic growth global traffic resulting from applications such as video (2005–2011 in ExaBytes per month) on demand, HDTV, file sharing, user-generated video, rich content, P2P, and online gaming, which are expected to drive the next wave of Mobility CAGR growth in digital life. QoS in this report only Cable/IPTV VoD 28.5 relates to IP service—cable operators ensure QoS Consumer Internet traffic 134% in video services based on DVB-C by using a de- Business Internet traffic dicated spectrum, which does not impact Internet 33% 91% 20.6 broadband speeds. +46% This is different in Heavy users place a strain an IP environment on quality of service for all 32% 14.8 where (multiple) users.

30% IPTV streams put 10.4 43% 41% a strain on broadband capacity. 26% 43% 6.6 The second point of concern is related to the 44% 4.2 46% “heavy user.” Broadband networks—in common 3.0 49% 51% 20% 29% with all networks—are engineered to meet the 23% 21% 37% 31% 26% expected peak-load requirements experienced 2005 2006 2007 2008 2009 2010 2011 during the busiest period of network use. Heavy Source: Cisco users cause peak traffic volume to exceed the engineered maximum load. Without active network management, end users would experience included the Estonian presidency parliament, al- degradation in the quality of the service they most all of the country’s government ministries, receive although the level of degradation may political parties, three of the country’s six big vary depending on the application (e.g., Web news organisations, two of the biggest banks, banking versus mp3 downloads). In broadband and firms specialising in communications. networks, where capacity is a shared resource, this effect would reduce connection speed or, in extreme cases, interrupt service. Minors Education and Network Integrity To counteract the effects of traffic levels exceeding the capacity of the network, ope- France, May 2008: Authorities arrest 22 people suspected of rators may add additional capacity (building being hackers in an international hacker ring. Disturbing fact new infrastructure and upgrading existing one) after the arrests: Sixteen out of the 22 suspects are under 18 incurring capital expenditure and fixed cost, or years old. applying active traffic management techniques to save bandwidth for particular types of traffic Security experts from Sophos applaud the authorities for the suc- for all users. cess, but they ask: “What is going wrong with our education of From a pure capacity standpoint, adding the young people to make them think that computer hacking might additional capacity seems a straightforward op- be an acceptable way to behave? “More has to be done to teach tion, but this also has a significant economic im- children in school how to use their computer skills responsibly.” pact. Due to the fast growth in traffic, network providers would have to add more and more capacity, meaning the upgrade costs of networks QUALITY OF SERVICE are also increasing. Based on the network provi- To the extent that quality of service issues reside der business model, these costs have to be borne in the network (quality of service depends on by the consumers using the network—leading to the end-to-end path across the Internet, not just increases in end user prices. Furthermore, incre- the access network), they result from two main asing capacity alone will not solve the challenge drivers: The growing volume of Internet traffic of network congestion or service degradation generally and the peaks in traffic due to heavy at peak usage times. Depending on the type of users using bandwidth hungry applications Internet application, network dimensioning, or simultaneously. speed of the source equipment, peak traffic may The volume of Internet traffic has been always use the maximum bandwidth available, growing particularly fast in recent years—and independently of all capacity upgrades a net- this growth is also expected to continue in the work provider can perform. future (Exhibit 25). Therefore, measures are To mitigate congestion incurred by heavy use required to address the anticipated increase in of bandwidth-hungry applications, network

32 Booz & Company operators deploy active traffic management Exhibit 26: Traffic-shaping applicability— techniques. Apart from technical traffic ma- distribution of global IP traffic 2008 nagement solutions, usage-based pricing models are considered. Pricing-based models encourage Consumer other (e.g. gaming, VoIP) users to avoid busy hours for their Internet use. Cable/IPTV Technical active traffic management is often VoD 14% Around half of the IP 26% referred to as bandwidth management or traf- traffic is real-time Mobility fic shaping. These technical measures detect relevant and cannot 2% be shaped lower-priority, non-real-time traffic and give it a lower priority on the network. As a result of bandwidth management, non–real-time data 26% Business (e.g. downloads, for example, downloading music Only around 23% of the leased lines, from iTunes, would take a little longer—howe- total IP traffic is highly VoIP) relevant for shaping 23% ver, time-sensitive applications, for example, P2P file 9% streaming music or VoIP telephony, would not transfer be affected. Web, e-mail Traffic management can nevertheless be only part of the solution for ensuring optimal traffic Highly relevant Shaping limited Real-time traffic flow over broadband networks. Shaping-based for shaping no shaping traffic management without significant end- Source: Cisco, Booz & Company Analysis user impact can be applied only to non–real- time traffic, which constitutes around only one quarter to one half of actual IP traffic, as seen in content, they would indicate on their sites which Exhibit 26. ISPs their content works best on—and which to Industry has for some time recognised that avoid. a small proportion of the users account for a Ofcom estimated that supporting the additio- disproportionate share of traffic carried over the nal 3GB/month of traffic generated per user by network. For many network providers, approxi- the iPlayer would cost UK network providers up mately 80 percent of bandwidth is consumed to £831m over 5 years to upgrade the capacity by less than 10 percent of users. Not only does of their networks. For the ISPs, the question is this represent a disparity in fair usage, it further who will ultimately exacerbates the bandwidth issue during busy have to pay for the Less than 10 percent of users account for over periods. This heavy usage is often associated extra capacity nee- 80 percent of network traffic. with peer-to-peer and video applications, and ded—the platform network operators are therefore most concerned provider or the consumer? Responding to these by the congestion due to these two very popular concerns, Ofcom has, in April 2008, stated its applications. An example of a sudden increase position, saying that “investment burden [is] to of bandwidth due to streaming video was the be shouldered by network operators and consu- introduction of the BBC iPlayer. mers, with prices likely to rise for faster con- The situation in the UK with respect to the nections” (Ofcom chief executive Ed Richards). BBC iPlayer platform is typical of the dilemma Ofcom argues for “content-led tariff models” the industry faces. The iPlayer is used to distri- where ISPs and content providers jointly esta- bute and view radio and video content over the blish services guaranteed to run smoothly over Internet. More than 42 million programmes the network, albeit at appropriate consumer were streamed or downloaded within the first 3 price levels. months of service following the official launch Managing network traffic and capacity in December 2007. It has been causing hot clearly has benefits for the majority of end debate in the UK among the platform operator, users, ensuring that they continue to receive the the BBC, several Internet access providers, and quality of service they expect. However, as traffic regulators as a result of the unprecedented level continues to increase, driven by bandwidth- of use and traffic generated by the platform. hungry applications Many ISPs concerned with bandwidth requi- such as video on Managing peak-load traffic is an effective rements have requested the BBC to partially demand, additional way to secure the quality of service for the fund required network upgrades. The BBC has investments will vast majority of the users. rejected such claims as “inflammatory,” war- need to be sup- ning ISPs that if content providers found certain ported through higher prices, more tiered access operators “squeezing, shaping, or capping” their products, or clearly differentiated approaches to

Booz & Company 33 managing traffic in busy periods. In essence, traf- BBC iPlayer Case Study fic management techniques attempt to balance the trade-offs between quality of service and According to data provided by UK ISP Plusnet in February capital expenditure due to network build out 2008, traffic spiked significantly since the launch of iPlayer: against rising end user prices to cover the cost. Migration of current broadband networks to • The per-user streaming of video went from 180MB in Next-Generation Networks with significantly December to 292MB in January, a 62-percent increase. higher capacities will partly address increased bandwidth demands associated with time- • Streams outnumber downloads eight to one. sensitive dependent services and applications. However, traffic management for non–real-time • The cost of streaming traffic tripled in the same time frame. services will remain significant.

The above may point to a trend whereby users, when faced with the choice between a high-quality streaming option or downloading, will prefer to stream content rather than waiting for a full download. There would probably be a difference in the way music and video is used, as consumers may prefer to own the music via a download, whilst they are happy to consume video in a streaming fashion.

Should this indeed be a trend, then traffic management will be ever-less-effective because it cannot be applied to time-sensitive streams. The onus will therefore once more be on capacity build.

ACTIVE TRAFFIC MANAGEMENT OVERVIEW

Various technical mechanisms exist for network Alternatively, a more sophisticated approach operators to actively manage traffic on their to identifying traffic for shaping is deep packet network and optimise the available bandwidth. inspection (DPI). Every IP packet is profiled, so All essentially involve saving the bandwidth that the underlying protocol can be read and a consumed by specific traffic flows during peak signature produced. This signature can be com- traffic periods and by heavy usage. The methods pared with a list of known signatures in order are based on two components: (i) identifying the to classify the packet, for example, as a video on traffic to be shaped and (ii) reducing priority for demand. Based on this identification, specific this traffic and hence reducing the bandwidth protocols or even services can be selected or used by the selected traffic. deselected (in the case of real-time applications) for shaping. A crucial aspect of DPI is the need TRAFFIC IDENTIFICATION AND to maintain and frequently update the signature SELECTION databases in response to the rapidly evolving Identifying traffic suitable for shaping can be Internet architecture. achieved in many different ways, as seen in The biggest disadvantage of DPI is cost: Be- Exhibit 28. A simple way is based only on the cause every single packet needs to be inspected, source or target IP addresses and ports (e.g., to a lot of equipment is required. Systems usually enforce fair use bandwidth limits). Identifying use a hybrid approach, where traffic is pre- traffic on the basis of IP addresses and ports filtered based on IP address and port, and DPI is is not well targeted since it selects very large applied only to selected packets. chunks of traffic that can affect multiple appli- In summary, the selection of traffic can be cations (i.e., if a port is used by several systems). user-specific (based on IP addresses), protocol-

34 Booz & Company Exhibit 27: Traffic management overview

Traffic Distribution Without Active Management Traffic Distribution With Active Management

Bandwidth used 140% 140% Network congestion for all Active traffic management traffic if maximum available ‘time-shifts’ traffic out of 120% bandwidth reached 120% peak busy hours

100% 100% Some non-real time 80% 80% traffic in peak busy hours is delayed 60% 60%

40% 40%

20% 20%

0% 0% 012 4 6 8 012 1614 18 20 22 24 012 4 6 8 012 1614 18 20 22 24 Time

Peak Busy Peak Busy Hour Hour

With active traffic management Without traffic management

Source: Booz & Company Exhibit 28: Traffic shaping toolbox—traffic selection

Usage Usage agnostic Usage specific

specific (based on port selection or DPI, for • Bandwidth limitation based example, mail protocol), and/or service-specific Protocol/ on heavy usage & fair use service • Impossible for user to (where a service is a certain server or applica- agnostic circumvent tion, for example, YouTube or BitTorrent). • Specific protocols (e.g., P2P) • Specific protocols (e.g., P2P) TRAFFIC PRIORITISATION are generally shaped are dynamically shaped in heavy usage Protocol Several methods exist to increase or reduce • Time-sensitive applications specific the priority and hence bandwidth absorbed by not affected

specific traffic flows. Some of these methods Protocol/service can be used in every IP network whereas others • Specific services (e.g., VOD) • Specific services (e.g., VoIP) are generally shaped are shaped in heavy usage are specifically designed for certain networks. Service specific • Other services not influenced For example, packet cable multimedia (PCMM) is a QoS solution specifically created for cable networks.

All techniques rely on slowing down the se- Additional rules e.g., based on time consumption, lected traffic and therefore reduce the data flow can be applied in each selection on the network. From an end-user point of view, Difficult/Expensive implementation applying traffic management on non–real-time Simple/Cheap traffic will only slow down long-running down- implementation Note: Protocol describes a general type of internet traffic. Not fully net neutral Service describes traffic by a specific application/site loads without impacting e-mail or browsing. Source: Booz & Company

Booz & Company 35 4. PRIVACY AND DATA PROTECTION DATA PUBLICATION Privacy and Data Protection addresses the secu- There is a proliferation of social networking rity concerns of individuals with respect to their websites on the Internet, from those for general- digital data. It has four main objectives: interest groups (e.g., Facebook) to those focusing more on professional networks (e.g., LinkedIn). 1. Protect consumers’ private data from being These websites request, store, and publish incre- published—inadvertently or deliberately by asing amounts of information about users, inclu- themselves (e.g., on social networking websites) ding residence, age, interests, and photographs. or by operators’ databases being hacked or via Most websites offer the facility to limit the users careless and unsafe data transfers. that can view detailed profile information— however, almost half of the users make profiles 2. Prevent consumers’ private data from being available to everyone. Also, many other websites used commercially, such as in support of new require users to register to use them (e.g., Web advertising-driven business mail providers) or to access all features and con- The average person has 36GB of data models, without the indi- tent (e.g., many forum systems)—these sites also stored by institutions—equivalent to viduals being made aware, collect user and behaviour data. 80 hours of video or 1 million pages for example, enterprises of text.* using information relating to marital status and family situation in support of Missouri, United States, May 2008: Cyber targeted, personal online advertising. Bullying May Become Illegal After Suicide

3. Protect consumers’ private data from being After the suicide of a 13-year-old girl being accessed illegally—by means such as spoofing cyber-bullied by neighbours, legislation and phishing, for example. is being proposed to make cyber bullying illegal. Harassment and intimidation would 4. Prevent identity theft and fraud—where be punished by up to 2 years in prison. criminals obtain money or other benefits by re- plicating and using someone else’s private digital Reactions focus on the difficulty in deciding data. what constitutes “harassment” as compared with “normal” interaction or joking bet- Privacy and Data Protection is essentially centred ween friends. Furthermore, the methods of on two methods: First, inadvertent or deliberate enforcing the law are seen as critical. publication and, second, data obtained illegally through methods such as phishing. Making such information publicly available has implications for personal safety, security, and Second Life—The Danger of Ending Up in personal reputation—for example, the threat the Wrong Place of identity theft or when businesses are using personal infor- In 2008, a mother in Germany reported mation on social Internet users are becoming that her 13-year-old daughter started to websites for chec- more aware of their digital engage in Second Life—a virtual platform king the validity footprint—47 percent search that allows users to take a “virtual identity” of information in for information about them- and “life” in a virtual world. job applications selves online. But 60 percent as well identify- are not worried about how The daughter asked her mother for money ing suitable job much information can be to buy Linden dollars, the currency used in candidates based found online.** Second Life. The mother refused to finance on searches of these activities. professional communities. Furthermore, information once spread into the digital world on the Months later, she found out that her daugh- Internet cannot be retracted, since it is so easy ter acted first as a virtual stripper, then as to copy, distribute, and save data. a virtual prostitute in a sexually explicit Beyond consumers themselves, businesses “club” in Second Life in order to earn Lin- are also a source of data privacy risk. Informa- den dollars. tion stored digitally is by its very nature more *Source: IDC convenient to manage, handle, and share for or- **Source: Pew Internet & American Life Project ganisations. At the same time, it is more at risk

36 Booz & Company of being inadvertently made publicly available, as a recent case in the UK illustrates. The UK’s Phishing—Explanation and Main Techniques Used Revenue and Customs government department had to apologise to customers of investment Phishing is mainly initiated via faked e-mails. Prevention with bank UBS Laing and Cruickshank after losing spam filters in mail clients is often quite effective but not always sensitive account information. The department perfect. lost a computer disk, sent by the bank, that contained address Former phishing e-mails were poorly implemented, with uncon- The U.S. CIA uses Facebook and account vincing design and wording (spelling mistakes), but have now to recruit new employees.*** details of UBS’s improved dramatically—even experienced users have difficulties Personal Equity seeing the difference. Plan investors. This event was attributed to the error of an individual—however, it shows how Phishing is based on two main techniques: real and significant the risk is. Businesses are also leveraging the detailed • Link Manipulation. For example, “g00gle.com.” customer information they have in support of legitimate business transactions, for example, • Website Forgery. Phishing sites look like the original site, so-called “super servers” such as Meredith, a sometimes including the address (using some flaws in browser U.S. media company, that sells excerpts from security). its databases holding information on 85 million U.S. citizens, including details on 6 of 10 women and 8 of 10 households. Meredith has should be considered personal data or not is incorporated digital advertising agencies into its vividly disputed). Another key point is determi- operation to monetise the value of the informa- ning how consent should be granted to allow tion it holds through targeted advertising. data to be shared. Two alternative models are often discussed—“opt-in” versus “opt-out”—the PHISHING former requiring consumers to Phishing is the most common method for illicitly actively consent to their data Over 30,000 new phishing sites are obtaining individuals’ private data. It involves being shared. The alternative being identified each month—each masquerading as a “opt-out” model is less popu- successful attack costs the consu- trustworthy entity Phishing attacks are the lar with consumers as they are mer $220 on average. to obtain sensitive most common method for allowing data to be shared by information such obtaining private data— default unless they remove this consent, and it is as use names, and 65 percent of them are not always clear that they need to or indeed how passwords, and targeted at major e-Com- they can choose to opt out. Increased transpa- credit card details. merce sites. rency about the intended use of personal data The targets of will alleviate many concerns relating to the opt- phishing attacks are end users, with the majority in versus opt-out discussion. (over 65 percent) of phishing attacks assuming With illegal forms of data-gathering, such as the appearance of e-Commerce sites such as phishing, it is more clear-cut in determining that *** Source: Wired, 2007 eBay and Paypal. Phishing has become a major source of concern for the industry, with each successful attack Exhibit 29: Average number of new phishing sites resulting in a $220 loss per individual consumer (worldwide, per month) on average. The problem is becoming more widespread—with 30,000 new phishing sites being identified each month during 2007. Tackling privacy and data protection concerns is increasingly difficult because of the di- CAGR 30,305 +171% verse range of organisations that hold individuals’ information in digital form—from business 17,824 (retail, banks) to government organisations and social networking sites. Furthermore, the definition of what consti- 4,140 tutes private data is a dynamic issue that needs rethinking in view of technological progress (for 2005 2006 2007 example, the question whether an IP address Source: Phishtank, APWG, NLC Fraud Center

Booz & Company 37 Exhibit 30: Online solicitation (U.S., 2006) Privacy and Piracy % of Internet users 10–17 yrs old 19% United States, May 2008: Walter Reed Army Hospital has ex- 20% posed the personal information of more than 1,000 patients in a security breach. The data was contained in a single file, which 15% was unintentionally shared on a peer-to-peer (P2P) system. 10%

Several other data breaches have already happened due to file 5% sharing on P2P systems, for example, at ABN Amro and Pfizer. 5% 3% Although policies in most companies and organisations forbid 0% the use of P2P systems, some users are not aware of the danger Any Incident Distressing Aggressive of doing so. Incident Incident(1) (1) Note: Aggressive used to describe solicitations including an attempt to contact the child in addition to online–by telephone/post Source: Crimes Against Children Research Centre

a crime has been committed. However, the inter- Exhibit 31: Unwanted exposure to adult material national nature of this crime makes it difficult (U.S., 2006) to police and prosecute. Most phishing attacks % of Internet users are launched from criminals not located in the 10–17 yrs old same country as the victims, and the equipment 30% 25% being used for the attack is often located in a 25%

third country without sophisticated cyber-laws. 20% This makes it nearly impossible for police to 15% enforce local laws. 10% 6% 5. MINORS’ PROTECTION 5% Minors’ protection seeks to defend the well- 0% Any Incident Distressing being of minors in the online world. It has four Incident main objectives: Source: Crimes Against Children Research Centre

1. Protect children from being exposed to undesired content—this ranges from sexually explicit users from being exposed to child sexual abuse to violent to seductive content that parents and content accidentally. society may want to protect children from accessing and viewing (e.g., pornography). Addressing Digital Confidence with respect to minors’ protection is crucial as it is arguably the 2. Prevent bullying—defined as deliberately most emotive area of Digital Confidence. It is hostile behaviour targeted towards a minor by also a very real threat with almost 20 percent peers or groups of peers in the digital environ- of youths being subject to online solicitation ment (e.g., happy slapping, posting of demea- and 25 percent having been exposed to indecent ning personal photographs). material (Exhibits 30 and 31). With respect to child sexual abuse content, The Sydney Morning 3. Prevent grooming and solicitation—where Herald in June adults use digital environments (e.g., chat 2008 reported Minors’ Protection is a real rooms, social networking sites) to seek out devastating num- issue, with 20 percent of children and build up trusted virtual relation- bers in conjunc- youths in the UK having ships to then seek personal contact with malici- tion with a major been subject to online ous intent. wave of arrests of solicitation and 25 percent child sexual abuse having been exposed to 4. Counter child sexual abuse content—which content users: 99 indecent material. involves the sexual abuse of children in the pro- pictures that a duction of pornographic material (i.e., pictures, hacker had inserted in “a respectable European videos). Three main action areas are involved: website” received “an incredible 12 million hits (1) prosecute child sexual abuse content users, in just 76 hours after word got around online (2) prosecute child sexual abuse content sup- paedophile networks that the images were avai- pliers and remove material, (3) prevent Internet lable and the website’s address was circulated.”

38 Booz & Company However, there is a range of challenges that the Exhibit 32: Content of profiles for young users of social networks industry faces. Many parents are distant from (UK, 2007) digital life and lack awareness of the breadth of City of residence 81% undesired content and the level of sophistication of other online malpractices like grooming and City and school visited 28% bullying. As a result, they are not taking the Full name 9% necessary steps to monitor and protect their children in their online activities. This is parti- Photograph of themselves 57% cularly relevant in the context of social net- Admitted to drink alcohol 18% working sites used by predatory adults. Herein lies a further issue in tackling this Admitted to smoke 8% threat: Many of the risks are closely coupled Admitted to use marijuana 2% with the rich Thirty-two percent of U.S. functionalities of 0% 20% 40% 60% 80% 100% teenagers experience pri- social networking Source: Ofcom vate data being forwarded sites, the anony- without their consent.* mity of digital environments, and Exhibit 33: Visibility of profiles in social networks (UK, 2007) the ability to create a false identity. In essence, many of the enablers that are enriching digital life also create the opportunity for undesirable Profile can only be seen by friends(1) 48% activities and by nature threaten the sustainabi- lity of digital life. Profile can be 44% In addressing this area of concern, it needs to seen by anyone be first defined and identified. Everyone would agree that child sexual abuse content is unac- Profile can’t be seen 6% ceptable and is an activity that all stakeholders should try to prevent. Beyond this area however, Don’t know 3% there will still be much debate and divergent opinions around what constitutes acceptable 0% 10% 20% 30% 40% 50% content for minors and what forms of content (1) Friend in the social network context is anyone being added can be criminalised set against concerns over in a ‘friend list’, i.e. it is not necessarily a real friend or the person supposed to be freedom of expression and civil liberties. Source: Ofcom

6. PIRACY AND THEFT AVOIDANCE Piracy and Theft Avoidance seeks to provide a against consumer failure to pay or failure to secure digital business environment for digital provide agreed goods or services. Transactional life. It has two main objectives: e-Commerce providers need certainty that customers File sharing is a real concern to con- 1. Counter illegal sharing of copyrighted and businesses adhere to tent copyright owners—in Germany, content—that is, sharing copyrighted content il- the usual standards of the peer-to-peer traffic accounts for 50 legally through applications such as peer-to-peer offline world when under- percent of overall network traffic.* networks. taking transactions online. For users, their main concern is that they are not 2. Protect e-Commerce transactions—that is, exposed to risks of being criminalised for using ensure individuals adhere to the usual standards legitimate protocols and applications available of service when undertaking online transactions, over their broadband Internet connection, for for example, failure to pay or failure to provide example, when using a P2P-based content distri- agreed goods or services. bution system.

For business and content providers, having PIRACY: PEER-TO-PEER FILE SHARING access to safe distribution environments is a With the increase in bandwidth available to precondition for stimulating production and consumers and the digitalisation of content, availability of digital and online content, which sharing this content has become incredibly easy. will also accelerate the transition to successful Starting with Napster, today dozens of file new, online, paid-for business models. Transac- sharing systems are available, most of them *Source: Pew Internet & tional e-Commerce services also need protection using P2P technology to distribute the content. American Life Project

Booz & Company 39 products with up to 100 Mbit/s, P2P traffic Piracy and Network Integrity (legal and illicit) is expected to stay one of the most important drivers of Internet traffic. In early 2007, a remarkable and damaging virus was being distri- A variety of mitigation measures have been buted on the Winny network in Japan, the most popular P2P ap- implemented to allow digital rights to be plication in that country. The Trojan, which taunted file-sharers protected effectively by content owners, with and threatened to report them to the police and even kill them, varying degrees of success and controversy. For deleted a wide variety of file types and replaced them with popu- example, DRM usage has drawn criticism from lar comic book character images warning them not to use P2P. politicians and consumer associations on grounds of non-transparent user rights. This has It isn’t illegal to write viruses in Japan, so the author of the led to pressure on network providers and ISPs to Trojan horse, a Japanese student, was arrested for breaching engage more proactively in mitigating copyright copyright because in his malware he used cartoon graphics infringement. Network providers and ISPs are without permission. not held liable to monitor the nature of their customers’ Internet use or the traffic over their networks due to the long-held legal principle of their business being classified as “mere conduit.” P2P traffic today is between 30 percent and Still, we observe that network providers and more than 60 percent of total traffic (depending ISPs are increasingly active in deploying self- on region). When file sharing began, it was regulatory codes and awareness campaigns to generally music files being shared; but as raise awareness and create a value perception of broadband networks evolved, sharing videos the concept of intellectual property among the became more viable, and today almost 80 “born digital” generation who predominantly percent of shared content is video (Exhibit 34). believe that all online content should be free. Because commercial offers of P2P content Awareness campaigns and codes are also among distribution were slower to emerge than antici- the mitigation measures discussed in the context pated, it is widely assumed that most shared of national (co-)regulatory initiatives. content at present is in fact copyright-protected Potential measures contemplated in such and is therefore being shared illicitly. cases include: Monitoring through inspecting Due to the exponential growth of IP traffic, traffic (DPI) and/or filtering content; notice and mainly driven by P2P solutions, piracy is the takedown upon notification by competent most prominent issue determining the success of authorities (applicable to network providers that new business models and the level of develop- host content); restriction or blocking of access to ment of online and digital legal content offers certain sites or certain protocols; obligatory going forward. With emerging broadband disclosure of user personal data like IP addresses for prosecution purposes; dispatching of letters to Internet account holders when their accounts Exhibit 34: P2P Germany, 2007 content distribution have been identified as having been used to unlawfully share copyrighted material; direction Video Audio Software Other of consumers to other sources of legally available material; and even temporary bans of 1% 79% 9% 11% persistent illegal downloaders from accessing the

Music Internet—the so-called “three strikes” rule or Video “graduated response.” Anime Music 1% e-Book All of these measures entail important 7% 8% 1% Game questions as to how to arrive at best practices, Porn 6% 13% Application balancing anti-piracy objectives with existing 5% legal liability regimes established for “mere 1% Other conduit” providers; with fundamental user rights in relation to personal data and online behaviour; and with the general notions of a free Internet, freedom of information, and digital TV 21% inclusion. The political tide in Europe appears 37% to favour protecting the user, provided that he/ she does not intend to make profits from his/her Movie action. Disconnecting downloaders from the Source: ipoque Internet is seen as a disproportionate measure

40 Booz & Company BitTorrent—P2P Direct Download Links (DDL)—An Alternative to P2P File Sharing BitTorrent is a widely used, real P2P protocol for content distribution. BitTorrent • Direct download links work like normal Web servers, that is, works without a central server for files; they do not transfer files between peers. only a tracker server is needed as a central coordination point—essentially it has • Users can create account and upload files (up to several two tasks: (i) distribute torrent files (index 100MB). These files are accessible via a direct link, which is server, that is, just a normal file/Web server; known only to the user (that is, there is generally no way to the torrent file describes the complete tor- search for content on the DDL server). rent download) and (ii) maintain a list of peers for each torrent file (i.e., if a new node • The uploader now distributes the link (normally via third- connects, the tracker gives him a seed list of party forums) and anyone can then download the files. P2P nodes to connect to).* • Users without a paid account on the DDL server have limited Although BitTorrent is also used to distribu- bandwidth and a maximum volume to download. Furthermore, te illicit content, the number of commercial users have to wait before every download (around 1 to 2 minutes uses is constantly rising—even more so the for the first download, with the time increasing for subsequent non-commercial legal use. Some examples downloads based on volume used) and fill out a captcha for for the use of BitTorrent (from Wikipedia every download. and news reports): • Popular DDL solutions are, for example, Rapidshare and Me- • Sub Pop Records distributes music; Vuze gaUpload; the services are currently not very popular in Europe distributes movies. but are heavily used in the Middle East (9 percent of traffic in the Middle East is DDL traffic). • Podcasting services recently picked up BitTorrent for distribution, mainly supported by the player software “Miro.”

• Amazon S3 (a storage solution) uses Bit- set against objectives of reaching an all-inclusive Torrent for file transfer. Information Society. Copyright enforcement focuses more on criminalising uploading of • World of Warcraft uses BitTorrent to dis- copyrighted material than on downloading, tribute updates to the game (several 100MB which is not even illegal in all jurisdictions. files). Furthermore, measures such as filtering and DPI require heavy investment from operators, and • Patches are distributed, for example, the question remains who should be responsible INHOLLAND university distributed 22TB for incurring the cost of such actions, weighed of patches to 6,500 PCs in only 4 hours— against the extent to which value preservation in almost impossible in a client/server environ- the content industry can be quantified and ment (took 4 days without BitTorrent)—and directly attributed to such measures. For reduced download servers by 20 (previously example, a 2007 report of the Value Recogni- 22; now 2). tion Strategy working group in the UK suggested that format changes (i.e., “unbundling” of Due to this increasing use, the protocol can CDs into “a la carte” selections of songs by the not be “banned” from the Internet, as is so- likes of Apple iTunes) and price pressure from metimes proposed (to minimize file sharing discounted CDs on sale in supermarkets are and to help universities avoid liability issues more responsible for the value loss of the British with the media industry). recording industry than are P2P file sharers.

* Note: BitTorrent can also be implemented without a central tracker server, for example, using distributed 7. SUM M A RY hashtables (many implementations already support Addressing all of the four pillars of Digital this). This allows for a real, serverless P2P system. Confidence will enable the next phase of growth of digital life. The actions already being taken by various stakeholders point to a broad recognition of the issues and the need for action.

Booz & Company 41 But stakeholders are facing a multi-dimensional most appropriate measures need to be defined problem. For example, there are important diffe- and responsibilities assigned—that is, on what rences in legislation on key level is action required: Consumer, company, The industry broadly recognizes issues in many countries, regulator? And crucially: Who should pay for Digital Confidence as a top agenda whilst, for example, digital such actions? item but is still wrestling how to attacks like phishing are Based on the interviews we conducted, the address it effectively. cross-border and require difficulties reside less in the technological international cooperation solutions but more in the fundamental, underly- with regard to prosecution. It is often difficult ing policy issues: Should a company get involved or even impossible to track down offenders and in, for example, blocking illegal and undesired prosecute them—the measures and tools defined content, which for the “analogue” world simply are not effec- may mean facing Defining the four pillars tive in the digital environment. Furthermore, the risk of legal of Digital Confidence there exist huge gray areas due to the rapid liabilities? If so, allows companies to evolution of technology and behaviour and the who determines analyse the problem, set new possibilities in the digital world, ranging what illegal and priorities, and tackle it. from easy duplication of digital goods to the “undesired” worldwide accessibility of the Internet. means? How should the line be drawn? For Regulators and government agencies are example, if child sexual abuse content is being challenged to define their position and can blocked, what about racism? be seen to be oscillating between heavy-handed Ultimately, the issues faced involve a broad legislation and consumer education or are range of interests, with no simple answers. The pursuing market self-regulation philosophies. four pillars of Digital Confidence as defined A crucial role in tackling Digital Confidence order and structure the most important aspects issues is also played by international cooperation of the problem, which allows for a comprehen- and ratification of international treaties to sive debate and action. approximate national legislation allowing for common criminalisation of activities that sometimes may appear clearly illegal but are lacking a legal basis to tackle. For example, in CONTENT FILTERING the UK only recently, in May 2008, new legislative proposals were announced to close a Content filtering is used to restrict access to legal loophole that left drawings and computer- specific sites or parts of sites on the Internet. generated images of child sex abuse unpunished. Traffic/content filtering can be used for many Industry is faced with a choice of different different purposes, for example, to: levels of intervention. It must weigh requirements of new business models and capital • Filter spam e-mails. expenditure against the broader public policy concerns and the need to innovate and develop • Restrict or block access to illegal content, like new services and network topologies that satisfy child sex abuse content or copyright-infringing the needs and values of the “born digital” content. generation. Industry is generally concerned about exposing itself to uncontrollable legal • Deny minors access to inappropriate content. liabilities and relies on backup by government agencies or regulators. Depending on the issue at According to the underlying motive, the ap- hand and on the country, there can be no proach to filtering is different. Generally, a “one-size-fits-all” approach to fostering Digital distinction can be made between end-user Confidence, but important lessons can be drawn equipment-based filtering (often used for mi- from best practices. The lack of a coherent nors’ protection solutions as parents can easily approach comes ultimately at the detriment of disable it for themselves) and network-based the consumer, who lacks transparency and filtering (e.g., to restrict or block access to illegal guidance around the risks and benefits of digital content) or in a combination (e.g., for spam life, whilst businesses are challenged to create filtering; e-mail servers filter spam based on sustainable, new digital business models. blacklists and e-mail clients filter the rest of the The most difficult aspects of Digital Confi- spam based on content). dence centre not around what needs to be For network-based filtering, a variety of tackled, but around how and by whom. The approaches exist, as shown in Exhibit 35. The

42 Booz & Company most common implementation is DNS-based to enable these more sophisticated filtering tech- URL filtering(4). In this case, certain access to niques is, however, controversial. DPI enables the IP address underlying a specific domain monitoring of individual traffic on a “keystroke- is blocked based on the domain name (e.g., by-keystroke” basis, which could also include “www.google.com” would be restricted, but not e-mail correspondence. DPI has raised privacy “www.google.uk” because these are different concerns as it allows for collection of personal domain names). This filter can be implemented data (websites visited, searches) and raised con- quite easily by each individual network provi- cerns regarding unlawful intercept. der and is effective for all customers using the Blackholing is a very simple but yet extremely provider’s DNS server. On the downside, this effective filter—but not without significant filter can be easily evaded by connecting to an shortcomings. Blackholing blocks complete ac- alternative DNS server without filters installed, cess to a single IP address (packets destined for and it can be used only for blacklisted content. this address are not forwarded) and is difficult DNS filtering has nevertheless proven to be ef- to circumvent, even for experienced Web users. fective in preventing unintentional or accidental But since several systems and websites can be access to illegal content. located at the same IP address, blocking one IP More sophisticated filters examine the actual might block hundreds of websites or users as content of the traffic, to determine if it should “collateral damage” (called “overblocking”). be filtered. A simple example is the detection of Therefore, this is a measure used only if the in- spam e-mails. In this case, the mail server ana- tegrity of large networks is endangered or users lyses the content of the e-mail. Another example are at high risk if blackholing is not deployed. is simple “adult content filters,” which scan the Filtering measures in general can be effec- text of a website for keywords like “porn” and tive only when listings of illegal content are then block the access to them. The most com- governed, maintained, regularly updated, and plex version of this is Dynamic Content Finger- well enforced. However, there are broader printing Filters, which can analyse the content public policy implications at stake should lists (4) DNS is the domain of audio and video traffic, for example, to deter- be extended beyond their original purpose and name system that allows a PC to find mine if copyright-protected files are transferred. in instances where illegal content is not taken the server for a given DPI is another example. The technology needed down within an adequate time frame. domain.

Exhibit 35: Website traffic filtering toolbox

Proxy based DNS based Dynamic Content Content keyword IP blocking/ URL filter URL filter fingerprint filter filter blackholing

URL of request is DNS entries for Content of packets Content of packets Selected single IP Description analysed and specific domains is inspected (DPI) is inspected (DPI) addresses are verified with black/ are blacklisted and fingerprinted and keywords are blocked in routers white list and rerouted (i.e. identification of detected–normally (border and content) for http/smtp only internal possible)

Number of Precise/Targeted affected sites Impact of intervention Single Page Single Site/Domain Content fitting All pages/URLs All sites/devices the fingerprint containing keyword located at this IP

Proxy server needed DNS configuration DPI very complex and DPI needed Router configuration content database needed

Less easy to Filter easy to Content can be Depending on With NAT/shared Pro / con circumvent than circumvent with detected, but keyword strong hosting extreme DNS-based filtering changes in local decision about over-blocking, over-blocking, but higher technical DNS configuration legal use not circumvented by circumvented by complexity and possible encryption tunnelling problems with traffic volume Blocking of sites Detection of Simple filters for Blackholing used to Example based on blacklist copyright protected PCs, blocking all protect networks (e.g., ThePirateBay audio files when file sites containing and devices from block in Denmark) sharing the word “sex” Denial-of-Service

Note: Non exhaustive, e.g., Port based blocking can be used in Source: Booz & Company Difficult/Expensive Simple/Cheap addition to DNS based filtering to make circumvention more difficult Implementation Implementation

Booz & Company 43 IV. TODAY’S APPROACH TO DIGITAL CONFIDENCE: SIGNIFICANT ROOM FOR IMPROVEMENT

To develop a coherent framework for ensuring • “Learning potential”. Digital Confidence, it is essential to review the approaches used by various stakeholders to • Timeliness. address the increasingly prevalent challenges around Digital Confidence. • Geographic diversity. A set of case studies is discussed to understand best (and worst) practices and to derive As set out in Chapter III, one of the key issues is lessons learnt to build on going forward. The the general position a company takes in a specific case study view is then complemented by a brief area of Digital Confidence: How protective or review of the regulators’ agenda as it relates to even prescriptive do I want to be or do I need to Digital Confidence. be? How intrusive can the measures applied be?

1. CASE STUDIES: HOW TO GET DIGITAL To examine the cases, a generic Digital Confi- CONFIDENCE RIGHT—OR WRONG dence Positioning Framework has been develo- The cases have been identified along the four Di- ped (Exhibit 37). Within this framework, the gital Confidence pillars—Network Integrity and horizontal axis depicts how measures are taken Quality of Service, Privacy and Data Protection, (e.g., passively in a “hands-off” manner or Minors’ Protection, and Piracy and Theft Avoi- actively in a “full-control” approach) whereas dance. Per pillar, two cases have been selected to the vertical axis differentiates the underlying illustrate the objectives of each pillar as much as principles. The resulting four quadrants can be possible and to allow for insightful conclusions clearly linked to generic societal roles. (Exhibit 36): For example:

Exhibit 36: Today’s approaches—selected cases

Network Integrity & Privacy & Data Piracy & Theft Quality of Service Protection Protection of Minors Avoidance

Ensure the network Protect consumers’ Protect children from Counter digital theft of platform is secure and private data being being exposed to copyrighted content protected from external published undesired content attack Protect e-Commerce Prevent consumers’ Prevent bullying transactions Ensure end-users are private data being used delivered a consistent commercially Prevent grooming/ quality of service solicitation Protect consumers’ Ensure a secure private data from being Counter child computing environment accessed illegally pornography for consumers and businesses Prevent identity theft/ fraud

1 Active Traffic 3 Phishing Blocking 5 Child Pornography 7 Copyrighted Content Management Blocking Filtering

2 Botnet Mitigation 4 Targeted Advertising 6 Social Networking/ 8 Adoption of “Three Internet Education Strikes” security

Note: Colors of arrows only to distinguish cases Full line = major aspect in case; Dashed line = minor aspect

Booz & Company 45 Exhibit 37: Digital Confidence positioning framework network bandwidth alone would be prohibiti- vely expensive whilst not providing a long-term solution. Voluntary/ by choice Teacher Parent Heavy users consume high amounts of bandwidth at the expense of regular users. Applicati- ons such as file sharing and video streaming are Education with significantly more bandwidth-hungry than Educational “a strong hand” but “laid back” (soft enforcement) standard Web browsing or e-mail. This varying intensity translates into strong peaks in utilisa- tion of the overall capacity of any given net-

Underlying Principles Underlying How are measures taken “Hands “Full work. Network providers are addressing this by off” control” investing in next-generation access networks to continuously expand the capacity available to Self-imposed enforce- Legally mandated ment, often on end users. But to ensure that all customers enforcement case-by-case basis experience optimal QoS, more than just expan- ding capacity is needed. There is a group of heavy users, increasing in size, that uses an increasing amount of bandwidth, which means that capacity increases alone can only be a Referee Mandatory/ Policeman forced short-term solution to dealing with bandwidth crunches. Therefore, traffic also needs to be managed to ensure a “fair” distribution of bandwidth consumption and QoS for all users • The teacher educates users about opportu- (Exhibit 39). In a flat fee tariff environment, nities and threats as much as possible, but will users with high consumption (steep part of normally not take active corrective measures curve) are “subsidised” by users with low (e.g., “Web Wise Kids” producing educational consumption. As an illustration: If 10 percent of material for children on the Internet). heavy downloaders would be traffic-shaped or migrated to higher-usage tiers, fairness in • The parent educates users about threats and distribution of available bandwidth to all users measures similar to a teacher, but will take would increase by almost 50 percent. measures proactively if deemed necessary to Tiered pricing and traffic management protect users (e.g., YouTube filtering copyright- measures are the two major remedies. Tiered protected content). pricing could incentivise heavy users to decrease network usage by charging premiums for • The referee relies on self-imposed enforcement downloading at peak time, especially for of rules on a case-by-case basis and on guideli- bandwidth-hungry applications such as file nes rather than on education, but rules are based sharing. These premiums have two effects: First, on mutual agreement (e.g., UPC NL proactively they will shift demand away from peak times, blocking child sexual abuse content domains). and, second, they will translate into additional revenue that can contribute to covering infra- • The policeman is naturally inclined towards structure expansion cost. Canadian cable strong enforcement based on legal mandating, operator Rogers introduced tiered pricing, takes all measures necessary to do so, and does AT&T in the United States is evaluating a so based on strict rules, for example, to block special pricing model for BitTorrent traffic to all illegal activities (e.g., the implementation of mitigate the impact of P2P traffic on the a “three strikes and you’re out” rule in case of network (the company predicts total bandwidth copyright infringement). use on its network will increase fourfold over the next 3 years), and Time Warner is testing a CASE 1: ACTIVE TRAFFIC MANAGEMENT metering pricing system that charges users by Problem: Network providers face increasing the amount of bandwidth they consume. bandwidth usage and need to manage network Traffic management measures encompass a traffic to avoid network congestion and ensure broad array of network-driven measures aimed at quality of service. facilitating traffic flow and ensuring quality of Risk: Quality of service (QoS) may suffer due to service—complementing general network spikes in bandwidth demand—but upgrading dimensioning, which is particularly aimed at

46 Booz & Company dealing with peak usage times. Measures range Against the matrix, a number of recent practices from enforcement of fair use limits to various stood out. Comcast, one of the largest cable forms of shaping and implementation of different operators in the United States, faced significant approaches in traffic selection to ensure the best traffic increase due to the QoS (see also Chapter III). increased use of P2P “Unmanaged networks result in Approaches that players have taken to traffic systems. Under this pres- serious degradation of service avai- management can be discussed with reference to sure, Comcast tightened its lability and quality for all users. It an adapted version of the generic Digital Confi- traffic management and will also mean that customers will be dence Positioning Framework (Exhibit 38). The faced strong opposition paying more for less, as providers are vertical axis differentiates the general position a from the public. Rogers, in forced to continually build out their network operator or ISP can take towards traffic Canada, introduced usage networks to stay ahead of the massive management. In this, the upper pole is a position allowances, charging extra bandwidth consumption growth.”* that sets incentives but does not interfere with for traffic above certain actual user activity whereas the lower pole is a limits (a limit of two up to 100GB per month). forced position that actively reacts to and This is an example of an hybrid approach, manages traffic based on the overall user activity combining traffic management with tiered at a given point in time. The horizontal axis pricing. In addition, Virgin Media in the UK is differentiates the degree to which actual traffic an example of a cable operator being very open data determines the actions being taken, that is, about its traffic management activities. how specific the employed technical measures Comcast implemented network management are. Service-specific shaping differentiates measures impacting on P2P traffic from BitTor- between various types of traffic at a more rent that produced too restrictive outcomes: granular level than protocol-specific shaping, BitTorrent download was possible, but users for example. reported that uploads were delayed and that the Certain positions in the matrix are more implementation also affected other, more natural than others: For example, a “pricing- time-sensitive applications like Lotus Notes. only” approach as in the Teacher quadrant is Individual user complaints eventually led to unlikely to exist, given the current imbalance broad public attention including investigation by between bandwidth availability and demand the FCC. Comcast was also accused of providing –network operators cannot ensure a well-opera- a misleading service promise and computer fraud. ted network without any technical measures of In response, Comcast took on the problem in a *Kurt Dobbins, traffic management. very dedicated manner, worked together with Arbor Networks

Exhibit 38: Digital Confidence positioning−active traffic management

User driven 1 Few network operators do not actively manage their traffic Teacher ParentParent – Pro: As long as enough spare capacity, no real need for guaranteed user experience–potential networkcongestion

2 Network operators have “Fair Use” policies in place, based on network dimensioning aimed at managing peak usage times 4. Pricing only 5. Hybrid Rogers – Users exceeding Fair Use limits may be migrated to Model (Can) alternative (higher bandwidth) broadband subscriptions

3 Active traffic management is deployed to guarantee QoS for all users – From a net neutrality standpoint, a protocol-agnostic Traffic Full traffic approach is preferable to a service-specific approach hands-off control 4 A business-driven alternative to bandwidth management is usage based, differentiated pricing – Pro: Market-backed incentive to manage congestion by

Monthly volume limit with fee for additional volume creating disincentives for excessive use Virgin 1. No active 2. Fair use 3. Protocol 3. Service – Con: Undermine usage convenience, potentially, (UK) traffic limit based based competitive disadvantage management enforcement shaping shaping Comcast 5 Hybrid models (“additional use policy”) use differentiated Announced (US) pricing when usage exceeds certain upper limits/caps – Average user still benefits from “flat fee” convenience– Referee Policeman only heavy users will pay usage premium Operator driven

Booz & Company 47 BitTorrent, and found a mutually acceptable principles, however, are “subject to reasonable solution, that is, Comcast will use a platform- network management.” The FCC ruling on agnostic technique that may ultimately slow Comcast seems to be more of a statement of down P2P traffic only from its heaviest users. principle, also because Comcast is unlikely to be This agreement seems to be fined, and appears aimed at setting a precedent “So the real question for today's finding approval among net by further specifying what “reasonable network broadband networks is not whether neutrality proponents. management” means in practice. they need to be managed, but rather Google called Comcast’s Rogers introduced usage premiums in March how.”* commitment to a protocol- 2008. Users have to pay an extra $1.25 to $5 agnostic approach to network management “a per month depending on their tariff plan, with a step in the right direction.” However, it did not maximum of $25 across all plans. An increasing appease the FCC, which decided to move ahead number of network providers have started with a ruling that denounced Comcast’s earlier considering the introduction of usage-based practice. pricing models to manage their increasing While appreciating the need for “reasonable” bandwidth demand. The difficulty with this network management, the FCC alleged that tiered approach is that it may undermine the Comcast arbitrarily blocked Internet access basic promise of “flat fee,” which was a key regardless of the level of traffic, and failed to driver for the development of the broadband disclose to consumers that it was doing so. In mass market, that is, carefree broadband use July 2008, the FCC chairman recommended without having to worry about inflated cost due enforcement action requiring Comcast to stop its to usage that was difficult to monitor. Rogers is “practice of blocking” (although “delaying” is addressing this issue with the $25 cap. Rogers probably a better descrip- itself is very open and unpretentious about its Some players like Virgin Media or tion); provide details to the policy, stating on its website: “The majority of Rogers are very transparent on their consumer on the extent to our customers are on plans that meet their needs approach to traffic management— which and the manner in and should not expect to go over their monthly acceptance seems high. which the practice was used; usage allowance. If you do go over, you can pay and to disclose to consumers for additional usage on a monthly basis, or details on future plans for managing its network change your level of service so that it meets your going forward. This action follows an FCC policy online needs. Measuring usage this way more statement issued in September 2005 that outlined fairly reflects how our customers are using the a set of principles meant to ensure that broad- service and allows us to maintain competitive *Vint Cerf, Chief band networks are “widely deployed, open, affor- monthly rates for all of our customers.” Internet Evangelist, Google dable and accessible to all consumers.” The In the UK, Virgin Media is also very open about the need for traffic management and the chosen implementation. Currently, Virgin is Exhibit 39: Bandwidth consumption across user groups using traffic shaping to manage the top three percent of its heavy users—the rules deployed are publicly available on the website. Virgin Share of bandwidth consumed Media is putting its measures in the context of a 100% fair use policy safeguarding QoS for the vast majority of users. Virgin Media is also thinking Actual about the introduction of pricing-based models 80% distribution in the future. Traffic management is increasingly attracting 60% more regulatory scrutiny. The expected FCC ruling on the Comcast case underlines that Theoretical distribution without 10% heavy consumer protection is high on its agenda in the 40% downloaders context of defining what constitutes “reasonable” traffic management. But the topic is ‘Fair’ 20% complex also from a regulatory point of view. distribution with flat fee Exhibits 40 and 41 illustrate what kind of economic impact regulatory decisions could 0% have in that context. Imposing very strict QoS 20% 40% 60% 80% 100% Addressed by Share of users regulations impacting on the extent to which active traffic management Area of “unfairness” Reduced area of “unfairness” traffic management may be implemented could Source: Arbor Networks, Booz & Company Analysis add significant extra cost to the industry in

48 Booz & Company Europe. As the cost could not be swallowed by customer segment could lead to a general the network providers, they would need to increase in end consumer prices. This is why recoup this through higher-end consumer prices. regulatory action in the area of traffic manage- Ultimately, the excessive usage of a fairly small ment needs to be balanced carefully.

IMPLICATIONS OF CERTAIN MINIMUM QOS REQUIREMENTS REGULATION ALTERNATIVES

Exhibit 40: Breadth of possible QoS regulation

0. No Shaping Allowed 1. Low QoS Requirements 2. Medium QoS Requirements 3. High QoS Requirements

• Net Neutrality can be interpreted • Can be implemented via • E.g., minimum bandwidth or • High QoS requirement as prohibiting traffic shaping in configuring existing network moderate latency requirements (minimum bandwidth, combined the network management solutions • Can be implemented within with low latency and jitter) • This can potentially be combined – Shaping based on service/ existing infrastructure and small • Existing network not sufficient with other options but very protocol upgrades to fulfil, new technologies need difficult to achieve – More or less aggressive – Backbone upgrades for more to be implemented shaping bandwidth with less shaping – Access upgrades (new CPE)

• Network operators, currently • No backbone or access • Backbone or access upgrades • Backbone and access upgrades applying shaping, have two upgrades necessary necessary for parts of network necessary (essentially rebuild potential options • Differs for DSL and cable of network) – Upgrade backbone Network operators due to different – Downgrade products technical restrictions (e.g., cable with shared access network can easily deliver more bandwidth but more prone to congestion)

Product downgrade or No upgrades Upgrade of network Network “rebuild” upgrade of network

Exhibit 41: Financial impact of “no-shaping” regulation in Europe (billions euros)

Backbone Upgrade Cost Product Downgrade Revenue Loss

Minimum case Maximum case 24.0

4.8 18.6 19.2 2.5

3.7 12.8 12.4 1.7 8.5 2.6

Current Upgrade of Extension “Regulated” Current Upgrade of Extension “Regulated“ Current Revenue “Regulated“ capex existing of existing capex capex existing of existing capex revenue loss due to revenue infrastruc- infrastruc- infrastruc- infrastruc- regulation ture ture ture ture

Note: Europe: EU-27 + Norway + Switzerland Note: This is a hypothetical scenario, assuming shaping is not allowed in Europe and currently 20% of all traffic is shaped and 67% traffic growth p.a. (not assuming any distribution of shaping across players) Source: U.S. BEA, Merrill Lynch, Ofcom, Company Reports, Booz & Company Analysis

Booz & Company 49 KEY LESSONS manages disproportionate usage behaviour and Five key lessons emerge from the discussion: is directly aimed, and limited to, managing the level of traffic only at times of actual congesti- • Managing network congestion and capacity on. This approach may offer the best overall constraints is an essential part of every network QoS experience and a level of intervention that operator’s business—tiered pricing and traffic is proportional to net neutrality. management measures are the two major remedies. • Issues related to traffic management may be effectively governed by reaching mutually ac- • Usage is expected to grow in step with ceptable and transparent agreements between bandwidth increases in next-generation ac- network operators and, for example, application cess networks. This makes the issue even more providers. The level of broadband competition important as heavy usage of bandwidth-hungry in a given market should determine the need for applications is expected to grow. Charging a regulatory intervention. premium for heavy usage may contribute to more balanced traffic flows and fair distribution CASE 2: BOTNET MITIGATION of available bandwidth to all users. Problem: More and more consumer PCs are infected by bots, malicious software which • Traffic management measures are always can be controlled remotely by criminals (“bot needed to a certain degree and are appropriate herders”): ISPs want to remove bots from the to ensure QoS across different traffic types; Internet to protect consumers and networks. being transparent in public about these practices Risk: Botnets are the major source of most is necessary to manage service expectations. digital attacks, like phishing, sending spam, click fraud, etc. (5) Note: Within this • The implementation of traffic management document, the term measures has to consider the net neutrality Botnets are likely the most severe form of net- DoS is used, although technically, the at- discussion—implementations that are protocol- work integrity infringement for criminal pur- tacks from botnets specific (like BitTorrent) have been harshly poses: A botnet is a collection of PC terminals are DDoS attacks (Distributed Denial of criticised in public. Protocol-agnostic “fair use” in consumer homes, businesses, universities, Service attacks). enforcement seems therefore fairest when it etc., that are controlled remotely by an unauthorised, malicious third party without the PC owners being aware. Botnets can consist of P4P as a Way to Mitigate Some P2P Traffic Whilst Improving several hundred thousand computers. Quality of Experience for Users Botnets can be used for several purposes from spamming and denial-of-service (DoS)(5) P4P is the “Proactive Network Provider Participation for P2P,” attacks to phishing and click fraud. Some an initiative by the Distributed Computing Industry Association recent examples show what drastic consequen- (DCIA). Core working group members include various thought ces botnet-executed DoS attacks can generate. leaders across the industry, including AT&T, BitTorrent, Cisco, In April 2007, after a Russian statue was Joost, Pando, Telefonica, Verizon, and Vuze. removed in Tallinn, the capital of Estonia, a “manual” DoS attack was organised: Bloggers P4P has two goals of development: (i) decrease backbone traf- asked their readers to ping specific Estonian fic, and (ii) reduce network operation costs. The technical idea services to create a DoS. A ping is a software behind it is to build a P2P system (BitTorrent-based) that uses utility sending a packet to a specific IP address additional information about the network topology to select the to determine whether the address is available. peers to exchange data with. To support this, additional tracker It is primarily used to troubleshoot Internet servers are maintained by the ISP, allowing it to sort the availa- connections, but it can be abused in the way ble peers based on optimal routes. described. After being unsuccessful with this attack, a botnet was “rented” and a “real” DoS Additionally, the idea of caches at the ISP level is introduced— attack launched. Targets of the attacks included allowing the reduction of data volume in backhaul and access the websites of the Estonian presidency and its (clients need to upload data only once to the cache; the cache parliament, almost all of the country's govern- can serve all requests into the network). First tests with Pando ment ministries, political parties, three of the (BitTorrent-based) show that delivery speed increases by 200 country’s six big news organisations, two of the percent to 800 percent with a 40 percent to 75 percent inter-ISP biggest banks, and firms specialising in com- data transfer decrease. munications. The attack literally “took down” the digital side of life in a country where, for

50 Booz & Company example, 90 percent of bank transactions are of intervention. The left pole stands for no made online. intervention at all, the right pole for a strongly In April 2008, Radio Free Europe, a private interventionist position. non-profit organisation funded by the United Education is a clear example for a non-inter- States, experienced a massive DoS attack. Se- ventionist and user-centric measure: Ensuring veral Eastern European websites of Radio Free that end users understand botnet risks and what Europe were attacked by DoS, that is, flooded to do against them. For example, the European with fake requests (leading to all resources being Network and Information Security Agency used by the DoS attack). Both these attacks were (ENISA) has published educational materials for essentially politically motivated and were car- consumers about botnets, their threats, and how ried out by (often “rented”) botnets. consumers can protect themselves. As most of botnets’ purposes are illegal, Another measure to be seen in the Teacher prosecution by law enforcement plays a central quadrant is software that protects computers role in countering botnets. from being infected with bots. Almost all cur- Kraken is one of In the United States, the rent commercial anti-virus and firewall pro- the largest known FBI executed operation ducts contain features to prevent bot infections. Botnet* “Bot Roast” in Summer Suppliers of such software are also vulnerable 2007, identifying about 1 themselves: Blue Security, a small company million computers that had been compromised focused on Internet security software, actually across the United States and charging numerous was pushed out of business by a massive DoS individuals with computer/cyber crimes. Beyond attack in May 2006. prosecution, mitigation strategies against bot- Blue Security had developed and brought to nets unfortunately are limited—preventing the market an anti-spammer product that was said infection in the first place is most effective but to be very effective—and ironically was also *500,000 infected PCs 50 Fortune 500 compa- difficult. botnet-based.(6) Thereafter, Blue Security was nies affected Approaches to “non-prosecuting” botnet blackmailed by spammers to shut down busi- (6) If Blue Frog mitigation can be structured along an adapted ness. After Blue Security refused this, an initial detected a spammer, version of the generic Digital Confidence Posi- DoS attack was targeted at the Blue Security all machines using Blue Frog sent an tioning Framework (Exhibit 42). The vertical servers, shutting them down. The administrators e-mail to the spam- axis differentiates where mitigation takes place: redirected the DNS entry to TypePad, one of the mer, basically being a botnet performing a On the end-user or on the network side. The largest blog hosters also used by Blue Security. small DoS attack on horizontal axis differentiates the forcefulness Massive subsequent DoS attacks temporarily the spammer.

Exhibit 42: Digital Confidence positioning—botnet mitigation

End-user centric TeacherTeacher ParentParent 1 Most ISPs provide users with education and appropriate measures protection software – Pro: Can already prevent bot infection 1. Education – Con: Software protection not 100% safe and users need some technical background 1. Protection Software 2. Separating 2 Separating infected PCs from the Internet into a “walled Zombies garden” is implemented very limited – Pro: Walled garden minimises spread of botnets – Con: Liability issues with false positives and very customer care intensive No Complete reaction blocking 3 Blackholing essentially means disconnecting machines from the Internet(1) – Pro: Very effective, especially for older botnets (or to 4. Traffic mitigate DoS attacks) Filtering – Con: Extreme measure since all traffic is blocked to 3. Blackholing this machine C&C server 4 Filtering botnet traffic–although being very effective–is difficult to implement – Pro: Minimises threat with little disturbance of other RefereeReferee Network Policeman activities centric – Con: Botnet traffic difficult to filter since very similar measures to normal Internet traffic (1) Blackholing normally only used for Control servers, machines attacked by Distributed DoS, but not for infected PCs

Booz & Company 51 shut down TypePad and Tucows, Blue Security’s KEY LESSONS DNS provider, both being large and important Seven key lessons emerge from the discussion: Websites. Only with a coordinated response of several network operators and service providers, • The nature of IP networks, that is, their could the attacks, with peak traffic of more openness and neutrality, has made them very than 3GBps, be mitigated to protect these third powerful, but also makes them easily accessible security parties. But Blue Security was offline for several for “negative intentions” such as botnets. days. Two weeks after the Blue Security CEO Eran Reshef on initial attack, Blue Security • Due to their versatility in potential attacks, fighting spam: “This is something shut down its anti-spam- botnets are a major threat to network integrity that’s really got to be left to govern- ming business. and thus for network operators, service provi- ments to decide. To fight the spam- A more end user-cen- ders, businesses, and consumers alike—botnet mers you really need to spend $100 tric but interventionist ap- activity often also has political motivations, as million.”* proach would be to separate witnessed by the Estonia and Radio Free Europe out zombies, the individual computers in a bot- examples. net. This is a powerful yet difficult mitigation measure, suggested by the Message Anti-Abuse • One of the most severe attacks is the denial- Working Group (MAAWG). It means that infec- of-service (DoS) attack used to cut off unwanted ted computers are separated from the Internet sites or as a threat to blackmail companies— into a walled garden with security updates and botnets have been responsible for all major DoS disinfection possibilities. So far, this measure attacks in the last years. has been implemented to only a very limited extent, for example, in large private networks • Prosecution by law enforcement plays an such as universities, due to the potential liability important role in countering botnet activities— issues. to be successful, such prosecution typically The most effective measure always was to requires other stakeholders, especially network blackhole/disconnect the command and control operators and ISPs, to join in. (C&C) server of the botnet. For example, as early as 2004, the Norwegian incumbent ISP • Education is important but with limited effect Telenor defanged a botnet of 10,000 zombies by due to the topic’s complexity and the need for shutting down its C&C server. But bot herders explanation and due to the difficulty for consu- have reacted to this, and now increasingly use mers in detecting infections. new types of botnets, without a central C&C server. • Network operators have to react on severe Last, a network-driven but less interventionist botnet attacks with technical mitigation measu- approach is the deployment of traffic-filtering res. Since most measures are complex and techniques to mitigate botnets. As for other pur- interfere with user behaviour, network providers poses, filtering here has the aim of recognising have to cooperate with all stakeholders to limit the unwanted botnet traffic and then blocking the measures needed. respective IP packets so that they cannot reach their destination. The challenge in this particu- • Isolating bots in walled gardens and coopera- lar case is that botnet traffic is very difficult to ting with software vendors on disinfecting PCs filter since it is very similar to regular Internet promise to form an efficient solution—but net- traffic. Many ISPs and network operators cur- work operators have to find ways to implement rently use a simplified version of this approach, this in a user-friendly way (minimising need for where they block all traffic that is typical for customer care and offering opt-out possibilities botnets—running the risk of overblocking legiti- for false positives). mate uses as well. In addition, ISPs also increasingly join forces CASE 3: PHISHING BLOCKING with law enforcement by monitoring network Problem: Phishing mails have the aim of stea- activity and informing about irregularities. ling the identity of someone or defrauding This way a large botnet was taken down in the consumers. *http://blogs. Netherlands in 2005 when “Internet service pro- Risk: Consumers can lose significant amounts guardian.co.uk/technology/2006/05/17/ vider XS4ALL notified authorities of unusual of money, for example, in case of stolen online spammers_kick_blue_ activity on its network.” It had consisted of 1.5 banking account data. Authenticity of phishing frog_into_submission. html million zombies. Three suspects were charged. e-mails often is difficult to check.

52 Booz & Company Phishing has been highlighted as one of the most This approach ties in with DNS filtering, critical and fastest-growing issues with respect leveraging the fact that specific domains can to Privacy and Data Protection. As it is a techni- be blocked individually. It can be executed cally complex phenome- either on the ISP’s DNS server or on third-party No phishing filter non, creating the needed servers. The strong advantage of this solution is is 100-percent safe. awareness and know- that it works for all applications, that is, it is not ledge with consumers is limited to Web traffic via an Internet browser a challenging task. It is getting even more chal- but also covers e-mail, for example. At the same lenging as phishing e-mails and websites become time, this blocking approach is useful for URL- more professional and increasingly difficult to based phishing only, limiting it to around 90 differentiate from the legitimate versions, even percent of all phishing attacks (10 percent are IP for experts knowing what to watch out for. address-based, that is, they do not use domain Therefore, education can only play an ac- names). Additional possible barriers are as fol- companying role in mitigating damage from lows: DNS-based blocking can require end-user phishing. Apart from intensifying the prosecuti- system configuration, depending on the solu- on of individuals and companies responsible for tion; and in the case of ISP-based DNS blocking, phishing, the main remedy is to block phishing over-blocking can be a substantial problem as attacks via technical approaches. users have limited possibilities to access a site if Approaches to phishing blocking can be dis- it has been blacklisted incorrectly. cussed along an adapted version of the Digital Second, ISPs can deploy DPI for blocking Confidence Positioning Framework (Exhibit 43), phishing attacks. DPI solutions inspect the con- with the vertical axis differentiating whether the tent of every packet travelling on the network user needs to voluntarily decide on a solution and can redirect malicious traffic, that is, also (i.e., opt-in) or whether protection is on as long traffic to blacklisted phishing websites. This as she/he does not opt out and the horizontal approach works for all ap- axis differentiating how the solution can be plications and thus for most Technology is key to block phishing— circumvented. phishing attacks. Never- it needs to be deployed at different OpenDNS and PhishTank are an example of theless, it triggers the usual levels: Network, PC, and browser. a community-based procedure for identifying privacy concerns associated phishing sites and blacklisting them (Exhibit 44). with DPI in general: Consumers may dislike the Due to a large community, phishing attacks are amount of transparency service providers are detected and verified very fast, in less than 12 generating in this case even if the resulting data hours. is kept secure and not used for other purposes.

Exhibit 43: Digital Confidence positioning—phishing blocking

Opt-in/ TeacherTeacher fully voluntary Parent 1 DNS-based solutions can block the access to specific domains, this can be either on the ISPs DNS server or on third party servers All solutions depend – Pro: Works for all applications (not limited to browser on blacklists–these 3. PC solutions but also in mail and others) need to up-to-date – Con: Only useful for URL-based phishing

2 Deep Packet Inspection (DPI) solutions inspect the content of 1. OpenDNS/ any packet and can redirect malicious traffic(1) Pish Tank – Pro: Works for all applications and many phishing attacks Easy DNS based 2. Network operator No – Con: Privacy concerns and circumvented by encrypted circumven- DPI(1) circum- tion vention traffic 1. ISP DNS 3 PC-based security solutions normally also include a phishing filter 4. Firefox – Pro: Depending on solution, it can protect all applications 4. Internet offline – Con: User has to install and configure solution Explorer 4 Current browser can check URLs against server or local Browser based blacklists (also heuristics possible) RefereeReferee Opt-out/ Policeman – Pro: Little privacy concerns (depending on per default implementation) mandatory – Con: No protection in other applications, e.g., mail or older browser versions (1) E.g., solutions in conjunction with ad injection (Phorm)

Booz & Company 53 Exhibit 44: Phishing blocking overview Exhibit 45: Browser-based phishing blocking effectiveness test (2006)

1. Firefox 2 Local List 79%

4. Firefox 2 Ask 82% 2. Google Internet Explorer 7 2% Auto Check OFF Heuristics only Internet Explorer 7 3. 66% Auto Check ON

Bold: Default Mode Source: Mozilla Foundation

1. User receives fishing mail and goes to the approach has a very low success rate of only phishing website–User identifies the phishing attack (based on e-mail and website) two percent). One advantage of this approach is that it does not trigger larger privacy concerns 2. User submits URL of phishing site to OpenDNS/ PhishTank as potential phish if the blocking is executed locally, that is, as with Firefox that downloads a list of phishing 3. OpenDNS/PhishTank community verifies the phishing attack sites and checks against it automatically. One limitation is that browser-based blocking cannot 4. Domain is added to PhishTank Blacklist and blocked in OpenDNS help with phishing attacks in other applications, for example, e-mail (which is currently only a 5. Further attempts to access the link are blocked minor problem). In addition, it is vulnerable to Source: OpenDNS.com, Phishtank.com malicious software on the user’s machine, for example, a bot (see Chapter III) deactivating the feature or manipulating blacklists. Using DPI to prevent phishing is very effective Browser-based phishing blocking reaches and can be circumvented only by encrypting a high effectiveness if new browsers are used. traffic (which can be seen only rarely in phishing With older browsers, such as Internet Explorer attacks). 6, third-party add-ons have to be used (which Third, the consumer’s PC can be put in the normally use similar blacklists). centre: Many of today’s PC-based security Across all four approaches, blacklists are solutions include a phishing filter—for example, needed so that the blocking mechanism knows security suites from Norton, McAfee, Sophos, what to block. What is on the blacklist therefore or others, which are also is crucial for success and acceptance of phishing An accurate blacklist is crucial: often provided to consu- blocking on the whole: If a blacklist contains Only blacklisted phishing attempts mers by the ISP or network too many entries, overblocking occurs, that is, can be blocked. operator. Such filters can sites are blocked that should not get blocked be very effective because, depending on the (e.g., real login page for online banking that was actual solution, they can protect all applications mistakenly added to the blacklist); if a blacklist and thereby provide strong protection against does not contain all entries or is not updated fre- phishing. A disadvantage of this approach is quently enough, the protection is not very useful that it requires significant consumer contributi- and can lead to liability issues for the blacklist on as solutions have to be installed, configured, provider. and updated. Especially the regular update of local blacklists is crucial in guaranteeing good KEY LESSONS performance of the phishing filter. Five key lessons emerge from the discussion: Lastly, phishing blocking can be executed on the browser layer. New browsers such as Inter- • Since phishing is difficult to understand for net Explorer 7 and Firefox 2 can check URLs consumers, education is likely to be of limited against server or local blacklists to identify and power—it can only play a supporting role. act upon phishing attacks. In addition, heuristics can be used to detect phishing attacks (e.g., • Blocking phishing attacks is one of the central detecting phishing attacks based on patterns remedies—the various approaches all exhibit in URLs, formally used for phishing; but this advantages and disadvantages around effectiven-

54 Booz & Company ess, coverage (i.e., which applications are protec- ral ads, in July 2007; and Yahoo bought Blue ted), privacy concerns, and required consumer Lithium, which specialises in performance-based activity—which need to be balanced carefully. display ads, in September 2007. Also, network providers are increasingly relying on advertising- • The critical issue across all blocking ap- based business models to realise their growth proaches is the creation and management of ambitions. blacklists depicting phishing sites to be blocked. If handled properly, targeted advertising can Today, several effective blacklists are available be win-win for consumers and industry: The (e.g., from Google, PhishTank) and in use. advertising becomes more relevant and thus less annoying for consumers, whilst addressing • Browser-based solutions are most important specific target audiences is more cost-effective today since they enable the richest user interac- for advertisers. tion and can include education about the issue The business rationale is straightforward: seamlessly in case of an attack. A major problem Younger consumer groups spend ever more time are older browsers that do not include pro- on the Web. Moreover, the Web makes additio- tection features—the software industry needs nal information about the consumer accessible to cooperate with ISPs to push newer-version to the advertiser: What is he or she interested in? browsers into the market. Where is he or she living? Some of this information is openly shared by the consumer on • Approaches seem to be most suitable that platforms like Facebook; other information can empower (experienced) users to opt out of or be obtained by collecting data on online overrule the blocking mechanism, for example, behaviour. in the case of content being blacklisted wrongly, Most if not all of these new business models and furthermore respect the consumer’s privacy require extensive data collection, and some (e.g., with local blacklists). recent implementations have raised privacy concerns. In the United States, for example, the CASE 4: TARGETED ADVERTISING Federal Trade Commission (FTC) hosted a Problem: Consumers produce a lot of behavi- conference in November 2007 to broadly oural data when using the Internet, and discuss “Online Behavioural Advertising,” with businesses would like to use this for more a special emphasis on privacy issues, and later targeted advertising. on took the initiative to publicly suggest “On- Risk/upside: Consumers are concerned about line Behavioural Advertising Principles.” their privacy but business can significantly From a Digital Confidence perspective, increase relevance of advertising (and thereby drivers and principles related to targeted adverti- revenue). sing can be plotted along an adapted version of the generic Digital Confidence Positioning Web 2.0 brought the rise of many services based Framework (Exhibit 46). The horizontal axis on social networking such as Facebook and differentiates as to whether the targeted adverti- MySpace. Many of these services broke records sing is website/application-driven (i.e., by in terms of subscriber and usage growth—more Internet players such as social networks) or often than not due to the fact that they are network-driven (i.e., by cable operators or ISPs). offered free to the consumer. This nevertheless The vertical axis differentiates the degree to increases the pressure on suppliers to monetise which the user can control whether his or her these services going forward. Advertising and in data is being used in such advertising, with the particular targeted advertising is expected to possibilities ranging from an “opt-in” that fully play a central role in the monetisation of Web leaves the decision to the user to a “no opt-out” 2.0 services—our market analysis shows that that uses data by default until the user removes advertising will be the fastest-growing segment the consent. of the digital world (see Chapter II). Large There are four distinct examples for how to Internet players like Google or Yahoo! have implement targeted advertising. MySpace is already started to capitalise on advertising—in testing a solution that is reported to be specifi- fact, it’s their main source of revenue. Conse- cally opt-in. On the other hand, Facebook quently, the industry has seen some significant started Beacon in 2007, a solution that origi- developments recently: Google purchased nally was implemented without user consent and DoubleClick, one of the leading online adverti- only was turned into an opt-out solution in sing firms, for $3.1 billion in April 2007; AOL reaction to a big public debate. An example acquired Tacoda, which specialises in behaviou- where targeted advertising has been successfully

Booz & Company 55 implemented is Gmail: Google offers a free need to actively respect its users’ concerns. e-mail service but analyses the content of user Facebook’s Beacon, on the other hand, was e-mails to display targeted ads in the interface. initially enabled for all users without prior These ads are an integral component of Google’s consent when it was launched in November e-mail offering: Users have to accept that the 2007 with 44 partner sites. It integrated advertising shown is dependent on their e-mai- Facebook with the partner sites, allowing the ling—judging by Gmail’s exchange of extensive data collections and 85 percent of users reject the idea success, users seem not to profiles as long as a user was logged in to of websites displaying ads based on be too worried about this. Facebook. Originally intended to enable a more previous websites. Gmail did, however, cause enhanced view in the Facebook stories (“your a significant privacy-related controversy when it friend watched the video xyz at Joost”), it can was first launched in 2004. Main privacy also be used for targeted advertising. Significant concerns ranged from unlimited storing of data privacy concerns were raised after introduction, and of non-Gmail subscribers’ e-mails to Gmail including law suits against participating sites. In users being analysed without their consent. reaction, Facebook introduced an opt-out option The MySpace HyperTargeting solution as quickly as December 2007. classifies users based on their interests listed on In the Gmail example, it stands out how the public profile (more than 100 categories). openly potential concerns are addressed. Google Advertisers can choose target classifications for has a detailed text on its website explaining in a their campaigns. In the initial tests, MySpace transparent manner that targeted advertising achieved a 300 percent increase in click-throu- alongside e-mails is more valuable to users than ghs, that is, three times as many customers untargeted advertising: “Google believes that clicked on an ad than before, and 50 percent showing relevant advertising offers more value extra cost for thousands impressions, or cost per to users than displaying random pop-ups or mille (CPM). CPM is the standard model used untargeted banner ads.” The Gmail solution is to pay for advertising based probably also seen as less controversial as users Several partners withdrew their on the number of consu- actually report finding the advertising useful participation after they realized that mers who view an ad. and as the targeted data is used restrictively, Facebook’s Beacon is not an opt-in Although MySpace has only only for ads to the user it relates to and only solution. been testing so far, discus- within the Gmail application. sion around privacy concerns has already Phorm and NebuAd provide network-based become intense. Still, with the solution set to be solutions for targeted advertising, allowing opt-in, MySpace apparently has understood the analysis of all Web surfing activities of users, so

Exhibit 46: Digital Confidence positioning—targeted advertising

Opt-in/ 1 MySpace’s HyperTargeting categorises users based on their TeacherTeacher fully voluntary Parent listed interests and shows ads based on these categorisa- tions – Advertisers can choose categories – Currently in testing only but already raises privacy 1. MySpace concerns Hyper- Targeting 2 Facebook Beacon integrates Facebook profiles with other sites (actions on other sites are forwarded to Facebook) – Intended to enable a more enhanced view in the Facebook stories but can be used for targeted Website- Network- advertising based 4. STB data 4. Ad based – Privacy concerns raised after introduction, including (Application- collection injection (Operator- lawsuits against participating sites (Harris vs. driven) driven) Blockbuster)

2. Facebook Full Opt-IM solution mandated by UK Information Commissioner's Office 3 Google Mail displays ads based on the content of e-mails Beacon (automated content recognition) Opt-out 4. Phorm/NeBuAd 4 Network based solutions like DPI analyse Web surfing 2. Gmail activities of users (ad serving for participating sites or (1) ads injecting in all sites ) – Privacy concerns since traffic is inspected to derive Originally/ no Opt-out profiles Referee Policeman Referee No Opt-out/ – BT trial without consumer consent triggered UK ICO Mandatory to demand Phorm implementations to be opt-in in order to comply with UK laws (1) Current solutions are focused on ad serving

56 Booz & Company that display ads can be appropriately targeted. KEY LESSONS Phorm will shortly be tested by major network Six key lessons emerge from the discussion: providers, for example, by BT and Virgin in the UK. Phorm deploys DPI to analyse Web surfing • Targeted advertising is clearly on the rise, activities, meaning that all traffic is inspected to supported by a set of central factors: Broadband derive profiles. as a mass market phenomenon, proliferation of These highly advanced Internet monitoring highly advanced Internet monitoring technolo- capabilities of DPI, even where traffic data is gies, and the general need for new business mo- anonymised for targeted advertising purposes, dels of Internet players and network providers to have intensified the attention and oversight of monetise new Web 2.0 services and platforms. regulators in view of significant privacy risks. Indeed, rollout of these services in some markets • Targeted advertising will be key for Inter- has caused significant media backlash and user net providers as well as network providers to criticism, in particular of the way network finance next-generation services and innovation operators have trialled, or intended to trial, in particular to monetise many Web 2.0 services these technologies. For example, BT began a and applications—it can be a value-add for the pre-trial of Phorm-based targeted advertising consumer, if done properly (e.g., Gmail). without informing the relevant customer base, which triggered intervention by the UK Informa- • Due to the rich data being generated as part tion Commissioner’s Office (ICO), which of their very purpose, social networking sites demanded that customers eligible for the trial be strongly push into targeted advertising; network duly informed about the technology and provide providers have only started to consider these op- their consent by positively opting in to the trial, portunities. with an opt-out possibility being available thereafter at all times. • Early moves into targeted advertising based Charter Communications, the fourth-largest on technologies like DPI have experienced high U.S. cable operator, stalled its announced visibility in the public and the media as well as targeted advertising trial within a month. raised strong privacy concerns and pushback in Although Q&As on the company’s website many cases. provided some transparency, users were uncon- vinced by the communicated benefit: An • Achieving general user acceptance will trans- “enhanced browsing experience.” Other cend mere legal compliance with data privacy concerns related to the use of DPI, which was rules. Transparency to the user base about in- considered too invasive. It also raised concerns tended targeted advertising rollouts is key. Also about guarantees that personal profiles could crucial will be to clearly articulate the value-add not be compromised. Finally, Charter’s opt-out targeted advertising will have for the consumer, solution was considered cumbersome. Users that is, to convince users of “what’s in it for were required to fill out a form and have a them.” special cookie placed. Clearing cookies or switching browsers would, however, enable • With regard to actual implementation by targeted advertising again until the opt-out form network operators, it has already become clear had been filled out a second time. that non-transparent practices may lead to Beyond solutions like Phorm, network-based regulated opt-in obligations. Easy-to-use opt-out targeted advertising can also be realised via the tools with transparent communication to users set-top box and as ad injection. This allows may, however, find acceptance, particularly Web-community–type features to enter the DTV when coupled with a genuinely (free?) value-add platform (aggregate popularity ratings) and service, as shown in the Gmail case. cross-platform promotions, as well as better targeted advertising. The STB interface can, for example, be used to display ads interactively, such as to promote VoD offerings based on TV-watching habits (“you have watched 10 documentaries about wildlife in Africa, would you like to download a documentary about lions?”). The set-top box approach works on the basis of capturing data related to “zapping” behaviour and TV programmes watched.

Booz & Company 57 CASE 5: BLOCKING CHILD SEXUAL On the other hand, making sure that Internet ABUSE CONTENT users are not exposed to child sexual abuse Problem: Block the access to websites showing content accidentally is a task that can be mainly child sexual abuse content (several thousand performed by network providers. But this is also websites). more difficult than first appears, since it is Risk: Low real risk to unintentionally access a multi-faceted and child sexual abuse content site, but these sites truly controver- Current legislation does can be found if looked for; severe impact on life sial: Blocking not cover all new Internet- of victims. makes the respon- related issues associated sible institution with sexual abuse content. Child sexual abuse content is legally prohibited in subject to censor- most countries of the world (with a difference ship criticism and liability claims, and water- only in the definition of “child” or “minors” proof blocking is difficult technically as the vari- ranging between 14 and 18 in most countries). ous techniques available for blocking can all be But still, thousands of sites on the Internet offer circumvented. these types of content. One problem is that child sexual abuse Countering child sexual abuse content empha- content needs to be defined in order to be sizes the prosecution of persons responsible for criminalised and blocked: The border between the actual existence of child pornography and art has sometimes proven to In the United States, more than 1,500 sexual abuse content: Users/ be blurry. Also, definition criteria need to be individuals are arrested each year customers of child sexual enforceable: Whether a young person being for the possession of Internet-related abuse content material on shown in a pornographic context should be child sexual abuse content. The ma- the one hand and suppliers protected or not (i.e., in most countries the jority of them own several hundred of such material on the question of being above or under a certain age) pictures showing children between other hand. The prosecution is difficult or impossible to determine. Further- 6 and 12 years old.* of contributing individuals more, images created and modified with image or businesses is a task solely for law enforcement, manipulation software pose a different (legal) which may demand assistance from other issue that was not relevant when most laws were stakeholders (e.g., network providers) as deemed created. necessary and as applicable law allows. Govern- Approaches to blocking child sexual abuse ments are in fact increasing their activities in this content can be discussed along an adapted area: Just recently, in May 2008, the U.S. Senate version of the Digital Confidence Positioning *National Centre for approved $1 billion over the next 8 years to Framework, with the vertical axis differentiating Missing & Exploited Children broadly fight child sexual abuse content. whether the blocking is optional

Exhibit 47: Digital Confidence positioning—child pornography blocking

Optional TeacherTeacher blocking ParentParent 1 Standard Internet Service Providers (ISP) positioning normally is to block legally mandated content only – Pro: Basic protection given – Con: No additional protection possible ‘Safer Internet’ 4. ‘OpenDNS’ programmes 2 Proactive ISPs initiate filtering programmes without being 3. Australia’s legally obliged to PC Suite – Pro: Prevent unintentional/accidental access – Con: Slippery slope into censorship should blacklists be extended beyond original objectives by third parties Driven Driven by by ISP government 3 Australia’s government developed a PC-based solution for parents – Pro: Empower users to protect themselves – Con: Needs expertise to install and configure; costly but not hacker-proof Considering mandating

“OpenDNS” type solutions are industry-driven and empower 2. Proactive Considering mandating 1. Legally 4 users to choose the categories to be blocked (e.g., UPC NL) mandated – Pro: ISP not liable for selected content Other positions only in addition – Con: No uniform level of protection–dependent on individual action and preferences RefereeReferee Mandatory Policeman blocking

58 Booz & Company (i.e., at consumer discretion), self-imposed (i.e., Exhibit 48: Child pornography blocking—technical implementation determined by the network operator), or mandatory, and the horizontal axis differentiating whether network operators or the regulator are the driving force behind such activity. Consumer Access blocked and So far, the predominant approach beyond PC/browser redirect to landing page complying to legally required blocking of sites is self-imposed filtering of child sexual abuse UPC NL content based on independent, third-party DNS servers established, maintained, and verified lists of legally banned content. ISPs are generally NL police (KLPD) DNRI child- Central website hesitant to filter, principally because, as “mere pornography Unit listing conduit” operators, is it not their role to Note: Technical solution simplified interfere with Internet freedoms. Moreover, they Source: UPC want to avoid legal liabilities in case legal content would get blocked unintentionally. Should filtering be implemented, voluntarily or Exhibit 49: Child pornography blocking—public opinion upon threat of mandate, independent judicial controls are required with regard to establishing In favour of blacklisting that the content to be filtered is indeed illegal child porn by UPC 95% under the relevant jurisdictions. In favor of blacklisting child 92% A prominent example of an ISP proactively porn by other ISPs as well taking initiative is the case of UPC Netherlands’ Feel that ISPs are allowed 94% to filter websites child sexual abuse content filtering initiative of early 2007. UPC Source: NSS Interviews (n = 600) Tech-savvy users (even cooperates with children) can easily circum- the Dutch Justice vent most PC-based filters. ministry and the protection if strong institutions join forces to Dutch Police who make up for law-making being either slow or blacklist over 3,000 websites containing child not knowledgeable enough. The problem from sexual abuse content and complicate access to the network provider and ISP perspective is that these pages by showing a landing page that they make themselves vulnerable to requests to reads “you are trying to access a blacklisted broaden filtering into other areas of content—a website.” Several thousand times a month, “slippery slope” into censorship and liability accidental access to child sexual abuse content issues. Examples to illustrate this: In July 2007, sites was prevented with this solution. the Swedish police intended to extend a child The public reaction on this implementation sexual abuse list to include the world’s largest was very positive. In a dedicated poll, 95 percent BitTorrent tracker, ThePirateBay. In Denmark, a of consumers said they were in favour of court ordered extensions of a DNS-based child blacklisting child sexual abuse content, with 94 sexual abuse list to include popular music percent in favour of network operators filtering download sites (the Russian AllofMP3.com and websites of undesirable content in general. The ThePirateBay once again), provoking the spread latter number seems very high, but may be of information regarding circumvention me- influenced by the fact that the question has been thods that undermined the effectiveness of the asked in the context of child sexual abuse original filter. content rather than a neutral debate. Besides, Another approach has been observed in the majority (63 percent) of the press coverage Australia: Since 2007, the Australian government reported on the filtering activity was positive. has contemplated a two-pronged approach Despite this, concerns were raised in the Dutch whereby, on the one hand, ISPs would eventually parliament about the effectiveness of DNS be obliged to filter. So far, this part of the project filtering and the fact that not all ISPs implemen- is bogged down after a number of unsuccessful ted filters. Parliament called on the government field trials where filtering solutions appeared not to investigate the feasibility of mandating to be scalable to big ISPs. Moreover, there is great (potentially more intrusive forms of) filtering on political controversy around the type and quality Dutch ISPs. of content to be featured in the blacklist, admi- The big advantage of voluntary, ISP-led nistered by the Australian Communications and initiatives is that they can provide extended Media Authority (ACMA).

Booz & Company 59 On the other hand, the government developed naturally); thereby, censorship and liability NetAlert, a programme labelled “Protecting discussions vanish. Furthermore, a simple, Australian Families Online,” which included network-based solution minimises the needed blocking of child sexual abuse content. This is a knowledge of users and is readily available for PC-based solution to filter content, comparable the “standard consumer.” For a DNS server- to multiple commercial solutions. This approach based solution, very little configuration is does put consumer choice and responsibility in necessary compared to using proxy servers or the centre, but it also requires certain initiative desktop-based systems. To achieve the desired and expertise from consumers to make it work. results, though, consumers need to be educated Since many users are not extremely tech-savvy, and empowered with appropriate, easy-to-use this solution is difficult to deploy (only a few tools, and the registers of content to be blocked hundred installations have been completed after need to be managed appropriately, ideally on the the initial rollout) and for more experienced industry level. users easy to circumvent. Adding insult to injury, a teenager was reported to have circumvented this 84 million AU$ filter within 30 Existing Child Pornography Blacklists and minutes. NGO Cooperation As the Australian examples shows, no filtering methodology provides a 100 percent In the UK, ISPs have introduced URL-based solution against deliberate circumvention. filtering that is currently available to 96 Moreover, a crucial role, in all instances of percent of residential broadband customers. filtering, is played by the quality of the lists of The URL list is provided by the UK Internet illegal content, that is, the way in which they are Watch Foundation (IWF) and contains se- governed, maintained/updated, and enforced. veral thousand URLs as well as an average The speed by which listed illegal content is of 250 to 300 domain names of commercial actually being removed is another issue. Repor- websites offering for sale images and videos tedly, under “notice and takedown” schemes, of children being sexually abused. Six child abuse sites remained online for an average people work in the IWF Hotline processing of 30 days after being first reported. The reports, assessing and tracing content, and challenge for national hotlines is getting interna- maintaining the IWF URL list. The IWF tional law enforcement (through Interpol or updates the list twice daily and requires its Eurojust) to take action rapidly to have content member ISPs to update their filters cor- removed by hosting providers when hotlines respondingly, at least once every 24 hours. have notified them of illegal content in their IWF shares its list with hotlines abroad (so jurisdictions. According to the UK Internet far with the Danish, Australian, and Korean Watch Foundation, two percent of commercial hotlines) based on an agreement that the list child sexual abuse sites worldwide were still is re-assessed legally to ensure compliance active a year after being identified. under the respective jurisdictions. Lack of a 100 percent solution, differing quality of listing processes, and different In the United States, Verizon, Sprint, Time (7) Note: OpenDNS enforcement standards are all factors to be Warner Cable, AT&T, and AOL agreed can be found at taken into account when assessing the proporti- in June/July 2008 to shut down access to http:://www.opendns. com. We are referring onality of mandated ISP filtering. websites and newsgroups that traffic in to OpenDNS several Last, a solution for blocking child sexual children sexual abuse images. The com- times in this document as an example abuse content can rely entirely on empowering panies are requested to check against a since it is a free solu- the consumer. A showcase example for this registry of explicit sites maintained by the tion that can be tested (7) by all readers of the approach is the OpenDNS implementation . Centre for Missing and Exploited Child- document OpenDNS is a free DNS server that allows users ren. The ambition with the agreement is to choose categories of sites to make it extremely difficult to find or Filtering to fight child sexual abuse to be blocked in a Web disseminate the material online, whilst it is content can be a slippery slope into interface. The DNS server recognized that it cannot eliminate access censorship for ISPs and network then redirects the user to a entirely, as some third-party companies sell providers. landing page if blocked paid subscriptions, allowing customers to content is tried to be accessed. Empowering the access newsgroups privately and preventing consumer himself brings about big benefits: even their ISPs from tracking their activity. Consumers are free to choose what they see or A library of some 11,400 illegal images block (beyond what is legally mandated,

60 Booz & Company around censorship fears, liabilities, and cross- was established allowing investigators to national differences. filter through tens of thousands of online files at a time. The system is based on using • There are two main emerging remedies for images with unique “hash values”—a kind network operators and ISPs: of digital fingerprint—for identifying illegal images that could then be used to search for – In those countries where there is no adequate, the same image anywhere else it appeared independent listing process: Empower the consu- on the Web. mer to help himself (i.e., broadly nurture Open DNS-type solutions) and educate the consumer www.nystopchildporn.com, an initiative about the functionalities and the power of such from New York State Attorney General solutions. Andrew Cuomo, provides details on which ISPs have signed agreements to eradicate ac- – In countries with established third-party cess to child porn through their servers. listing support: Industry needs to decide on the level of filtering to apply voluntarily. To start with the least-intrusive form of intervention, KEY LESSONS a first step could be DNS-based filtering or a Eight key lessons emerge from the discussion: move to the next level of URL-based filtering only if adequate and legally verified lists exist. • Blocking child sexual abuse content is commonly perceived as morally justified and • To avoid filtering extensions beyond the therefore desirable—opinions on blocking other original objective of fighting child sexual abuse “undesired” content (e.g., racist and “bomb- content, listing institutions should ideally be making” websites) are not that unanimous, established as independent from judicial aut- especially from a freedom-of-speech perspective. horities like the police. The UK Internet Watch Foundation is a good example of this type of • Extending blacklists to other content like il- organisation. legal music sites, that are popular and far from commonly denounced like child sexual abuse CASE 6: SOCIAL NETWORKING/ content, tends to backfire as it spurs the circula- INTERNET EDUCATION tion of information on how to circumvent filters. Problem: Children and youths are not aware of the risks of online interaction (e.g., in social • Flawless execution is challenging both tech- networks): Solicitation, grooming, etc. nically and legally, as legislation differs with Risk: Due to the high anonymity made possible regard to what constitutes illegal child sexual by the Internet, the risk is higher than in real abuse content. International treaties to create life (most children know not to talk to stran- common legal bases—like the 2007 Council of gers on the street; but who is a stranger on the Europe Convention on the Protection of Child- Internet?). ren Against Sexual Exploitation and Sexual Abuse—have not been implemented in all mem- Beyond blocking child sexual abuse content ber states. (and possibly more harmful and undesired Internet stakeholders have diverse educa- • A concerted international law enforcement content), there is a tion measures for children and parents. approach is called for to speed up the actual second crucial lever for takedown of blacklisted sites. protecting minors: Educating them about the In- ternet’s opportunities and threats so that minors • Expectations regarding filtering effectiveness can contribute to their protection themselves. need to be managed. No filter is 100 percent Internet-enabled social interaction, in paral- effective in providing a solution. Network-based lel to its rapid growth, has triggered issues that filtering is merely instrumental in preventing had been largely unknown previously: Bullying, accidental access to child sexual abuse content. grooming, and solicitation as well as careless This is an important trade-off against the pro- data publishing. portionality of legally obliged filtering. Asking unprepared parents and schools to help • Engaging in child sexual abuse content bloc- may be asking too much of these “typical king consequently opens up strong controversies education protagonists.” The more they

Booz & Company 61 struggle with covering digital life, two things but they differ quite notably in how proactive need to happen: they are. Bebo is a strongly minors-oriented offering 1. Parents and schools need to be empowered (or and consequently takes a clearly proactive ap- empower themselves) in order to live up to the proach towards user education. For example, it education expectations invested in them. offers an educational video focused on the dangers of social 2. Other institutions—ISPs, network operators, networking and Internet businesses such as social networ- that uses a king platforms—need to be added to the overall comic, entertaining, and intuitive style speci- education effort. fically targeted at children. In addition, Bebo offers written educational materials for teachers Approaches to such education can be discussed and parents; it cooperates with a number of along an adapted version of the Digital Confi- NGOs in the development of such materials. dence Positioning Framework (Exhibit 50). The Facebook takes a more low-key approach to vertical axis differentiates user education, presumably as its target groups Social networking requires a new the degree of activity, the- consist of more experienced and older users. It level of user education—all players reby making the lower half offers an explanatory text about five safety tips need to realize its importance and theoretical, as “no educa- and FAQs for users, but also for parents specifi- provide effective solutions. tion” is not a viable option. cally, mainly focused on complaint processes. The horizontal axis differen- Second, U.S. schools have recently started tiates the individual discretion in such educati- special classes about Internet and social network on, that is, whether approaches make education education. Virginia has already made Internet an optional offering or an obligatory duty. safety lessons mandatory in high schools. First, social networking sites exhibit a clear The focus is on risks in social networks, es- dedication towards user education, as shown by pecially harassment and solicitation. Classes are the examples of Bebo, MySpace, and Facebook. run based on material developed by the NGO They tend to be similar in taking a moderate Web Wise Kids. position on the mandatory-optional dimension,

Exhibit 50: Digital/Internet education confidence positioning—social networking

Proactive TeacherTeacher ParentParent 1 Social networking sites educate their users about the threats and dangers of sharing personal data Social – Bebo is very conscious of threat to minors, with very Networks 2. U.S. Schools 1. Bebo restrictive settings as default – MySpace and Facebook less minors-focused and 3. NGOs restrictive 1. MySpace 2 Recently U.S. schools start special classes about Internet and social introduced network education 1. Facebook – Focus on risks in social networks (harassment, solicitation) Optional Passive Obligatory – In the state of Virginia, this is a mandatory class – Supported by nongovernmental organisations (NGOs), developing material, (e.g., Web Wise Kids)

3 NGOs, such as ConnectSafely, working to educate children, parents and teachers about the Internet

Referee Policeman Referee No Education

62 Booz & Company Exhibit 51: Bebo social network education and proven education formats—resulting in limited leverage of the funds invested overall.

Safety Especially, introduction into formal educa- Bebo Safety is designed to help educate young people, tional systems is just beginning. Surveys in- parents and teachers about the safe and positive use of Bebo. dicate that parents see schools as the primary Introduction: Basic Safety Information Stay Safe: Manage Privacy Settings source for getting informed about safety on the Why Privacy Matters Are You Anonymus Bebo? Photos: Think Befor You Post Internet. Interestingly, “ISP or the telephone Uploading Content Safety Guidelines Mobile Safety: Using Bebo Mobile company” follows a close second. Although only Respect your online community Bullying: Don`t Do it Beat Bullying: A Poem 7 percent mentioned software companies, the Bullying: How to Report Abuse On a Positive Note potential integration of educational measures in the primary user interface (i.e., the operating systems and browsers) would be a logical step to • Video targeting children and focused on the dangers of social networking (comic style reach more users in an interactive manner. videos)

• Written educational materials for teachers and KEY LESSONS parents Six key lessons emerge from the discussion:

• Cooperation with several NGOs to develop educational materials • Educating minors about the opportunities and threats of the Internet in general and particularly of social networking is getting more and more Third, a broad range of NGOs engage in Inter- important. net and social networking education, many of them with a clear focus on minors. • Social networks try to educate their users, but Reflecting the omnipresent trend towards on a voluntary basis, at their own discretion— social networking on the Internet, the very topic society therefore needs to watch and complement of safety in Internet socialising has its own Web social networks’ activities. 2.0 offering: ConnectSafely is a forum with the sole purpose “to discuss safe socialising on the • Parents expect schools and ISPs to play an fixed and mobile Web.” important role in education—it is a valuable op- Web Wise Kids is a large, U.S.-based NGO portunity for both to accept this role even more that engages broadly with Internet safety issues. by intensifying activities they have already begun. It has developed Parents expect schools several digital games • NGOs have already developed broad activi- to be primarily res- targeted at children ties in the field—these activities should be ponsible for Internet to educate them education. about general behaviour best practices Exhibit 52: Parents information channel (UK, 2006) and issues covering online solicitation, predatory attacks, and illegal downloading. It also supports schools by providing “offline” classroom “From whom would parents like to receive information about using the Internet in a safer way?” material and addresses the diverse stakeholders individually on its homepage, from parents to Schools 36% teachers to law enforcement and minors themselves. ISP or telephone company 31% In Europe, Insafe is a network of national TV, radio, newspaper nodes that coordinate Internet safety awareness. 21%

An exemplary activity is the family e-safety kit, Government, local authority 19% published in European countries in early 2008. It discusses key e-safety themes in a design sui- Police 12% table for joint reading with children. Parent association, other parent groups 8% Despite these positive examples, there is still a long way to go in catching up with the rapid Computer retailer 7% growth in minors’ Internet and social networ- Software companies 7% king usage. As shown, there already are many good initiatives. But there is room for greater Associations, NGOs 5% concerted action bringing various stakeholders together to share lessons learnt, best practices, Source: Eurobarometer

Booz & Company 63 consolidated in the near future to join forces themselves after they have been notified to do and to intensify larger-scale cooperation, especi- so. They are generally opposed to engage in ally with schools. “active” Internet filtering to combat copyright infringement. The reason for this is that most • ISPs teaming up with NGOs can be a very technological filters are either overblocking— useful combination to reach large audiences exposing network operators and ISPs to legal with education in an online and offline manner. liabilities when legal content is blocked as collateral damage, or when limiting legitimate uses, • All education needs to target the specific (age) which are exempted under copyright legislation groups on the Internet. For example, “born digi- and freedom of information—or underblocking, tals” in their adolescence hardly need technolo- because copyright infringers and new techno- gical education but need to learn the potentially logies will always find ways around. Finding negative consequences of sharing data and a voluntary, or even a regulatory, solution is sharing personal profiles online inappropriately; therefore a challenge. It can be quite difficult (or younger children need simple advice in an inter- even impossible) for a network operator or ISP active manner; and parents should learn about to distinguish a legal offer from an illegal one, the actual online behaviour of their children and if both use exactly the same file. There cannot need to be able to spot symptoms of exposure to be a technological one-size-fits-all and a 100 potential dangers like grooming or solicitation percent effective approach. in an early stage. Moreover, as opposed to the debate on child sexual abuse content filtering, there is no over- CASE 7: COPYRIGHTED CONTENT arching political or public support for tolerating FILTERING potentially overblocking measures that risk res- Problem: Pirated audio and video content is tricting basic Internet freedoms for the purposes distributed massively on the Internet, and the of safeguarding commercial interests (however content industry is severely challenged to find legitimate) of a particular stakeholder. When in digital businesses models. January 2008 AT&T announced its intention to Risk: Network operators are forced to restrict proactively monitor all the traffic it carried for access to content offers, potentially not in ac- potential violations of U.S. intellectual property cordance with current laws and limiting the laws, it triggered significant consumer backlash, user experience of the Internet. alleging “Big Brother” type practices. Also, the fact that AT&T would voluntarily risk losing its The proliferation of file sharing protocols and immunity from copyright liability when taking platforms, in combination with increased broad- an active role in selecting which content could band speeds available to end users, has made travel over its networks was widely criticised. the fight against online piracy one of the biggest Mandatory filtering of copyright protected current challenges for audiovisual rights holders content is therefore often imposed only by the and regulators. courts—on a case-by-case basis. Lately, the focus in regulatory policy on In an adapted version of the generic Digital fighting piracy has turned on network providers Confidence Positioning Framework, filtering and ISPs, whereby pressure is increasing on can be seen as one form of reaction to illicit them to adopt a more proactive role. Measures file sharing, which can be identified along two being contemplated to be dimensions (Exhibit 53). The vertical axis diffe- “An Internet provider voluntarily deployed range from tech- rentiates what is actually done to combat illegal giving up copyright immunity is like nological solutions (e.g., file sharing, ranging from ensuring that users do an astronaut on the moon taking off deep packet inspection and not engage in illegal activity to blocking illegal his space suit.”* various forms of network- activity by filtering. The horizontal axis pre- based filtering, digital fingerprinting by hosting sents non-technical measures aimed to discipline providers up to watermarking by content pro- user behaviour to deploying technical measu- viders) to non-technological measures (such as res against illegal file sharers or downloaders. forwarding notices to customers who have been Filtering here falls into the Referee role when, identified as infringers); see Case 8. for example, an individual ISP is mandated by Under EU rules, network operators and a court to block access to a particular P2P site, ISPs, as “mere conduit” providers, are exempt or a Policeman role when a whole ISP sector is from any general obligation to monitor traffic mandated to install filters by legislation. over their networks. They only have to engage ThePirateBay (TPB) has been a central “apple *Tim Wu, Law Professor, Columbia University in taking down illegal content that they host of discord” in this field over recent years. It is

64 Booz & Company one of the most well-known and largest BitTor- debate. Rights holders like MPAA and NBC rent tracker and torrent search sites. TPB has have called for network operators to adopt a a reputation of distributing a lot of copyright- proactive role by using bandwidth management protected (i.e., pirated) content like movies. tools to prevent the transfer of pirated content. Several ISPs, for example, the Danish Tele 2, They argue that net neutrality must promote were forced to block TPB recently, as discus- the protection of intellectual property and not sed in Exhibit 54. This forced blocking has two prevent the development of new filtering techno- major problems: Technical feasibility and legal logies and identification technologies to detect backing. On the technical side, DNS rerouting copyright-infringing content. On the other side, can be used to restrict access to TPB—but users consumer advocacy groups likened this practice will find ways to get around this, or, as in the to censorship. case of Denmark, TPB will just add another domain name pointing to the site. Alternatively, KEY LESSONS TPB could be blackholed—but this is a very A number of key lessons emerge from the “extreme” measure as, for example, all services discussion: at the same IP address would be cut off (and it would still be possible to circumvent this block). • ISPs are generally very hesitant to engage In March 2008, the press reported that four proactively in filtering Internet traffic to combat music majors were suing Irish incumbent ISP piracy. Inherently, an active role implies that ISPs Eircom to stop Internet users from illegally intervene in traffic flows over their network, downloading music, the first case in the country thereby undermining their “mere conduit” status whereby an ISP was alleged to be liable for the that ensures their immunity for copyright liabi- actions of its customers, instead of individual lity and exposing them to significant legal claims. illegal downloaders being prosecuted. It comes after a ruling in a Belgian case of June 2007 in • Content filtering is both technically and which Scarlet, one of Belgium’s leading ISPs, legally difficult to implement. It will most was ordered to install a filtering solution within likely result in either over- or underblocking of 6 months. The decision had fuelled an intense copyright-infringing content and infringement discussion whether network operators can be of fair use. As opposed to the child sexual abuse obliged to filter traffic. content filtering, there are, to our knowledge, no Finally, combating piracy using high-tech dedicated independent third parties that pro- filtering technologies, as part of network ope- vide, review, and update illegal P2P blacklists. rators’ network management toolbox, recently Moreover, automated network filtering tech- became a focal point in the U.S. net neutrality nologies based on, for example, fingerprinting

Exhibit 53: Digital Confidence positioning—copyrighted content filtering

Avoid illicit activity Teacher Parent 1 ISPs inform customers about damage done by illicit file sharing and point to legal alternatives 1. Education about consequences/ 2 Based on information from rights holders, ISPs warn alternatives 2. Warning: Illicit subscribers that their Internet account is being used to activity detected & illegally share, or download, protected content, which may potential legal action lead to legal action by the rights holder by rights holders e.g., UK ISPs 3 ISPs voluntarily monitoring traffic to detect copyright infringement may lead to “big brother” type of allegations by Non- customers and possibly legal uncertainty for the ISP 3. Voluntary technical Technical traffic measures measures 4 ISPs may choose to more strictly enforce “legal use” 4. Enforcing customer monitoring policies against infringers identified by rights holders, e.g., contracts–legal e.g., AT&T by sending warnings to customers use clauses ISPs may restrict/block access to specific sites upon court 5. Court-mandated 5 order filtering (case- by-case) 6. Government 6 Governments may pass sector-wide laws imposing the mandated filtering installation of filters by all ISPs (ISP–sector wide)

Referee Block illicit Policeman activity

Booz & Company 65 may be able to red-flag protected content but not addressing the underlying problem. At the cannot make reliable judgements as to whether same time, rights holders call for net neutrality that content is actually used illegally or if it falls to promote protection of intellectual property under legitimate use exemptions. In addition, and to allow filtering and content identification the fundamental question has to be addressed technologies to develop into maturity. whether it is the network operators’ responsibility to protect copyrighted content. The cost • Consumer education also plays an important incurred to do so will then translate into higher role, but has its limits since most users are prices for its own offerings. already aware of what they are doing.

• In the few instances where network operators CASE 8: ADOPTION OF “THREE STRIKES” announced intentions to proactively monitor Problem: In the attempt to fight piracy, the Internet traffic, they faced significant consu- entertainment industry wants to introduce a mer privacy criticism because of the intrusive “three strikes” rule—consumers infringing nature of network-based filtering technologies copyrights get disconnected from the Internet (e.g., deep packet inspection or other forms of after the third offense. filtering). Companies risk putting themselves at Risk: Implementing a “three strikes” rule po- a competitive disadvantage vis-à-vis other opera- tentially disconnects several hundred thousand tors that do not filter this way. consumers from the Internet, severely inhibi- ting those individuals’ personal rights and the • As opposed to the child sexual abuse content growth of the digital economy. debate, filtering content to protect pure commercial interests of one particular stakeholder As opposed to technological solutions to combat whilst limiting basic Internet freedoms does not digital copyright violation, there is a range of carry broad support at a political level or from non-technical mitigation measures at network the public at large. operator and ISP levels being actively debated in the EU, the United States, and Japan. The most • Network-based filtering has been criticised as high-profile of these measures is the so-called infringing net neutrality principles by discrimi- “three strikes and you’re out” rule, which has nating between different sorts of Internet traffic been actively campaigned for by rights holders and services. These technologies would limit across the three continents: It is the idea of legitimate use and lawful expression, stifle in- actually banning persistent illegal downloaders novation, and threaten personal privacy whilst from the Internet—and having such a rule as a

Exhibit 54: The Pirate Bay—recent activities

• May 2006: Police Raid against The Pirate Bay (TPB) – Servers and other equipment confiscated – Founders questioned by the policed but not charged – Allegedly Motion Picture Association of America (MPAA) was driving force of the raid – In June 2006 TBP was online again

• July 2007: Sweden wants to put TPB on child pornography blacklist – Would have blocked access from Sweden – Decision revoked-child pornography reproaches never proven

• 1 million torrents • September 2007: MediaDefener-leaked e-mails show entertainment companies hired hackers • 12 million peers for DoS attacks against TPB (simultaneous active connections) • January 2008: TPB operators charged with “promoting other people's infringements of • 2.5 million copyright laws” registered site users • February 2008: Danish Tele2 ordered to cut off customers from TPB – IFPI claims Tele2 violates copyright with granting access to TPB – Order appealed-violates EU law according to Tele2, since copying in routers is explicitly allowed in the EU Infosec Directive (Article 5.1) – Traffic from Denmark to TPB increased by 12% based on public discussion

• March 2008: Swedish ISPs sued by IFPI to block TPB access – TeliaSonera refuses since they are not allows to wiretap customers – Telia feels not responsible for actions of its customers

• April 2008: TPB sues IFPI for compensation for traffic blocked by Tele2 DK

Sources: News Article, ThePirateBay, Wikipedia

66 Booz & Company major deterrent so that users do not engage in Industry (BPI) to see the effect of warning copyright violation in the first place. letters, in July 2008 this led to a co-regulatory Compared to targeted blocking of services solution based on a Memorandum of Understan- like ThePirateBay that mainly enable (arguably ding and facilitated by the regulator OFCOM. illegal) file sharing or compared to filtering out This MoU aims to provide an agreed industry copyrighted content, there is a high risk of framework for action to combat illicit use of overshooting the objective in actually banning P2P technology only—not the issue of commer- individual users from the Internet completely cial piracy. It is signed by the BPI and MPAA “only” because of copyright violation. It is very representing the content industry; by Virgin debatable whether the business interests of one Media, BSkyB, BT, Orange, Tiscali, and particular industry should be a reason to Carphone Warehouse for the ISPs; and by three completely cut off individuals from digital life. relevant government departments. The ISP Moreover, it is questionable whether network signatories agree to put in place a 3-month trial operators have the right to play such a role. to send notifications to, initially, 1,000 subscri- Depriving someone of Internet access is a serious bers per week identified for them by music rights penalty and should perhaps only be levied once holders. In addition, they will draw up a Code due process through legal safeguards has been of Practice—requiring the approval of OF- exhausted. If network operators, as private COM—on standards of evidence; actions actors, decide to cut someone off based on the against alleged infringers and against repeat or evidence of rights holders, they act as judge and criminal infringers; indemnity resulting from jury. Says Carphone Warehouse CEO Charles incorrect allegations of file sharing; and routes Dunstone: “Our position is very clear. We are of appeal for consumers. So far, the UK ISPs the conduit that gives users access to the have stopped short of threatening subscribers Internet. We do not control the Internet, nor do with disconnection. Their we control what our users do on the Internet. warning letters will, Guy Bono, Member of the European I cannot foresee any circumstances in which we however, be accompanied by Parliament: “On this subject, I am would voluntarily disconnect a customer’s a written warning from the firmly opposed to the position of some account on the basis of a third party alleging a BPI, which will threaten Member States, whose repressive wrongdoing.” both disconnection and a measures are dictated by industries The “three strikes and you’re out” rule is court appearance for those that have been unable to change their embedded in a number of possible reactions to who continue to download business model to face necessities im- the detection of illicit file sharing, as shown in illegally. Remedies to deal posed by the information society. Exhibit 55 and described in Case 7. The Teacher with repeat infringers who The cut of Internet access is a dispro- approach to detection of illicit file sharing appear insensitive to the portionate measure regarding the ob- would be just to inform the user of the damage warning letters are still up jectives. It is a sanction with powerful done by illegal downloading or file sharing of for debate. Solutions to be effects, which could have profound copyright-protected content without permission, discussed include technical repercussions in a society where ac- and to point out alternatives for legal content measures such as traffic cess to the Internet is an imperative offers. Moving up one level of intervention, the management or filtering, right for social inclusion.”* Parent approach would entail that the network and marking of content to operator proactively warn individual subscribers facilitate its identification. on the basis of information from rights holders The third approach, filtering of specific that a computer linked to the individual’s copyright infringing content or file sharing sites, Internet account is being used to download or has been discussed in more detail in the previous share protected content. It is explained that this case. activity amounts to copyright infringement, The most interventionist approach, discon- which could lead to legal action by the rights nection, is currently being discussed and holder. Under this approach, the network actually already introduced in some countries as provider could also suggest security software a “three strikes and you’re out” policy. Specifi- solutions to prevent illegal downloads from the cally, the following has been discussed (for individual user’s account going forward. This example, in France, where the proposal came to way, network operators can minimise liability be known as the “Olivennes Agreement,” so and help the consumer understand that she or he named for Denis Olivennes, CEO of the major is not 100 percent anonymous on the Internet. French media retailer FNAC and chair of the *http://www.cablefo- This approach is currently being implemented Anti-Piracy Commission that drafted the rum.co.uk/article/397/ by the six leading ISPs in the UK. First trialled agreement and presented it to French President european-parliament- rejects-3-strikes-rule- by Virgin Media and the British Phonographic Sarkozy): ISPs must send warnings and imple- is-vm-listening

Booz & Company 67 ment sanctions as required by the newly Countries take varying positions on the “three established anti-piracy authority HADOPI, strikes” idea. France seems to be most advanced which assesses infringement notifications from in formulating the approach in the form of a bill rights holders and instructs ISPs to act accor- to be discussed in parliament in autumn 2008. dingly. ISPs would need to In France, cooperation of major ISPs has been “Britain's six leading Internet provi- send two warnings to secured for a “deal” ensuring in exchange that, ders have signed a Government-led alleged offenders, the first among others, music will be offered DRM-free agreement to stamp out illegal music by e-mail. In case of no for legal download. The UK appeared to be file sharing. The six providers—BT, response and continued following the French lead and was actively con- Virgin Media, Orange, Tiscali, Sky, infringement, a second templating the idea, in early 2008, should ISPs and Carphone Warehouse—will im- warning would be sent and rights holders not come to an agreement. plement a series of measures against 1 week later by recorded With the aforementioned MoU, however, those found to be file sharing. The delivery letter. If there is disconnecting repeat infringers has not been ISPs are reportedly reluctant to im- still no response and illegal included as one of the remedies to be discussed pose the BPI’s preferred ‘three strikes activity continues, the among the signatory parties. The approach in and you’re out’ approach of cutting account would be suspen- the UK is also coupled with a commitment by off users’ broadband connections.”* ded for 15 days. Should the signatory parties to make available more there still be no reaction attractive commercial content offers (e.g., sub- and infringement continues after the service is scription, on-demand, legal sharing) as alterna- resumed, the account will be suspended for (up tives to unlawful file sharing. In Japan, the four to) 1 year. major ISP associations have agreed on imple- Generally speaking, significant confusion menting “three strikes” in reaction to pressure still exists as to how exactly “three strikes” from government and the content industry. In needs to be implemented, for example, differing April 2008, the European Parliament rejected views on the duration of disconnecting users, the “three strikes” approach when it voted on a the unclear monitoring process (France is report about promoting European cultural discussing a statewide register for offenders), industries. responsibility discussions varying across Finally, “three strikes” features as one of the countries (especially if network operators and possible technological mandates for ISPs that are ISPs have to detect all infringements or if they being discussed in the context of the G8’s Anti- only have to react at copyright owner request), Counterfeiting Trade Agreement (ACTA), which liability issues (in case of false claims regarding the G8 aims to finalise before the end of 2008. alleged infringers), and finally who is to pay for ACTA is in large part about updating legal *BBC News, 24th July 2008 such implementations. frameworks to take account of P2P and deve-

Exhibit 55: Digital Confidence positioning—Three Strikes rule

Avoid illicit activity Teacher Parent 1 ISPs inform customers of damage done by illegal file sharing and point to legal alternatives

Based on information from rights holders, ISPs warn 1. Education about 2. Warning: illicit activity 2 subscribers that their Internet account is being used for consequences/ detected & potential illegal file sharing, which may lead to legal action by the alternatives legal action by rights rights holder holders, e.g., UK ISPs

3 ISP obliged (by co-regulation or legislation) to enforce Legal Use contractual terms against copyright infringers (identified by rights holders) and take direct action: Legal No legal – Apply technical measures such as filters, traffic action action management 3. Technical sanctions, 4. Facilitate prosecu- – Apply nontechnical measures: (Temporarily) e.g., traffic manage- tion–provide disconnect Internet access–Three Strikes is a ment or filtering personal data on combination of warning process and active request of rights intervention 3. Nontechnical holder sanctions: Disconnect 4 ISP required by law to provide personal data relating to repeat infringers given IP address on rights holder’s request–without Court (“Three Strikes”) order–for civil action – Needs compatibility check with Data Protection Referee Retaliate Policeman Legislation against illicit activity

Note: For a detailed discussion of filtering copyrighted content see case 7

68 Booz & Company lopments on the Internet. Although these KEY LESSONS negotiations are taking place behind closed Four key lessons emerge from the discussion: doors, leaked information on proposals being discussed shows that “three strikes” and also • With the “three strikes” regime, mitigation mandatory ISP filtering are on the agenda. of copyright violations is being taken to the One aspect often overlooked in public discus- next level of interventionism, with a substantial sions on the merits of “three strikes” is the danger of “overshooting” if the implications are damage to the overall digital economy as the not weighed in a balanced manner. result of disconnecting significant numbers of users from the Internet. Implications of “three • It is very doubtful that the business interests strikes” would need to be understood more holis- of one particular industry should be a reason to tically. A high-level sensitivity calculation, for the completely cut off individuals from digital life— UK as an example, estimates “three strikes” to especially in light of the implementation and op- result in the disconnection of 500,000 users and portunity costs involved for other stakeholders a revenue loss of €180 million for the network in the digital economy. operators (Exhibit 56). In comparison, the music industry assesses an upside of only €33 million in • The public debate around “three strikes” revenue—this total revenue loss of about €150 has concentrated on the appropriateness of the million is likely to be only a minor share of the regime itself—prerequisites, especially the dif- downside for other stakeholders, for example, ficulties around correctly detecting copyright through the reduction of e-Commerce volume. infringement, and implications in a broader In addition to the fact that users would be sense have not been addressed enough. disconnected from digital life, the potential economic damage caused across the digital • Across geographies, governments and net- economy value chain makes “three strikes” work operators have acted divergently. The a challenging concept in terms of finding European Parliament in its April 2008 Resolu- a proportional remedy to combat piracy. tion on “Cultural Industries in Europe” calls

Exhibit 56: Implementing Three Strikes in the UK—high-level sensitivity analysis

User View —high-—high- Internet users (million users) Online music users 13.0

7.0 25%

5.1 5.5 0.9 4.3 1.4 4.2 1.0 3.3 1.0 3.6 4.6 (32%) 0.5 (4%) 3.3 1.0 0.9 Broadband Non Non Downloader Stop after Stop after Disconnected Illegal Thereof Additional Existing Additional Total users users UK downloader downloader with Three warning suspension from Internet downloads already potential users legal users legal services today Three Strikes Strikes stopped using legal customers services down- offers legal services loading

Economic View Internet users (million euros) Online music users 4,800

180 (4%) 4,620

136 103 33 (32%)

Existing revenue Loss due to Resulting revenue Existing revenue Additional revenue Resulting revenue access UK disconnection access UK online music UK online music UK online music UK

Source: News Reports, European Commission

Booz & Company 69 on content owners to collaborate with network reporting of security breaches by network opera- operators and specifically denounces measures tors and ISPs. criminalising consumers who are not seeking to make a profit as not being the right solution • Enhancing the user experience by promoting to combat digital piracy. Strongly hinting at the unobstructed access to digital and online servi- French approach, Parliament calls for avoiding ces by enabling national regulatory authorities measures “conflicting with civil liberties and to impose minimum requirements regarding human rights, and with the principles of propor- quality of service. tionality, effectiveness and dissuasiveness, such as the interruption of Internet access.” With regard to network security and user privacy, the Review specifically proposes that: 2. THE REGULATORS’ AGENDA The various governmental and regulatory acti- • Consumers are informed by ISPs if their vities at EU and national level related to Digital personal data are compromised as a result of Confidence can be grouped into six buckets: network security breaches.

• Activities related to the review of the existing • Operators and regulators are given more res- legal framework for providers of electronic com- ponsibility regarding the security and integrity munications infrastructure and communications of e-Communications networks and services. services. • Enforcement and implementation powers • Activities related to the reinterpretation of for the competent authorities are strengthened, legal principles such as the EU Data Protection particularly in the fight against spam. Directive. • Application of EU rules on data collection • Activities skewed towards facilitating cross- and identification devices using e-Communicati- industry stakeholder cooperation. ons networks is clarified.

• Co-sponsored initiatives. With regard to safeguarding consumer access to high-quality digital and online services going • Law-making activities at decisively national forward, the Review proposes that: level. • National regulatory authorities may set • Activities aimed at driving international coor- minimum quality of service requirements on dination. e-Communications network providers based on standards developed at the EU level. 2.1 ADAPTATION OF THE LEGAL FRAME- WORK AND PUBLIC POLICY The aim is to prevent degradation of service and In November 2007, the European Commission slowing of traffic over networks to such levels proposed a “Review of the European Regulatory that basic connectivity would be seriously under Framework” for providers of electronic com- threat. According to Information Society Com- munications infrastructure and services. The missioner Reding, there will, however, still be Commission envisages that the proposals will room to manage and shape traffic over networks become law before the end of 2009. in order to optimise the user experience, on the condition that this is done in a transparent, pro- Against the background of growing threats such portionate, and non-discriminatory manner. as spam, spyware, viruses, and phishing attacks, The Review also addresses the independence the Review seeks to strengthen the resilience of of the European Network and Information Se- existing networks, whilst complementing earlier curity Agency (ENISA), based in Crete. Establis- legislation that criminalises certain activities. hed in 2004 in view of ever-increasing reliance With regard to Digital Confidence, the objecti- on ICT in critical business processes, ENISA ves of the Review mainly relate to: seeks to, inter alia, stimulate business continuity by benchmarking best practices and developing • Increasing consumer awareness and recourse, risk mitigation standards to deal with disruptive specifically with regards to network security incidents across different infrastructures such as breaches and e-privacy. For example, the Com- malicious IT attacks or loss of critical data. To mission introduces the concept of mandatory date, ENISA has released a number of recom-

70 Booz & Company mendations, for example, on security issues for ling, data mining (online or offline), and digital online social networks, botnets, and reputation- broadcasting. based systems. Reflecting concerns regarding the effectiveness of ENISA in providing active 2.3 FACILITATING STAKEHOLDER operational support to business, the Commissi- COOPERATION on proposed merging ENISA with a new, yet-to- In view of the fast changing nature of markets, be-established European Regulatory Authority. business models, and technologies, concerted As this proposal for a new European regulatory stakeholder efforts to find fast and efficient so- body has proved very controversial, it is unclear lutions are increasingly being preferred over new whether ENISA will actually be merged or re- legislative approaches. In the area of fighting main independent. The EU nevertheless decided piracy of online copyrighted content, the Com- that ENISA’s mandate will be extended until mission intends to establish a stakeholders’ dis- 2011 when the new European Regulatory Aut- cussion and cooperation platform, the so-called hority, if it were indeed to be established, would “Content Online Platform.” Consumers will be take over. given a strong voice in this platform. Following the 2008 Communication on 2.2 REINTERPRETATION OF EXISTING “Creative Content Online in the Single Market,” LEGAL PRINCIPLES the Commission further envisages stimulating Reinterpretation of legal principles is particu- codes of conduct between access/service provi- larly prevalent in the area of Data Protection ders, rights holders, and consumers to ensure and Privacy. Current developments in Web 2.0 adequate protection of copyrighted works and services and corresponding business models, close cooperation in the fight against piracy and for example behavioural and viral marketing, unauthorised file sharing. search technologies and social networking, challenge upholding basic data protection principles 2.4 SPONSORED INITIATIVES IN SUPPORT such as transparency, informed consent, pur- OF DIGITAL CONFIDENCE pose limitation, and the right to rectification In early 2008, the Commission proposed a new as established in the 1995 EU Data Protection Safer Internet programme to enhance the safety Directive. of children in the online environment. The pro- The Article 29 Data Protection Working Party gramme builds on the Safer Internet programme is constantly reviewing the application of exi- started in 2005 and will also encompass recent sting legal principles of the EU Data Protection communications services from the Web 2.0 era, Directive to new technological developments. such as social networking. The proposed new Recently, it adopted a new Opinion on data programme will co-fund projects to: protection issues related to search engines. A key conclusion of this Opinion is that the Data • Provide national contact points for reporting Protection Directive generally applies to the illegal and harmful content online, in particular processing of personal data by search engines. on child abuse material and grooming. Search engine providers must delete or irreversi- bly anonymise personal data once they no longer • Foster self-regulatory initiatives in this field serve the specified and legitimate purpose they and stimulate the involvement of children in were collected for and be capable of justifying creating a safer online environment. retention and the longevity of cookies deployed at all times. The consent of the user must be • Raise awareness of children, parents, and sought for all planned cross-relation of user data teachers and support contact points where they and for user profile enrichment exercises. web- can receive advice on how to stay safe online. site editor opt-outs must be respected by search engines and requests from users to update/ • Establish a knowledge base on the use of new refresh caches must be complied with immedia- technologies and related risks by bringing toge- tely. Controversy arose particularly around the ther researchers engaged in child safety online at notion that the Working Party interpreted IP the European level. addresses as personal data. The Working Party’s priorities going forward These proposals include recommendations made include work on ensuring data protection in by children themselves during a European Youth relation to new technologies, including a focus forum held on Safer Internet Day in February on, inter alia, online social networks (especially 2008. The proposed new Safer Internet pro- for children and teenagers), behavioural profi- gramme (2009 to 2013) is expected to be adop-

Booz & Company 71 ted in 2009. Co-funding of new projects should begin from 2010. Restricting communication speed should be Example projects funded under the 2005 Sa- considered only in exceptional cases. For fer Internet programme include “Insafe” (to em- example, providers can restrict the com- power citizens to use the Internet positively and munication speed for heavy users of certain safely by sharing best practice, information and software, such as P2P programmes, or those resources in interaction with industry, schools, trying to upload an enormous amount of and families) and “INHOPE” (supporting Inter- data exceeding a certain level, if their acti- net hotlines globally to report illegal content such ons occupy much of the network and hinder as child sexual abuse content; see the minors’ the communications of other users. In such protection discussion in Chapter IV-1). cases, however, the ISPs need to disclose information on the restrictive measures to the users.

The minimum basic standards relate to (i) scope of information necessary to put into the contract agreement; (ii) basic requirements to operate traffic shaping; and (iii) relevant legal interpretation: EXAMPLES FOR ONGOING REGULATION DISCUSSION It examines the basis for restricting bandwidth for specific applications or specific users who disproportionately impact the network to the detriment of general users. Japan: “Guidelines for Traffic Shaping,” May 2008 It recognizes that there are privacy considerations related to the DPI involved in packet In Japan, often referred to one of the shaping (i.e., “secrecy of communicati- world’s most advanced markets in terms of ons”) and explains the potential for certain available speeds and NGN roll-out, four te- “consent-of-user” requirements but presents lecom business associations (Japan Internet the legal basis for an exemption from the Providers Association, Telecommunications privacy and consent requirements, where Carriers Association, Telecom Service As- there is a “lawfully justifiable” basis for the sociation, Japan Cable and Telecommunica- packet shaping. tions Association) adopted “Guidelines for Traffic Shaping” in May 2008. According Examples are given of where a practice to a Japanese Communications Ministry would be lawfully justifiable—either to survey conducted in November 2007, about restrict a specific application, or to restrict 40 percent of Japanese ISPs had implemen- a specific heavy user—focusing on: (i) legi- ted speed regulations. timacy of purpose; (ii) necessity of action; and (iii) validity of means. Spurred by P2P file sharing use leading to large traffic increases, the guidelines aim These examples are not exhaustive; it is to curb speeds for heavy users The Interior recognized that practices will evolve, and & Communications Ministry is observing accordingly the principles are kept at a the Guidelines that establish minimum high level and focused on ensuring a stable basic standards for traffic shaping on top of network operation. which each ISP will establish and implement its own operating policy. The Guidelines The Guidelines recommend widespread are voluntary—the principles identified are notification of a packet shaping practice intended to map out a safe harbour of con- (i.e., as opposed to requiring consent), and duct that would be deemed lawful. recommends that this notification be clear to end users, non-end users, and other ISPs The Guidelines state that, in principle, (i.e., particularly downstream ISPs). ISPs should handle surges in communication volume by enhancing their facilities.

72 Booz & Company being imposed on network operators to disclose UK: Ofcom “Voluntary Code of Practice: personal data of illegal downloaders in civil Broadband Speeds,” May 2008 proceedings allowing right holders to prosecute these individuals. In this case, the Spanish right- In the UK, broadband Internet providers are holders association Promusicae asked a Spanish today advertising their “headlight” speeds court to order Telefónica to provide identities that can be transported over the network and physical addresses of customers who had as a maximum. Depending on technology, used the Kazaa P2P service for illegal music infrastructure, and environment, this adver- file sharing. As with the European Parliament tised bandwidth cannot be achieved for a Resolution, the trade-off between protection of specific consumer. fundamental rights versus protection of (intellectual) property, swung in favour of safeguarding The new code requires network operators to fundamental citizen rights, in this case, the right provide an accurate estimate of maximum to privacy. achievable speed on their lines. Further- France, in its role of EU presidency in the more, the code demands the publication second half of 2008, has announced that its IPR on the application of traffic shaping and policy goals will not include a push for an exact relevant policies (e.g., affected protocols replication of the Olivennes Agreement at the and applications, fair use limits). European level. Rather, the French presidency aims to bring all the stakeholders to the table in Ofcom will further investigate broadband order to encourage negotiations. speeds and already acknowledges that speeds Finally, “three strikes” is among the proposals can significantly deviate from maximum actively being discussed at the G8 level. The speeds. In the future, publication of average Anti-Counterfeiting Trade Agreement (ACTA), speed might also be part of the code. which the G8 aims to adopt by the end of 2008, could include “three strikes” and mandatory ISP filtering in an attempt to address the latest P2P and Internet challenges in the fight against 2.5 NATIONAL APPROACHES piracy and impose corresponding criminal Significant divergence in the approach to combat sanctions. threats to Digital Confidence can be observed between individual countries. This becomes 2.6 INTERNATIONAL COORDINATION especially evident in the fight against piracy. Following the DoS attacks against Estonia (see France’s approach, the Olivennes Agreement Case 6), the NATO Bucharest Summit agreed to prevent illegal downloaders from acces- in early April 2008 upon a common policy for sing the Internet temporarily based on “three cyber defence and made a commitment to esta- strikes and you’re out,” represents one end of blish a new authority with the primary task of the continuum of national approaches, whereas, coordinating NATO’s “political and technical” for example, the Dutch Notice and Takedown reactions to cyber attacks. approach based on ISP self-regulation represents Apart from a new body, a genuine common the other. The French approach to punishing European approach to cyber defence also requi- illicit downloaders is also the converse of what res every member state to establish a national is contemplated in the United States, where up- structure for the prevention of and defence loaders instead of downloaders are the target on against cyber attacks, like the U.S. Computer the basis of “notice-and-takedown” procedures. Emergency Readiness Team (US-CERT), a part- Unauthorised uploading of copyrighted works nership among the Department of Homeland is also illegal in France, but the agreement does Security and the public and private sectors. Esta- not provide legal support for technological blished in 2003 to protect the country’s Internet measures to catch uploaders. Under the Oliven- infrastructure, US-CERT coordinates defence nes Agreement, ISPs are to implement content against and responses to cyber attacks across the identification (fingerprinting and/or watermar- country. Currently, only a few European states king) and issue notices to a regulatory authority have such structures. that lead to actions against users. Information Society Commissioner Reding Earlier, in January 2008, the European Court announced that, in early 2009, the Commission of Justice ruled in a case involving the enforce- will present a Communication on the protection ment of IPR that EU directives on data protec- of critical telecoms infrastructure. This would tion and e-privacy do not require obligations be aimed at improving the preparation and the

Booz & Company 73 response capability at the European level in case 2.7 CONCLUSION of cyber attacks. The Commissioner under- The main legal bases for mitigating Digital Con- lined the importance of technical developments fidence challenges seem largely in place, with without forgetting the necessity of increased some need, nevertheless, for reinterpretation of education regarding the advantages and risks of existing regulatory concepts to take account of the Information Society. This line appears to be new technology, market(ing), and usage realities. strongly supported by industry. The cross-border nature of Digital Confidence threats places particular emphasis on internatio- Military Botnets for Information Warfare nal (judicial) cooperation, increasing awareness of the urgency to act and, for governments and In May 2008, Col. Charles W. Williamson enforcement authorities, to allocate appropriate III proposed that the Air Force should build resources for establishing effective mitigation its own zombie network, so that it can structures and partnerships with industry. There launch distributed DoS attacks on foreign appears to be a trend in politics and regulatory enemies. He recommends that the Air Force policies to put greater emphasis on stakeholder should deliberately install bots on its unclas- cooperation instead of greater legislative activi- sified computers as well as civilian govern- ty—in fact, not only in Europe, but with recent ment machines. moves of the FCC in the United States as well. At the same time, there is a need for continued Initially, other Navy officers proposed review of the proportionality of any regulatory installing bots even on existing information activity, particularly in case of highly interven- security systems, and reusing machines that tionist approaches (such as “three strikes” or would normally be discarded to build a mandatory filtering) that may infringe on basic “bot army.” Internet freedoms, basic consumer rights (e.g., to privacy) and undermine vested legal certainties Civilian commentators from Wired conside- for industry players. red this the “most lunatic idea to come out Nevertheless, industry has an opportunity of the military since the gay bomb.” On the to step up its responsibilities in this area with other hand, the effectiveness of large DoS activities to educate and empower consumers attacks cannot be denied—as also recently to increase their confidence in using new online seen in Russia, where hackers brought down and digital services. Complementing industry- most of Russia’s nuclear power websites led corporate responsibility initiatives, when it with a DoS attack. comes to enforcement, increased sector cooperation and with governmental and regulatory bo- Source: Wired, Darkreading dies is required to provide a sound legal basis to support each level of intervention planned. An example would be the various levels of filtering and blocking of content, where network operators will want to ensure that their liabilities are covered. Also in the area of network security, public-private partnerships may be needed to ensure effective collection of often highly sensitive and confidential data as the basis for coherent and effective mitigation strategies.

74 Booz & Company V. RISK/BENEFIT ANALYSIS: DIGITAL CONFIDENCE PAYS OFF

As described in the last few chapters, Digital conducted an analysis intended to look holisti- Confidence is exceedingly complex. Not only is cally at the digital economy and its revenues in it a major “feel good, be safe factor” for consu- Europe, now and especially into the future, and mers, but Digital Confidence also has a relevant to estimate the effects of solid or weak Digital economic impact. For example, online piracy Confidence with concrete numbers. Up to now, today has an economic impact of several billions several studies and reports have shown and Euro in Europe. For each of the key areas of Di- estimated the impact of single measures in the gital Confidence, there are trade-offs to manage, area of Digital Confidence, all of them with dif- all with societal and most with economic impact. ferent assumptions and only for limited geograp- For example, protecting consumer privacy very hies. For our assessment we leveraged all these restrictively may impact new business models inputs and built a consistent holistic model for based on targeted and personalised advertising— the whole of Europe and all Digital Confidence a major contributor to the €57 billion online measures. advertising market in Europe in 2012. It is im- This risk/benefit analysis provides a compre- portant to realise that already today many useful hensive view of which Digital Confidence pillars and innovative online services such as tour- have the greatest financial impact. It assesses the planners or city maps can only be offered for free revenue impact on the European digital eco- to a mass audience because advertising allows nomy of two alternative scenarios compared to financing. These services may come under strong a base case. Concretely, it details to what degree pressure and new ones may not be realised. revenue pools of Furthermore, roles and responsibilities in the digital eco- The risk of getting Digital Confidence wrong Digital Confidence among all stakeholders in the nomy are at risk is high: Market value of €124 billion by digital economy value chain need to be defined from Digital Con- 2012—equivalent to about 1 percent of the to ensure a coherent approach is realised that is fidence concerns, European GDP—could be destroyed. value-creating for the industry as well as delive- thereby providing ring on users’ expectations with regard to indu- a perspective on financial incentives for indus- stry’s performance across all pillars of Digital try to focus its attention in developing Digital Confidence. These roles and responsibilities need Confidence solutions. Understanding this, go- to reflect a fair sharing of burden and be pro- vernments and regulators can support industry’s portionate to the respective roles of the various endeavours in areas that are more driven by stakeholders in the value chain. As key enablers societal rather than financial interests. of growth, both as carriers and providers of Input to the analysis were a baseline market Internet and digital services over their networks, sizing built from multiple statistics and fore- there is no doubt that network operators need to casts, and Booz & Company expert reconcili- continue a central and important role to foster ation and findings from a programme of over Digital Confidence; their core “conduit” business 50 interviews with industry experts as well as is significantly challenged as is future value that in-depth examination of industry best practices is largely generated with commerce and value- and perspectives. added services. Based on a thorough review of the gathered For instance, a “three strikes and you’re out” input, key drivers for the analysis were identified rule advocated by content owners and their as- and used as the starting point for model deve- sociations requires network providers to take a lopment. The model was developed iteratively, role in monitoring and policing the use of copy- placing sensitivity analyses against driver vari- righted material over their networks. However, ation. Stabilised outcome of the modelling was this approach could lead to a direct overall loss finally summarised into the coherent scenarios of about €150 million per year in revenue to the needed for surfacing an aggregate view on Digi- digital economy of the UK alone—in addition to tal Confidence up- and downsides. implications for consumer data privacy. To understand the economic impact of getting Digital Confidence right or wrong, we have

Booz & Company 75 1. FINANCIAL SUMMARY: DOWNSIDE Two pillars cutting across all revenue categories RISKS OF DIGITAL CONFIDENCE have the greatest financial impact. First, there OUTWEIGH POTENTIAL BENEFITS is Privacy and Data Protection, which relates to As a reference point for the analysis, the Euro- consumer concerns over security of digital data. pean(8) digital economy is sized at €436 billion For instance, in the worst-case scenario, consu- in revenue volume across the four major catego- mers will be less willing to share information ries of access, commerce, with third parties, thereby putting strong pres- Privacy and Data Protection as well content, and advertising for sure on the innovative advertising models that as Network Integrity and Quality 2012, with an overall com- the digital industry and marketers are placing of Service have the most significant pound annual growth rate significant hopes in, and which not only act as economic impact. of 18 percent (2007–2012). the cornerstones of many B2C business models, The worst-case scenario—getting Digital but also offer tangible advantages to consu- Confidence wrong, and defined as an “Industry mers, for example, in providing better targeted Divergence” scenario—provides greater down- information for their purchase considerations. side risk than the upside of getting Digital Con- In addition, consumers may be less willing to fidence right—defined as the “One Direction” undertake e-Commerce and digital content pur- scenario: While the downside amounts to €78 chases if there is a lack of trust in how their data billion, there is an upside of €46 billion. Adding is being handled and managed. Second, Network these up shows a delta in industry revenue of Integrity and Quality of Service also has a major €124 billion, which is equivalent to approxima- impact on revenue, as it relates to the protection tely 1 percent of European GDP, with corres- of the technology platforms and to ensuring ponding effects on investment and employment optimal Internet connectivity supporting digital impulses. life. Managed well, the network can be used to The revenue at risk illustrates the potential loss deliver high bandwidth to end users at a QoS that in value to the entire digital life ecosystem—from allows all users to benefit from the full richness consumers through to advertisers, content provi- of digital life—from voice and Internet browsing ders, and network operators. In the worst case, to multimedia services and video on demand. As there will be fewer users doing less and spending such, Network Integrity and Quality of Service less compared to the best case. Although most of directly impacts the level of use and number of this revenue is not completely lost (e.g., just shifts users across the major revenue categories. from Amazon to brick-and-mortar book stores), The other Digital Confidence pillars, whilst (8) Europe is defined some business models and their revenue might important, have less impact in pure economic in this context as the EU-27 plus Norway be completely lost (e.g., online auctions are more terms as they only affect certain revenue cate- and Switzerland. difficult to shift to the offline world). gories. Piracy and Theft Avoidance primarily

Exhibit 57: Digital Confidence impact

Protection 3% +13 –3% –14 of Minors Privacy & Data Protection driving Piracy & 4% potential gain Theft 1% +2 –4% –17 in best case Avoidance 2007 2008 2009 2010 2011 2012

76 Booz & Company impacts revenue of content owners. In addition, • “Business as usual” is the starting point or there is a sizeable downside risk related to the base reference for the analysis. The scenario is negative impact on e-Commerce transactions characterised as following the current trajectory, due to people substituting online purchases for with only incremental improvements in certain traditional media areas and measures being more or less synchro- The introduction of more (e.g., CDs/DVDs). nised across stakeholders. Educational activities interactive, bandwidth- Minors’ Protection would continue on their current level; transpa- hungry services has an indirect rency on data use would be improved gradually, is most sensitive to Digital effect on usage to but there would be no significant improvements Confidence. the extent that pa- with respect to phishing and malware; due to rents control how mitigation being relatively effective, QoS would much their children use the Internet and child- be acceptable, with occasional problems due to ren themselves may refrain from using certain network congestion; and the challenges to con- offerings (e.g., social networking sites) if they tain copyright-protected content would largely persistently hear about negative experiences. remain as today (i.e., existing piracy damage is part of the base case). 2. DIGITAL CONFIDENCE SCENARIOS— FROM DIVERGENCE TO CONVERGENCE • “One direction” is the best case where the The scenarios used to model the impact of industry adopts a harmonised approach towards Digital Confidence have been derived from the Digital Confidence, with all players working general industry understanding of the issue and coherently towards a common vision. Education in particular the case examples that illustrate is improved significantly across the board, often practices relating to the most pressing concerns. in joint efforts across stakeholders; consumers’ The three scenarios vary along the overarching better understanding of strengths and weaknes- motto and the respective characteristics: ses of targeted advertising fosters its take-off;

Exhibit 58: Digital Confidence impact—scenario description

Worst Case Scenario Base Case Scenario Best Case Scenario

“Industry Divergence”: “Business as usual”: “One direction”: Different measures taken Measures more or less in sync Convergence across stakeholders

Motto

• Uncoordinated use of the network • Occasional network congestion, • Significantly higher bandwidth than Network leading to systemic congestion and especially in peak hours, increasingly today coupled with constantly reliable Integrity & degraded user experience requiring network operator attention to user experience QOS effective traffic management measures

Privacy & • Consumers give increasing amounts • Improved transparency on data use, • Education, transparency and effective of data leading to profiling risks but no significant improvement in opt-in and opt-out mechanisms leading Data phishing and identity theft threat to increased data sharing willingness Protection (e.g., innovative advertising)

• Scattered educational efforts around • Existing educational and filtering • Improved and coherent education of Protection threats on the Internet for children measures continued with slight process parents and minors by all players of Minors and parents improvements • More disciplined approach of minors, social networks

Piracy & • Continued piracy, and a reduction in • Significant share of illicit file sharing and • Better DRM solutions for traditional available legal content propositions downloading of copyrighted content business models Theft Avoidance

• Does not provide a coherent vision, • Generally focuses on the most burning • Strongly contributes to the “one Regulator tends to over-regulate (e.g., with issues, especially those with divergent direction” approach, stimulates Position regards to QoS requirements, piracy industry interests (e.g., privacy, minors industry led collaborative governance prosecution) protection), but selectively allows unbalanced interventions such as “Three Strikes”

Booz & Company 77 leveraging a broad array of accepted measures, larger indirect economic impact. With 31 per- network operators and service providers succeed cent of revenues at risk in a Digital Confidence in providing very reliable QoS, at higher speeds worst case, businesses and consumers must trust than today; and illegal file sharing diminishes as that online content platforms cater to content consumer awareness increases and convenient owners, whilst providing a safe and secure content offerings paired with new, intelligent environment for users’ personal data (e.g., usage business models emerge. history, credit card records, etc). Furthermore, as content in many instances requires real-time • “Industry divergence” is the worst case for delivery (for example, BBC’s iPlayer and other the digital economy as it inhibits the continued streaming video growth of digital life. In such a scenario, players on demand solu- e-Commerce, content, and operate in an independent manner, lacking a tions), it is highly advertising are most ex- common vision resulting in various measures dependent on the posed to risks created by a being applied inconsistently. There are only limi- quality of the un- lack of Digital Confidence. ted and often contradictory measures to protect derlying network minors in digital environments; as consumers infrastructure. The ability to derive and grow experience unwanted privacy issues they grow content revenue will be dependent on the quality more sceptical about digital of the network provided by network opera- Almost €80 billion in e-Commerce life in general; uncontrolled tors. As such, network and content providers revenue is at risk in relation to Digi- traffic management leads will need to find a model that shares cost and tal Confidence. to frequent QoS issues and revenue in an equitable way, thereby providing net neutrality complaints; problems around the appropriate incentives for infrastructure copyrighted content soar; and general content investment needed to make the Internet a mass industry “depression” leads to reduction in legal market delivery medium for content. In the best content propositions in the digital world as well. case, €4 billion additional revenue are in reach, compared to a downside of €6 billion. The key distinction between the scenarios is the Advertising is also highly dependent on the level of alignment between the industry players confidence of consumers, as advertisers will only in the approach to Digital Confidence. Align- continue to shift investments from traditional ment does not necessarily mean players do all to digital environments if usage and time spent things in an identical way; it is rather the level online continue to grow. For advertising, the of agreement across the industry to follow the upside is €9 billion, the downside €14 billion. same direction. It refers to the extent to which This means that nearly 25 percent of advertising there is a common understanding of such a revenue is at risk in the worst-case scenario. direction and the overall priorities as well as the In absolute terms, e-Commerce is most at risk resulting responsibilities of each of the stakehol- to Digital Confidence as it is by far the largest ders. revenue category. The downside comes out at Higher levels of joint responsibility—for €52 billion, with the upside being half of that. instance, in the best case—result in an impro- In relative terms, however, e-Commerce is less vement in the execution of Digital Confidence affected as confidence is already reasonably high within each of the pillars and thereby support in established players (e.g., Amazon) and goods usage and subsequently revenue growth. are delivered physically, thereby not being dependent on the Internet for the actual fulfilment. 3. KEY FINANCIAL DRIVERS: ADVERTI- As the underlying revenue category, access is SING AND CONTENT ARE MOST EXPOSED least influenced by Digital Confidence. There TO DIGITAL CONFIDENCE are lower growth expectations for access as it The revenue categories at the greatest threat increasingly becomes commoditised. Digital from Digital Confidence are content and adver- Confidence success or failure is unlikely to actu- tising. ally influence user numbers significantly. Upside Content is highly sensitive to levels of Digi- and downside both show the same value of €6 tal Confidence. This can already be seen for billion. Exhibit 58 summarises the upside and example from the financial impact of video downside for the best and worst cases. piracy today—off- and online. For 2007, the Motion Picture Association of America (MPAA) 4. CONCLUSION estimates a worldwide loss of more than $18 The risk/benefit analysis shows that, in purely billion due to piracy, only accounting for direct economic terms and disregarding the wider damage without considering the potentially societal aspect for a moment, the digital in-

78 Booz & Company dustry has a significant economic incentive in In summary, network providers need to continue coherently addressing certain areas of Digital to play an important role as their core business Confidence in order to at least avoid worst-case is a key enabler for the identified economic revenue scenarios and ideally to strive for best- growth drivers. The level of network integrity case revenue potential. First, Privacy and Data has a major economic impact even if their own Protection is financially important, especially, core access business seems least exposed to the but not limited to, its implications for innovative benefits/risks of getting Digital Confidence right (targeted) advertising business models. Second, or wrong. Network Integrity and Quality of Service will be required to support the continued growth of content and video services. Third, the area of Piracy and Theft Avoidance is relevant for content owners as well as for e-Commerce. Apart from the obvious revenue implications for the content industry in protecting the existing value of their rights portfolios as well as in introducing innovative digital and online content business models, there is an additional sizeable downside risk related to the negative impact on e-Commerce transactions due to people shifting consumption to offline channels, which is not possible for many new business models (e.g., online auctions).

Exhibit 59: Digital Confidence Impact—growth areas and pillars

Value at Stake Relative Effects by DC Pillar Cumulative Best vs. Worst Case –%– – billion euros – Worst Case Best Case

100% = € 124 bn –25% –5% –10% –10% Advertising 3% 10% 3% 16%

Content Access

–3% 10 12 –31% –15% –3% –10% Content 5% 5% 3% 10% 23%

Advertising 23

–3% –18% –5% –5% –5% e-Commerce 3% 3% 3% 9%

–3% –8% –5% Access 3% 3% 3% 9%

e-Commerce Network Integrity & QoS Privacy & Data Protection Protection of Minors Piracy & Theft Avoidance

Note: Best and worst case compared to base case 2012

Booz & Company 79 VI. FRAMEWORK FOR ACTION

1. INDUSTRY NEEDS TO DEVELOP LEA- when users experienced degradation of popular DERSHIP IN DIGITAL CONFIDENCE bandwidth-hungry services like P2P file sharing Europe’s digital economy has a realistic per- sites by the deployment of network management spective of growth spurred by Web 2.0-type technologies. services having become mainstream using the functionality, ubiquity, and increased capacity • Unmanaged expectations around the effec- of broadband networks. Migration to next-ge- tiveness of filtering in the case of child sexual neration access networks, proliferation of highly abuse content. sophisticated network-based technologies, and the new generation of increasingly assertive • Use of intrusive Internet monitoring technolo- “born digital” consumers are potentially disrup- gies for commercial purposes. tive forces for the digital economy ecosystem. This new paradigm is a significant challenge Despite the complexity and diversity of current for policymakers, regulators, and industry at approaches, several guidelines for best prac- large. The level of trust that consumers place in tices take shape, from a consumer acceptance service- and platform providers in terms of busi- perspective: ness conduct and providing secure services and network environments, as well as in the ability • Consumers accept practices that are transpa- of governments and regulatory authorities to en- rent and unobtrusive—network providers and force consumer protection standards, is rapidly content and platform players, jointly with the becoming a major factor affecting the potential regulator, are required to drive such communi- growth of the digital economy. cation forward. The industry is at a watershed moment in the further development of digital life. The risk/be- • Consumers are concerned about how ISPs and nefit analysis shows how industry is financially cable operators manage and police consumers’ impacted by Digital Confidence. There is clearly digital data—clear statements and a consistent a financial imperative for action, with €124 and reliable regulatory framework on this billion at risk across the industry. However, in should be key priorities. addition to the financial incentives, building up digital confidence credentials is also a social • Consumers require control over the risks they responsibility since it is an area of concern for are exposed to—this asks for access to the ap- consumers, regulators, and society as a whole. propriate tools, opt-in/opt-out mechanisms, and education. The case studies in this report confirm that concerns are today addressed by various industry • Consumers accept measures that guarantee stakeholders. However, these actions are mostly quality of service—if this requires active traffic reactive and born out of the need to respond to management, they are open to it, provided there public outcry and media and regulatory pressure are openly communicated terms of service, fair resulting from high-profile incidents involving and transparent pricing schemes, and non-dis- security, privacy, or other kinds of trust brea- criminatory access. ches. Trust breaches have so far been provoked by, inter alia: The case analyses also show the level of complexity involved in getting Digital Confidence • Unmanaged service level expectations, for right. Even the best-intended example, by over-promising on performance solutions, focused on pre- All four pillars of Digital Confidence when the ability to deliver is not under the venting certain behaviour by need to be addressed to sustain the network operator’s control, as in the case of blocking or filtering content, growth of digital life. the U.S. ISPs that conveyed the impression that can be deemed to be at odds no child sexual abuse content would be acces- with civil liberties and net neutrality require- sible over their networks. Another example is ments. Solutions that focus on educating and

Booz & Company 81 empowering the consumer to understand the Digital Confidence policies: Are we just “mere risks and take responsibility for actions to ma- conduits”—do we only pave and operate the nage these risks require a high level of industry highways? Or do we actually engage in setting involvement to build awareness. The software the rules for how to travel on these highways tools are available to support both approaches, and police the rules? but a common definition of standards and poli- However, there is no single answer—the cies with respect to inappropriate content is still position a network operator or ISP takes is often required. different across the Digital Confidence pillars. To avoid regionally dispersed and fragmented The Digital Confidence Positioning Frame- answers to Digital Confidence issues, which are work is a structure to determine positions both increasingly becoming global and broad, we for individual Digital Confidence pillars and have called for a holistic approach and industry- overall. The vertical axis differentiates the wide alignment. This will ultimately lead to underlying principles, with “voluntary” and more transparency and guidance for the consu- “mandatory” as the two poles. The horizontal mer around the risks and benefits of digital life. axis differentiates how measures are taken, Each of the Digital Confidence pillars has passively in a “hands-off” manner or actively complexity around the threats and solutions as in a “full-control” approach. The resulting well as the various stakeholder positions and four quadrants can symbolically be connected interests. to archetypes of societal roles. The Teacher The issue is mainly explored from the per- educates users about opportunities and threats spective of the cable operator. Its recommended as much as possible, but will normally not take positioning with respect to Digital Confidence active corrective measures. The Parent educates is defined, and the appropriate measures are users about threats and measures, similarly to detailed accordingly. The discussion is then a teacher, but will take measures proactively if brought back to the industry level by identifying deemed necessary. The Referee relies on self- the implications for other stakeholders, inclu- imposed enforcement of rules and guidelines on ding regulators in particular. a case-by-case basis rather than on education only, but rules are based on mutual agreement. 2. NETWORK OPERATORS AND ISPS NEED The Policeman is naturally inclined towards TO TAKE A CLEAR POSITION ON DIGITAL strong enforcement, takes all measures neces- CONFIDENCE sary to do so, and does so based on strict rules, The general self-conception of a network provi- for example, to block all illegal activities. der and ISP plays an important role in defining Based on our research and industry under- the level of engagement in building proactive standing and confirmed through our interview programme, it is clear that the natural home ground for the ISP has so far been the upper left Exhibit 60: “Home Ground” positioning for Network operators quadrant—the Teacher role. The characteristics associated with this quadrant are aligned with the original self-conception of a network Voluntary/ operator: Its core business purpose has been and Teacher by choice Parent still is to provide a secure, reliable, and powerful network for Internet traffic, without engaging in what happens over its network. From this, “Home ground” an educator role making consumers aware of digital confidence issues whilst providing them the tools to manage them based on a hands-off approach can be derived. Such positioning will “Hands “Full limit risks and liabilities with respect to is- off” control” sues that the ISP has no primary responsibility for. In general, the ISP would by default not be responsible for defining or policing Digital Confidence standards, for example, prosecuting copyright violation. Our analysis, however, also shows that this is not enough. As a significant proportion of future growth is linked with Referee Mandatory/ Policeman greater usage of existing and new value-added forced digital and online services, the level of trust that

82 Booz & Company consumers place in their provider is becoming graphic Industry to actively approach customers a major precondition for growth and success in warning them about piracy. In the United States, the digital marketplace going forward. As an Comcast constructively reached agreement with ISP, putting ones’ faith in education, corporate BitTorrent on a mutually acceptable traffic ma- responsibility programmes, and legal compli- nagement policy. ance is not sufficient for finding user acceptance However, ISPs need to be very careful when and building trust. Legislation can often not assuming roles outside of their field of primary keep up with the speed, scope and scale of the responsibility. Any move that may undermine changes in, for example, new traffic monitoring their safe harbour of “mere conduit” and expose technologies or increased security risks related them to uncontrollable liabilities will ultimately to sophisticated cybercrimes that impact on Di- not contribute to enhancing Digital Confiden- gital Confidence. Hence, successful companies ce—whilst expectations among the public would do more than just comply; they stay ahead of the have been raised to the contrary, not to mention curve by adopting some key approaches to drive the negative signals this would send to their Digital Confidence: investors and shareholders. ISPs should in any case Industry should use the E3 paradigm: • They internalise confidence building procedu- avoid moving into the Police- Educate, Empower, Enforce. res and protocols. man role unless legally mandated. The Policeman role is a highly oppressive • They are as open and transparent as possible approach that would have a negative impact on in their communications with consumers. consumer acceptance. When legally mandated, not only are network operators and ISPs actu- • They make an extra effort to educate and ally obliged to take on such a role—they are in enable consumers about how to protect their addition protected against legal liabilities when interests in the digital world. they do so. For instance, if they are mandated by law to block certain Internet sites—due to • They use a graded, proactive approach follo- content concerns—then they are less at risk wing the E3 paradigm: Educate first, Empower over accusations of copyright infringement, civil second, Enforce only where feasible. liberties, freedom of speech, and net neutrality. In summary, this positioning translates into As such, MNOs must be proactive in shaping a clear paradigm: E3—Educate, Empower, En- the industry agenda, by seeking to develop so- force. The positioning in the matrix determines lutions and approaches that will inevitably lead the level to which these roles are applied in the them to take new positions in both the Parent network operator case. and Referee roles. There are a number of motivations for network operators and ISPs to step 3. NETWORK OPERATOR CALL FOR outside the home ground. ACTION: THE FIVE KEY INITIATIVES FOR First, strong strategic or business reasons DIGITAL CONFIDENCE could drive the network operator or ISP to leave The E3 paradigm defines on a summary level its home ground, for example, to ensure con- what to do as a network operator and ISP but sumers’ goodwill. For example, if parents are is equally applicable to all other stakeholders of comfortable with the level of protection provi- digital life. ded for their children, they will allow them to Educate. Network operators and ISPs should use the Internet more. Also, traffic management ensure that their customers understand the is of strategic value as it ensures that all custo- threats surrounding digital life and provide them mers benefit from investments in next-genera- with the knowledge to deal with these threats tion access networks and its higher bandwidths, and hence operate safely. Policies should be not just the heavy users. The extent to which a clear and transparent to end users. This includes network operator is able to guarantee quality of transparency about the company’s policies in the service and optimal broadband experience for area of Digital Confidence. all users is a major competitive edge in infra- Empower. Network operators and ISPs should structure competition going forward. enable their customers as much as possible to Second, potentially disproportionate regula- control digital threats and problems themsel- tory intervention can be pre-empted by fostering ves, for example, through an opt-in or opt-out better industry self-regulation and cooperation, approach to blocking undesired content. Specifi- for example, as announced in the UK where the cally, network operators and ISPs should provide leading ISPs cooperate with the British Phono- such processes and tools to customers and

Booz & Company 83 Exhibit 61: The E3 paradigm strategy and position for each confidence pillar. This needs to be the basis for all Digital Con- fidence-related policies in four areas: Minors’ Protection, Data Protection and Privacy, Traf- Educate whoever involved fic Management, and Piracy. The positioning statement needs to be precise enough to provide tangible guidance on the underlying questions related to these issues, that is, how does a com- 3 pany balance the trade-off between inappropri- Empower wherever possible ate content and freedom of expression. E As a next step these policies need to be embedded in the core processes of the company. In most cases this will have direct impact on Enforce when really necessary the way network operators think about product development, for example, by making sure that all products and services released meet the standards. support third parties developing and operating In addition, network operators must keep Di- these tools and services. gital Confidence policies and procedures up to Enforce. Network operators and ISPs should date, by conducting regular legal, public policy, proactively intervene and steer user behaviour in and technical reviews of existing policies and areas of specific public interest vital to preserve procedures. Digital Confidence. ISPs should in such cases Last but not least, the cases analysed in this seek sector-wide alignment and share best prac- report point to one very important lesson learnt: tices. Confidence requires trust, and trust can best Placing strong emphasis on education and be built on open communication; transparency empowerment effectively picks up changes in pays off. As a consequence, companies should consumers’ self-conception and the way consu- be open about the policies they apply and the mers inform themselves and address issues. A rationales behind them—including business recent survey (Edelman’s 2008 Trust Barometer) rationales. Experience shows that consumer ac- analysing European “Info-entials,” young opi- ceptance is generally high if rules and the under- nion elites aged 25 to 34, concluded that these lying rationale are openly communicated—for Info-entials gather information in a profoundly example, with Google’s Gmail displaying targe- different manner than their older peers, rely- ted advertising—and this also opens a dialogue ing on multiple sources of information, with with the consumer, which can be very helpful to their views shaped by continuous participation, improve solutions. reflection, and sharing. As such, Info-entials are open or even demand to be educated well and to 2. GOVERNANCE be empowered to act for themselves. The survey Digital Confidence issues are complex, very finds that—despite being ”historically cynical sensitive, and cross-functional in nature and about business”—they today tend to show a often require the company to define fundamen- comparatively high level of trust in business. But tal positions—for example, how do we deal with the most trusted source of information for Info- sexual abuse content? Getting it wrong bears entials in most EU countries are “people like high reputational and financial risks. Hence, it you and me” and NGOs. Network operators is of utmost importance to devote sufficient top and ISPs can build on this not only to address management attention to the subject. Digital Digital Confidence concerns, but also leverage it Confidence should be clearly embedded in the as a contribution to classic customer retention. organisational structure, through, for example, a Digital Confidence steering committee with se- Building on this general guideline, a company- nior oversight including the authority to oversee oriented view is used to derive and specify and implement all related activities. concrete measures. Measures have been defined in five initiative areas: 3. TECHNOLOGY Enabling technologies are largely in place for 1. POLICIES AND PROCEDURES Digital Confidence, and the focus of attention Network operators and ISPs must have a Digital turns to deciding individual positioning, defi- Confidence positioning statement defining their ning appropriate policies, and establishing the

84 Booz & Company supporting governance structures. Nevertheless, 5. REGULATION there are certain technology-related investments Network operators need to encourage regulators that will need to be made by the majority of net- to focus on specific action areas to support indu- work operators to prepare for the future. They stry’s endeavours in proactively building confi- relate to ensuring that the quality of service dence in areas that clearly fall outside the orbit can be maintained despite the increasing levels of network operator or ISP activity (like black- of multimedia traffic. Network operators will listing of illegal content or law enforcement). need to make investment decisions by managing Regulators should be careful not to proactively the trade-off between adding further transport create regulation in these areas unless the propor- capacity and active traffic management, that tionality of those measures can be ensured. The is, via tiered pricing or technical measures. regulator would only need to be involved directly Network operators need to work with content if consumer interests were genuinely being com- providers to optimise their networks for mul- promised. timedia content delivery through technologies In response, industry needs to demonstrate such as peer-to-peer caches (e.g., P4P initiative) that it is serious about Digital Confidence by or content delivery networks. taking the initiative to develop coherent soluti- They need to make sure regulators understand ons. Such solutions must have the commitment that they address the issue appropriately. of all players and need to proportionately allo- Another major technology risk area currently cate the cost of implementation and the resul- relates to end-user equipment. Such equipment is ting financial rewards. Regulators must allow generally not sufficiently protected from threats industry to develop such solutions and foster such as viruses, botnets, and other forms of mal- stakeholder cooperation and financial support ware. Software solutions already exist; however, programmes, whilst allowing competitive pres- network operators and ISPs should be even more sures to work in favour of consumer interests active in encouraging customers to use them. being upheld rather than applying regulation. Network operators and ISPs must also deploy Although well-intentioned, the regulation may tools and solutions that empower consumers in fact be counterproductive from a consumer to control and manage their own exposure, for point of view and cause economic damage. example, via an opt-in/opt-out facility. This In executing measures across these five will require a step change in the level of acti- initiative areas, network operators and ISPs are vities: Offering solutions for download on the overall well advised to cooperate with NGOs website is not good enough; ISPs should launch as broadly as possible. Many aspects can be programmes to drive and track the number of addressed a lot more effectively if one operator installed solutions (essentially extending their takes the initiative jointly with an NGO as the Teacher role into a more “Parent” position). latter can ensure neutrality and industry-wide applicability, leveraging the good reputation 4. CONSUMER EDUCATION NGOs have. Recent surveys show that NGOs Cable and telecom network operators and ISPs rate highly in consumer trust. should engage in industry programmes jointly with NGOs and undertake their own appro- 4. IMPLICATIONS FOR OTHER priate education initiatives (e.g., information STAKEHOLDERS campaigns on their own websites). This network operator position also sets clear These programmes need to cover threats expectations towards the other stakeholders in related to data publication, targeted advertising, the digital life ecosystem. The two most impor- piracy, and online behaviour overall (including tant groups are: what constitutes bullying, solicitation, and un- acceptable content). • Consumers. Education should be targeted with messages tuned in to specific user groups, including • Other suppliers along the digital value chain parents and children. The parents’ programme (including content providers, software and appli- should focus on how to monitor children’s acti- cation developers, and distributors, for example, vities and build awareness of the threats of the e-shops). environment—and showcase the tools available to them to manage their children’s online envi- CONSUMERS ronment. Children’s education should focus on Consumers must understand the need to apply recognising and dealing with threats. common sense in digital life as they naturally do in the offline world. In addition, they need to

Booz & Company 85 learn how to operate the consumer-oriented so- tion of existing regulatory concepts to take ac- lutions that network operators, ISPs, and others count of new technology, market(ing), and usage develop to allow them to manage realities. The cross-border nature of Digital Consumers have to learn to and control the threats of digital life Confidence threats places particular emphasis use the resources provided themselves. In support of these requi- on fostering international (judicial) cooperation, by the industry. rements, they should accept and make increasing awareness of the urgency to act, and, use of education offers from public bodies (e.g., for governments and enforcement authorities, schools, universities, governmental agencies). allocating appropriate resources to establishing effective mitigation structures and partnerships SUPPLIERS OF COPYRIGHTED CONTENT with industry. There appears to be a trend in SHOULD USE TWO MAIN ROADS TO politics and regulatory policies to put greater DRIVE THEIR AGENDA emphasis on stakeholder cooperation instead Content owners should take responsibility for of on greater legislative activity—in fact, not ensuring their copyrighted content is adequately only in Europe, but with recent moves of the protected. The music industry has struggled FCC in the United States as well. At the same for some time to develop business models that time, there is a need for continued review of incorporate the necessary controls to prevent the proportionality of any regulatory activity, piracy. This issue is now also affecting the film particularly in case of highly interventionist ap- and television industries due to the availability proaches (such as “three strikes” or mandatory of higher bandwidths and compression techno- filtering) that may logies. Content owners need to jointly develop infringe on basic Regulators have to un- solutions to realise fair value from the content Internet freedoms derstand the roles of the they own. To achieve this, they need to develop and basic consu- network operator/ISP and copyright protection solutions at an industry mer rights (e.g., the impact of potential level. The content industry cannot rely solely to privacy) and regulation on these roles. on network players to protect content on their undermine vested behalf. Furthermore, consumers are less likely to legal certainties for industry players. accept Internet players’ solutions (e.g., filte- In other cases, such as the enforcement of ring or content blocking) motivated purely by very strict quality of service requirements, business reasons, as would be the case for piracy regulatory intervention could have unintended protection, compared to those that also have consequences, such as creating significant costs a moral or social aspect (e.g., blocking child for the industry for network upgrades. As a con- sexual abuse content). Piracy solutions need to sequence, regulators should put a special focus encompass both innovative business models as on the interdependencies of the different areas of well as supporting digital rights management Digital Confidence for the different stakeholders techniques. and balance their decisions accordingly.

OTHER THIRD-PARTY PLAYERS Undoubtedly, regulators have an important role SHOULD COOPERATE WITH THE to play to secure Digital Confidence. Given the INTERNET INDUSTRY high complexity of the issues affecting Digital e-Commerce companies should work together Confidence, the role of regulators to foster in- with operators and ISPs on joint education pro- creased stakeholder grammes around topics of mutual interest (e.g., cooperation could Implementing rules phishing). The intention of such programmes be an important without considering all must be to improve consumer confidence through means to that end. consequences can lead to improved knowledge of the threats and issues. Based on the analy- significant revenue losses Consumers must also be provided the tools to sis in this report, the for all stakeholders. manage these risks. Therefore, network opera- following areas will tors and ISPs need cooperation from software reward the continuous attention of regulators: and application providers for jointly developing solutions and activities, for example, OpenDNS/ • Encourage network operators and ISPs to es- PhishTank including the required blacklists. tablish Digital Confidence policies and procedures as well as code-of-conduct–based self-regula- 5. PRIORITIES FOR REGULATORS tion on the industry level, in particular in areas The main legal bases for mitigating Digital Con- where more intrusive regulatory intervention, fidence challenges seem largely in place, with, could lead to negative economic results (e.g., on nevertheless, a continued need for reinterpreta-

86 Booz & Company traffic management) or infringe basic consumer right is neither easy nor free. Most CEOs are rights (e.g., “three strikes and you’re out” rule). under the impression that their organisations are engaged in many of the activities suggested • Consider measures to limit the legal and, in above—and rightly so. But in most cases, this some instances, reputational risk for network will not be enough. Digital Confidence trans- operators and ISPs introducing Digital Confi- cends making educational materials available dence policies and procedures, for example, lead on the website. It is about engaging with the the development and foster the industry-wide leading institutions in this field—private or deployment of a register of sites banned in the public—on a senior level and launching serious interest of minors’ protection—and, in Europe, campaigns that make a difference. This will harmonise the current approaches scattered require funding and potentially new skills in across countries, including establishing struc- the organisations. Digital Confidence is not tures for internationally coordinated minors’ just about having a data privacy policy on file; protection. it is about changing the way a company thinks and communicates about these topics with its • Incentivise industry players to take a more customers and the community at large. In short, active role in consumer education—provide Digital Confidence requires leadership from the funding and establish umbrella initiatives to top in order to prevail. leverage scale, building on experiences gathered The importance of the issue is unquestioned. from the Safer Internet program, for example. And there is a long way to go to address all the concerns, with no single entity in digital life • Increase the effort for international coopera- either having all the answers or being capable of tion to develop global solutions or frameworks solving all the issues alone. Digital Confidence for solutions for essentially global problems, for needs to be addressed at the industry level, with example, in the area of copyright protection. active participation from the major stakeholders following a common framework with clear roles In summary, Digital Confidence does not neces- and responsibilities. In this way Digital Confi- sarily cost a lot—in terms of required invest- dence can unfold all its power and thereby sup- ments—to get right. On the other hand, the cost port value-creating opportunities in the digital of getting it wrong would be substantial. Howe- environments for everyone. ver, getting a Digital Confidence programme

Exhibit 62: Priorities along action areas

Network Privacy & Protection Piracy & Theft Integrity & QoS Data Protection of Minors Avoidance

Develop Digital Confidence positioning statement Policies Engage in development of industry-wide policies Develop internal policies

Embed Digital Confidence in the organisation structure (e.g., DC Steering Group)

Structures/Governance Conduct regular legal, public policy and technical reviews of DC policies and procedures

Technology Deploy solution to empower consumers (e.g., OpenDNS)

Engage in industry programmes Consumer Education Undertake education initiatives (e.g., campaign on company website )

Engage with regulators Regulation No regulation Devise incentives to Develop official Promote solution required–commercial encourage consumer register owned/managed decision education of banned sites by content industry

Note: DC = Digital Confidence

Booz & Company 87 AUTHORS OF THE STUDY

Thomas Künstner Vice President [email protected] +49 211 3890 143

Michael Fischer Principal [email protected] +49 211 3890 168

John Ward Senior Associate [email protected] +44 20 7393 3782

Martin F. Brunner Senior Associate [email protected] +49 30 88705 842

Florian Pötscher Senior Consultant [email protected] +43 1 51822 900

88 Booz & Company BOOZ & COMPANY WORLDWIDE OFFICES

Asia Europe Middle East South America Beijing Amsterdam Abu Dhabi Buenos Aires Hong Kong Berlin Beirut Rio de Janeiro Seoul Copenhagen Cairo Santiago Shanghai Dublin Dubai São Paulo Taipei Düsseldorf Riyadh Tokyo Frankfurt Helsinki North America Australia, London Atlanta New Zealand, Madrid Chicago and Milan Cleveland Southeast Asia Moscow Dallas Munich Adelaide Detroit Oslo Florham Park Auckland Paris Bangkok Houston Rome Los Angeles Brisbane Stockholm Canberra McLean Stuttgart Mexico City Jakarta Vienna Kuala Lumpur New York City Warsaw Parsippany Melbourne Zurich Sydney San Francisco