MobileTech NewsTwitter

Telefónica wants to evaluate “pseudonymized” account numbers from o2 customers

By accessing the IBAN, Telefónica hopes to find out connections between customers. The Federal Data Protection Authority is examining the project.

 

With a “new data processing method”, Telefónica Deutschland wants to improve its own options for addressing O2 customers and avoid misplaced multiple offers. With this in mind, the company has informed the German mobile phone users it serves that they will use “your IBAN” in the future. The aim is to recognize “whether you are in contact with other customers and to offer you suitable products for the needs derived from this”.

 

The evaluation of the account number is “pseudonymized”, the group emphasizes on its website transparency page and in communications to its customers. This only happens if the IBAN has been specified, for example to allow account debits by direct debit. The corresponding data links are to start on September 5th.

“With the option of comparing the IBAN used in our customer base in compliance with data protection and with special protection, we hope for a further improvement in service in communication and in the contractual relationship,” a Telefónica spokesman explained to voonze online. The realization that two separate contracts are processed using the same account number can be useful for both sides: If customers, for example, process a DSL and a mobile phone contract using separate customer numbers, the underlying shared IBAN can be used in marketing campaigns, for example, to prevent “that these customers receive offers for complementary products”.

The agreed business contacts did not receive a DSL offer for the existing mobile phone contract and vice versa, explains the company spokesman. “At the same time, we could offer these customers to combine the contracts in order to benefit from combined advantages.”

The “all necessary customer master data including the IBAN” would be pseudonymised for the evaluation in such a way that “in the analysis phase no conclusions can be drawn about natural persons,” says Telefónica. “The same IBAN are given the same pseudonym.” Specific campaigns for addressing customers would only be played out and evaluated and linked for the stated purposes if the same IBAN was “hit”.

Telefónica relies on Article 6 Paragraph 1f of the General Data Protection Regulation (GDPR), i.e. on its own “legitimate interests”. There is only one possibility to object to this (opt-out). The company therefore does not consider it necessary to obtain informed consent.

The article in question requires careful consideration of interests; in doing so, the interests or fundamental rights and fundamental freedoms of affected persons worthy of protection must be safeguarded. Lower Saxony’s data protection officer, Barbara Thiel, recently saw this condition not being met in another case involving better customer contact at the Hannoversche Volksbank and imposed a fine of 900,000 euros. On twitter it is already being hotly debatedwhether the O2 project could withstand the necessary balancing of interests – the tendency is rather negative.

“The basic consent to the processing of inventory data from the addressed customers was already obtained in the course of the conclusion of the contract,” emphasizes the Telefónica spokesman and refers to a corresponding one O2 data usage summary page. In it, the mobile operator reserves the right to use “certain inventory data” “to the extent necessary to offer them O2 products that suit their individual needs”.

“Accordingly, we do not need any explicit renewed consent,” explains the spokesman. However, the provider informs about this extended purpose of use in accordance with the transparency regulations from the Telecommunications Act (TKG) and gives an additional chance of objection. A corresponding weighing of interests was carried out for this purpose: “In the course of designing this procedure, we intensively considered all data protection aspects, initiated necessary measures and coordination and checked legal conformity.”

A spokesman for the supervisory authority told voonze online that Telefónica had informed the federal data protection officer, Ulrich Kelber, about the IBAN project. A data protection impact assessment is not available, the process has not been “released”. Kelber and his team are currently checking the available information and exchanging information with the company.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button