Is TATT becoming a runaway regulator?

BitDepth#1352

MARK LYNDERSAY

IN MARCH, the Telecommunications Authority (TATT) published its most recent consultative document on the subject of net neutrality, the Framework on Net Neutrality in Trinidad and Tobago, as a precursor to its final round of consultations on the issue.

The first discussion paper to consider net neutrality was published in July 2018, but discussions on the matter, largely focusing on over-the-top (OTT) services, have been ongoing since June 2015 (https://bit.ly/3vmBdw4).

The authority has identified four net neutrality issues that it considers potentially problematic. These are data management procedures that result in or are driven by blocking, throttling, paid prioritisation and zero rating.

TATT defines paid prioritisation as, "The practice that allows ISPs to offer preferential treatment or prioritised delivery to a content provider's traffic in exchange for monetary compensation."

TATT also expresses concern over zero-rating, which it defines as allowing "subscribers to access certain online content 'for free,' that is, without having the data counted against their usage.”

Many of Digicel’s add-on services and content platforms accessed through their mobile apps are zero-rated for its customers.

TATT acknowledges that during the educational lockdown occasioned by pandemic restrictions, the zero-rating of access to certain educational apps and resources was an important intervention.

The framework document also acknowledges an internet access landscape that is fundamentally different from the one that was in place in 2015.

According to TATT, the following statistics define internet access in 2022:

* Fixed broadband internet was provided by 11 operational service providers.

* The fixed internet penetration per 100 household stood at 87.2.

* Approximately 27 out of every 100 inhabitants subscribed to fixed broadband internet.

* Active mobile internet penetration stands at 58.5 per cent of the population.

* One hundred per cent and 75 per cent of the population were covered by 3G and LTE/WiMAX mobile networks, respectively.

To fulfil its oversight responsibilities, TATT proposes a regime of regular reporting and direct monitoring that’s much stronger than its previous enforcement of the requirements under which telecommunications providers operate.

"Traffic management practices should be transparent," the framework document notes.

"The end user must be broadly informed of the traffic management policies adopted by an ISP. Traffic management policies and practices must also be disclosed to the authority in a more detailed form."

Among the remedies for inadequate compliance that TATT proposes is an option to invoke what it describes as "technical network monitoring," a bland phrase that disguises router-level intrusion into the hardware of an ISP if the regulator wants to confirm information about its data management.

These proposals are troubling because there’s a lot that’s missing from these blase statements.

Will information provided to TATT in "more detailed form" be raw dumps of network traffic data or will this information be scrubbed of personally identifiable information (PII) before it is provided to the authority, which is an agency of the State?

On what basis is TATT proposing to invoke powers of digital intrusion into the network of an independent business?

There is nothing in the scope of TATT's operations which empowers it to take such dramatic action, and the authority has proved unable to make use of the powers it does have to compel, for example, TSTT to improve its number portability practices.

It's not the first time that TATT has exceeded the bounds of its defined scope of operations.

In October 2020, TATT announced that it would use its Universal Service Fund (USF) to purchase devices for students.

While admirable, this is not what the USF was taxed from ISPs to be used for. The board of TATT agreed to this measure in September 2020.

Responding to a FOIA filed with the authority in September 2021, TATT could not provide documentation of the line minister's authorisation of this unusual MOU, nor could it provide evidence of open tendering for the purchase of the devices using USF funds.

In response to questions requesting documents detailing the minister’s authorisation and the open tendering procedure, TATT responded that “the documents do not exist.”

TATT's scope for the provision of devices in its own regulations limits it to providing hardware for people with disabilities.

If TATT wishes to monitor internet traffic, an activity that has the potential to infringe on the constitutional right to privacy, it can only do so through an amendment to its operating procedures which requires a special majority in Parliament.

TATT should understand the broad flow of internet traffic in the same way that the Ministry of Works should know the patterns of vehicle use on the roads, but it's a short digital step from there to viewing what is happening in each virtual car, a more obvious intrusion by the State into public privacy.

Given TATT's willingness to ignore the published legislative limits in its own operations, should this regulator be allowed to pursue a course of action that gives it direct hardware insight into public internet traffic?

Mark Lyndersay is the editor of technewstt.com. An expanded version of this column can be found there