The second season of The Communications Risk Show concludes with a special show reviewing the big themes covered during the series and offering predictions for the future. Is privacy dead? Will artificial inflation of traffic swamp networks? Can the comms sector viciously cut staff headcount and then expect AI/ML to fill the gap created by all that lost experience? Ed Finegold, Lee Scargall and Eric Priezkalns discuss the big issues that others fear to mention out loud.
Transcript (auto-generated)
Hello, this is The Communications Risk Show and I'm your host, Eric Priezkalns. It's the 11th episode in this season of the show, but it's also the last. We're going to spend this show discussing the highlights from the season and what risks need more attention in future. We would very much like you, the audience, to be part of that conversation. You can message us during the live show using the interactive window immediately beneath the live stream at tv.comsrisk.com. Messages are anonymous. Add your name to the message if you want me to read it out. We also stream live to LinkedIn. Feel free to leave comments over there too and we'll try to keep an eye on them. I'll read out as many of your questions and observations as time allows. Now let's introduce my co-presenters, Ed Finegold and Lee Scargall. Ed is based in Chicago. He's an industry analyst, an author, and a strategic advisor to tech and telecoms businesses. Lee joins us today from Manama, capital of Bahrain. He's an executive and consultant who has managed risk on behalf of comms providers in the Middle East, Europe, Caribbean, and Asia. Welcome Ed. Welcome Lee. As always, it's been a great pleasure to be with you. All these episodes we've done in this second season of the show. I'm going to miss our conversations, guys. I really am. Now let's get straight in like we always do. No holds barred. No punches pulled in today's episode. We're going to get out with all guns blazing. Let's go straight in to the topics that I would like us to talk about in the second half of the show, but also I'm really keen to have the audience engaged with those topics too. So here's a brief list of the questions that we'll be talking about. The topics we'll be going over during the second half of the show. They are which risks will dominate the comms sector in 2024? Are security budgets rising fast enough? Are cuts to other budgets leading to increased risk for companies and their customs? Is the comms sector trying to convince everyone that scams will never be significantly reduced? And is privacy dead? Tough topics, big topics. We'll talk about that in the second half of the show. But viewers, between now and then, please do share your thoughts on all of those topics for today. And I think the questions will also be shown to you on the little ticker going past the bottom of the show if you watch it scrolling past down there. Now, given this is the prelude to the debate we'll be having in the second half of the show, let's open with some very hot industry news, very relevant to some of those points we'll be talking in the second half of the show. The firms which profit from A2P SMS messages have been hit with a lot of bad news recently. Market research firm Juniper says SMS authentication traffic, the sending of passcodes by SMS, will only grow by 4% in 2024. That contrasts with annual growth of 10% for each year since 2019. Juniper says the rise of AIT, artificially inflated traffic, where enterprises pay for SMS authentication traffic for users that do not exist, will be a key driver of rising SMS prices. This is leading enterprises to explore alternative authentication technologies, such as one-time passwords over OTT messaging apps and flash calling. Meanwhile, Mobile Squared, who described themselves as the global leaders in business messaging intelligence, was that enterprises are planning to exit the A2P SMS market because of high costs and the inflation of traffic. Some of their figures state that SMS AIT fraud will cost brands 2.4 billion US dollars between 2022 and 2024. The overall hit to comms revenues will be 14.4 billion US dollars by 2027. They also observe that over one third of mobile operators have increased their international SMS termination rates by more than 100% since 2021. So my question, my first question for the two of you today guys, is greed making this industry stupid? We've got sky-high levels of meaningless traffic generated by machines. We've got mobile operators terminating this traffic, milking the fraud for a quick boost to their P&L. Not just consumers, but now enterprises are being shown that the comms industry is run by lawless scum who either don't care if they get their reputation ruined for exploiting customers, or are too weak to do anything about the lawlessness. Lee, I'll put you on the spot. You have a long track record working with mobile operators, so I know this is going to be a difficult question for you, but do you think they are foolishly hastening the demise of the SMS revenue stream by speeding the transition towards these other messaging services where there's no relationship between the volume of messages and the amount that's being charged? I agree, Eric. AIT, it's another thing which is plaguing the industry. I think it was Elon Musk who actually brought this to a head this time last year. But I don't think it's fair, and I don't think it's right, Eric, that you blame the telcos for this, right? Yes, the telcos do financially benefit from AIT, but I'm almost 100% certain it's the other players in the A2P revenue chain that are the ones responsible for this. We've also got SMS trashing, and this is another problem in the industry. I've seen reports that up to 30% of international SMS traffic gets charged, but it's not delivered, right, just to increase their margins. And often we see AIT and SMS trashing being done together. So SMS traffic, it gets artificially generated, and then it gets deleted somewhere in the pipe, so it's not actually delivered, right? So I feel that it's the players in the middle who's doing this, and they need shaming. Shaming by who? No one's there to shame them. It seems to me, I mean, obviously we disagree on this one, because as Mobile Squared shared the figures there, huge ramping up in termination fees. That doesn't seem like the behavior of people who wants to stamp out the problem. That seems like the behavior of people who want to profit from the problem. And yes, you make a good point there. You make a good point that because of the technology, the way SMS works in practice, something that consumers may not understand, a message can be sent, there's no guarantee it actually gets delivered, and that's part of the problem. But clearly you don't ramp up the prices because you're not expecting to be receiving SMS messages. You're ramping up the prices because you want to generate more profit, easy profit, and therefore you're potentially part of the problem of encouraging all this additional artificial, robotically generated traffic. Yeah, but higher termination rates, it makes no difference, right? You see AIT where you have low termination rates, and you also see where you have high termination rates as well. Now, hiring termination rates is actually one way of dealing with the fraudsters, actually, because you make it more expensive for them to start spamming your network. So I don't agree that, again, you're saying that telcos are trying to profiteer from this, and I don't think they are, right? Is it not the analog though of other situations we've seen in this industry with artificially generated traffic is being artificially generated by people who are connected to the end recipients of the traffic. So you've got a company increasing the prices for receiving the traffic, and somebody inside that company is responsible for driving traffic in that direction. But you have people in the middle, Eric, right? You have the aggregators, okay? So you've got aggregators connected to other aggregators connected to other aggregators. They benefit from it as well, right? So my feeling is, I mean, if you look at Elon Musk's example when he raised this, he criticized or he blamed something like 300 telcos, if I remember rightly, off the top of my head. 300 telcos all doing this. Now, that to me doesn't make sense that 300 telcos companies would do it. It would be better or easier. For me, if I'm looking at where is the problem here, and it points squarely at the aggregators, it should be the aggregator who does it and not the telcos. Well, okay. We agree to disagree, but I'll say the following. Clearly, we're not going to solve the problem by one camp pointing at the other camp, the other camp pointing back the other direction, and we just have this thing of like fingers pointing and nobody taking responsibility. Let's move on. Ed, you often rail in our previous episodes about PSTN voice. Is this A2P SMS example another indicator of short-term stupidity of businesses? Excuse me. Obviously, like the crooked companies have managed to poison my water before the show, and I'm going to struggle to get through. So if I fall over, we know that it's the crooked companies that have tried to take down this show and prevent us telling the truth. But sorry, as I was saying, Ed, is this another example of the short-term stupidity of businesses that want billions in subsidies for 5G networks that will last decades, but aren't smart enough to see that nobody will trust the telecom sector that will become a degraded third-rate comm service, just like physical postal services that mostly exist to deliver meaningless junk mail that nobody reads? Yeah, I think that's what's at risk. I mean, I think that's a really good analogy, just like we already see people not wanting to answer the phone, but then billions of dollars, as we've discussed many times in the show, like being thrown at protecting the likelihood that someone will answer the phone because the telemarketer might call them that needs to sell them something, right? It's kind of always tagged onto it. So yeah, I mean, I think that's, you know, whether deliberately or by accident, I kind of think it's being driven in the direction of being like, oh, public network means garbage network. And, you know, that's why, you know, the elitists among us want their private 5G networks. And a lot of times they don't want a telecom to even be involved in building that, right? So there's a lot of this sort of odd, like tribalism going on. But overall, there is, I think, a growing distrust of CSPs, whether it's you're not going to be fast enough to deliver what I want technically, you're not going to be responsible enough to, you know, police the traffic that's going on, you're not going to necessarily align with recommendations, you know, from organizations like NIST. And like that one on SMS, I kind of understand. And so this is where, Lee, I'm going to kind of agree with you and disagree with you on this, right? Because I think that there's a legitimate argument here that you're saying that says, like, especially with using SMS for security, right, which we all know has now, you know, has been deprecated for years now, I think it's seven or eight years already. So there's something to be said that's like, okay, there's a market for using this ATP messaging, right, especially for security and authentication purposes. And it's a lot of application developers that are basically like, oh, yeah, I hit the SMS API. And that's how I do my security. Cool. Now I have my 2FA in place or whatever it is, right. And it's just sort of this practice that happens. And so there's a market for it. So telecoms are going to say, well, I'm going to serve that market with SMS, right? And if someone says, hey, that's irresponsible, because it's insecure, it's sort of plausible for the operator to say, well, you know, I mean, I just sold them the SMS. I didn't tell them what to do with it or what not to do with it. Right. And then everybody kind of avoids responsibility that way. But then the problem still continues to persist. And so I guess that's, to me, is where kind of the flaw is that I feel like there's, I guess the truth is, right, that we're not talking about all operators. We're talking about a certain subsection of operators that are abusers that aren't being held in check. So I think there's probably members of the community, right, that do more to respect these kinds of things. Right. And there are others that do a lot less. And we keep seeing the same kind of issue occur or like because the industry is fragmented, because we have different rules in different places. We have bad actors emerge in certain ways that kind of poison the water for everybody. Right. But you know what? There's actually a lot of them, as you were pointing out before. What were you saying, Lee? It was like 300 or 400 operators that were kind of abusing Twitter, right? Twitter. Well, the traffic was going to three, I think, I can't remember, it was like 390 operators. That's where the traffic was terminated on. Now, Elon Musk was blaming or accusing them all of trying to milk the system. My point is, is I don't believe that many operators would do that type of thing. If you've got one aggregator or a couple of aggregators, then if they're carrying that traffic, then they could do it as well because they're the one who's passing it. Yeah. Go ahead, Eric. Yeah. I won't make a point here about this blame game, the pointing of the fingers. Okay. We go around and around and around in a circle in this industry where it's like, oh, it's not me, it's him. It's not me, it's him. Okay. Even if, let's just suppose for a moment that every single telco that was observed to be doing the wrong thing by Elon Musk, they've been falsely accused. They have not done anything wrong. They have been perfectly fine. Okay. How can it be that we have so many chief executives of so many businesses around the world and they can't put together a significant amount of evidence of wrongdoing by other businesses to draw the attention of law enforcement to something that's, in the end, stealing? It's stealing. Whether you're stealing from a human being, a consumer, you're stealing from a shareholder by destroying the value of their company, undermining, taking away the profits, it's stealing. How can we have so many people in this industry always pointing the finger vaguely, and yet nobody can ever put together enough evidence that leads to an actual prosecution of anybody? That's where it becomes questionable that people really are on the right side of the law, and so is somebody else's fault. This is why there is reason to be cynical about businesses, that they take, even if they are not doing the wrong stuff themselves, that they're profiting from the wrong stuff. This leads to the cynicism. And even if you are completely innocent, if you've never done anything wrong, just sitting there, not saying anything, being quiet, that's not the solution. That's not a solution in this case. Even if you're not doing something, right, Eric, even if you're not doing something that's illegal or insecure as a service provider, right? I think there's a lot of these kinds of reputational issues that are out there as we get more complex. And we've talked about this before. The further we go in complexity of services and devices, everything else, the further service providers seem to want to get away from supporting it, right? It's here's your knowledge base. Go ahead and figure it out for yourself, but not necessarily wanting to take on like making the thing that they sold you work. And so I think that that like collective sort of just lack of responsibility is sort of endemic in a lot of the industry right now. And it's been normalized, right? And I agree with you. It's very problematic. It's been very normalized. And it's kind of rude if you call someone out on their being accountable. It's that normalized. So can I just pick up on something I said earlier, right? And this is SMS trashing. Okay. Now it's possible that somebody in the middle could generate a huge amount of traffic to a particular network. And then what you have is you have the person in the middle who's generated that traffic. What they do is they're looking for that particular traffic and they can filter that traffic out. So it doesn't even end up on the terminating network, right? So you'll have no customer complaints. You're not even going to see it hit your network, right? So the telcos, this can be completely invisible to the telco network. So they generate the traffic. It goes through the aggregates and then they filter it out. They trash it. Somebody's got to have the last word. So I'm going to give you the last word this time. I'm going to restrain myself in this case. Normally I'm greedy, but I'll let you have the last word because it's time for an ad break courtesy of our season sponsors, Symmetry Solutions and their Prism Fraud Intelligence team. There are 11,072,215 phone numbers in the Prism Fraud database that businesses should currently have on their watch lists and block lists. 9,667,379 of those numbers are considered to be especially high risk, but that's not every number that the Prism team has ever identified as being used for fraud. The totals go up and they go down because Symmetry is always purging older numbers from the list that they recommend businesses act upon. Anyone can produce a list of numbers that are supposedly risky. You can only determine the quality of that list by watching how many get added and how many get removed on a regular basis. This is because fraudsters are always changing the numbers they use to help avoid detection. So if you don't change your watch lists or block lists at the same rate, you will be exploited. To find out more about the Prism Fraud Intelligence service, contact Symmetry at SymmetrySolutions.co.uk. Now, topical chat again, guys. We had a good one there in SMS. We barely got enough time to cover that one before we're going to get into a real humdinger of a new story. So I'm really keen to hear what you both got to say about this. Now, Analytics Assurance and Security firm Mobilium, the company which bought REFM market leader WeDo in 2019 and then bought Tesco generation market leader Sigos in 2020, is the subject of a lawsuit brought by their owners HIG Capital against their previous owners of Mobilium, Audax. Now, private equity firm HIG Capital has accused their former owners Audax, who are also a private equity firm, of conspiring with insiders in Mobilium to inflate the apparent value of the business by booking fake invoices. In fact, it's not a small amount either. We're talking in the region here of inflating the value of the company by more than a quarter of the price that they ultimately paid for it. This is how Bloomberg reported the accusations. At the behest of Audax, Mobilium managers artificially inflated the telecom firm's revenue numbers by making up phony client invoices from a sham company according to legal filings. HIG executives only learned about the pumped up numbers after the deal closed according to the suit. Now Lee, artificial inflation. We're talking a lot about artificial inflation today. You can artificially inflate SMS. You can artificially inflate invoices. You can artificially inflate the whole value of a company. There's lots of ways to do that. Lee, I can't expect you to comment on the accuracy of the accusations. It's a lawsuit. Nothing's been proven yet in court. But I can ask you for your reaction to this news. In particular, I want to ask you, as the kind of executive who buys products and services from firms like Mobilium and their rivals, if this lawsuit is indicative of a downturn in the market. My thinking here is that either Audax inflated the valuation of Mobilium or HIG Capital is looking for ways to recoup some of the 915 million US dollars they spent to acquire Mobilium. Neither suggests the market for the services being supplied by Mobilium is as healthy as outsiders may have previously thought. Lee, is this all because the market's going downhill? Well, look, I think the market actually for revenue assurance and fraud management has actually been pretty stagnant for a while now. I would say all tier one and tier two operators, they have systems in place. So there's not much growth opportunities for selling software. In fact, if you look at some of the biggest suppliers, they've actually been expanding into other growth areas. And you can see that into things like digital identity, security products, and analytics over the last five to 10 years. That's a bit of a confusing message. We spent the first chunk of this show talking about artificially inflated traffic. Is nobody in the position to sell or buy something to do with all this artificially inflated traffic? Is there not a market there? I mean, we talk every week about these frauds that occur. And yet at the same time, the message is, oh, everyone's bought a system. Oh, we bought a system. We bought a system three years ago. We're on top of it. Why do we always have new news every week, Lee? If everyone's got a system and they're on top of it, why can we not sell? Why are these people not able to sell systems to deal with things like identifying artificially inflated traffic? If it's an intermediary and not a mobile operator, why are we not selling to them? Distinguish the good ones from the bad ones. Is there a lack of imagination here? Or as I say, as I suspect, actually there's a lot of crooked businesses and no one's selling anything to them. So that's the hard thing to do. Look, that's pretty harsh again on telcos. If you look at the market in general, the market has taken a downward turn. And you can see that through the types of products and services a lot of these suppliers sell into the market. So I think in general, it's not going through that growth period as what you had maybe, say, 10 to 15 years ago. Very diplomatic. Lee is always so diplomatic. Ed, I don't think you're going to be so diplomatic. All guns blazing. Without taking sides on who's writing this lawsuit, because we don't want to get sued. We don't want to get sued for defamation here, Ed. Is the accusation that a firm which sells anti-fraud products and services, like Mobilium does, is that accusation that they themselves were involved in committing fraud another sign of the lack of business integrity found in the global comms sector? Even if proven true, this wouldn't be the biggest corruption scandal we've ever discussed on this show. But we're reaching the point where it seems to me that nobody, governments, regulators, telcos, nor the suppliers to telcos, appear to be trustworthy anymore. What do you think? Well, so I think I have two looks at this. One is general, one specific. So when I lose my train of thought, remind me to go back to the specific because I'll start with the general. I think the general is that the tech con has kind of been normalized. And you and I were arguing about government versus billionaires. And I really misspoke. I think where I get frustrated and what I was getting at is having watched for years this fake it till you make it attitude of Silicon Valley just becoming the head of an endless number of tech cons. In fact, WeWork, which was like a variation on the tech con. It was like a tech con that wasn't a tech company. They announced, I think it was today, they announced bankruptcy, just as an example. But I feel like that's been normalized. The tech con, it's gone beyond fake it till you make it. It's now just fake it, has very much been normalized. And so I think that that plays some role here. And like you said, when you have a company that's out there saying, hey, we're anti-fraud, but actually they are committing fraud. It's sort of the same story as the stories about cyber security vendors or anti-virus vendors also putting viruses out in the world. Just none of that surprises me anymore, unfortunately. So I've become very cynical because of just having watched it for all these years. If I go to the specific on this one though, right? So I was a communications director for a multi-billion dollar company for a number of years and did work with the C-suite and was often engaged in what should we say and what shouldn't we say? And how do we talk about things? And I'm so glad that there was never an instance where I had to sit down with my CEO and tell him, you should never call a reporter directly on your own, especially when you're maybe heated up about something. Don't ever, ever do that. So to me, that's like first principle stuff that just don't do that. That's why you hire people to talk to reporters. And the other thing I'd say on this one too, is if you're going to reach out to a reporter to kind of mix it up or try to influence them or whatever it is that you think that you might be doing out in the world, this gentleman on screen with me here, Eric Priest Collins. So Eric, please don't take this as an insult because I don't mean it that way. But if I was your communications director, right? To a CEO, I would tell them that mixing it up with Eric is pig wrestling, which means that you're going to get very, very dirty. And Eric's going to enjoy that wrestling match a lot more than you are. So don't do that. So those are the two things that kind of jumped out at me, you know, about this was not only was it like this sign of just sort of this like acceptance and normalization, you know, of the big tech con and then the things that go with it. It was also doubled down on by doing just violating a first principle of PR that I advise any CEO to never, ever do that. Don't ever do that. Especially not with Speed. Let's get the viewers up to speed who maybe aren't familiar with the history here. So back in March 2022, you're referring to the fact that I wrote an article on Comswisk about Mobilium that cited that they were described by another business, a business that calls themselves 3R Consortium. 3R Consortium described Mobilium as a member of their consortium, and that they had collectively won the contract to assure telco revenues in Nigeria, the biggest economy in Africa. Now, 3R is headed by Raymond Wadi, and Raymond Wadi is also the person who introduced Nigeria's communication service tax bill to the National Assembly in Nigeria in 2016. So in other words, the proposed introduction of a new tax, he proposed the introduction of a new tax on telcos, and then several years later, he wins the government contract to assure the tax on telcos, which would presumably be paid by him taking a slice of the tax on telcos. So I wrote about this because this doesn't prove anything. And yet, at the same time, it's all part of this swamp that we might say that we're in, in the global telecoms industry, where nothing even, then people are even attempting to seem to be proper. And 3R's website had rather exaggerated how many international partners they had for their deal that they had in Nigeria, which is obviously one, because they had the right contacts in Nigeria, rather than because of any kind of technical superiority. Although I see that 3R has won a host of awards recently for being the best revenue assurance supplier in the whole world, according to mysterious little companies that only exist in Nigeria. Probably not the most authoritative awards that we've ever heard of, but 3R's website rather exaggerated in that, as I pointed out in the article, how many partners they had, because it had partners, Mobilium, and it had partners, WeDo, and it had partners, Sigos, even though WeDo and Sigos had been bought by Mobilium already. So you can't be partners with all three. There's only the one company. And I shared the story because the day after that article was published, Mobilium CEO, Bobby Srinivasan, phoned me up. And I want to be absolutely clear, he did not make me any offer that would in any way be construed to be illegal or a bribe or anything like that. He just coincidentally phoned me up the next day to tell me about how he was good friends with John Hoffman, CEO of the GSMA Limited, the all-important money-making arm of the GSMA, and how it was really important that I should be on stage at Mobile World Congress. Ed, what conclusion might you draw from somebody phoning you up and saying, you should really be given these important gigs from this other really important impartial global telecoms association, the day after you point out something that looks a bit like a funny business? What conclusion should we draw? I don't know what conclusion to draw here because I don't want to get sued. I don't either, because I'm not really sure which way it was going. And that's kind of why I said what I said, that either way, I felt like it's just not a great way to develop a relationship with someone who's in the media if you're concerned about what they have to say or had to write about you. It's a very awkward way to approach things. When I first read your note about this, it kind of reminded me of, and we talked about this, it reminded me of the scene in Die Hard where the guy who's used to, I do $100 million deals for breakfast or whatever it is, and he's used to getting his way and going and closing these high stakes deals. And he goes in to talk to the chief terrorist and pays for it with his life because he thinks he can schmooze him and he's wrong. And that's just massively failing to understand who your audience is and who you're dealing with across the table and overestimating your own abilities. And so that's kind of the thing that jumped out at me about it. This is a big business. It's a very diverse and varied business and people come at it from a lot of different angles. And yeah, a lot of people are in this only for advancement, only for clout, only for money, but not everybody. Some people do want to see things done a certain way. And so if you're going to try to influence them with things that might appeal to your vanity, you got to be prepared for the fact that they may bite back at you in completely unexpected fashion. So again, I think that's why a CEO just should not reach out to a reporter on that basis. Too much can go wrong. Well, I mean, it's a catch 22 for me to discuss this because obviously I like people reaching out to me and telling me things. And if they behave inappropriately when they're reaching out to me, it creates a nice story for me later on when I choose to share it, when I choose to show it. I haven't been showing this story a lot, but nevertheless, draw your own conclusions about why the CEO of a company would choose to behave like that straight after being involved, being his companies mentioned in some deal, which again, is not proven to be in any way illegal or wrong or whatever. And yet at the same time, we can say there's some shadiness about the very fact that the winners always seem to be winners and the losers always seem to be losers. And it's very important that certain people always come out with more money in their pocket after every deal. So what the hell? This is the last show in the season. I don't care. They can't stop me now. It's too late now. They have to literally pull the plug on my internet connection. I could probably somebody outside right now preparing to do that. Lee, I may be sabotaging my career, but I talk about Mobilium like this, a former advertiser on comms risk, you know, but do you think I exaggerate when I highlight that there is a desperate lack of impartial scrutiny of some of the telco world's business dealings and an ever present threat that any insider who calls it out, Muggins here, for example, will be starved of finance and starved of access to various bodies, like the GSMA and regulatory foreman's where we know that dodgy dealing is most likely taking place. Am I being a fool to myself? Can we can this can we ever win by creating this and making this industry more transparent than it currently is? I don't think you're sabotaging your career, Eric, probably more. That's right. I am. I think you're biting the hand off that feeds you more, to be honest. Yeah. Yeah. But look, I've known you for years, right? You're a principled man. You like to call things out when you see them. Right. And I think that's why thousands of people, they read your posts and they watch your shows every week. Basically, you say I am stuffed. OK, thank you for your honest feedback on that one. That's not what I want to hear. Viewers who are watching, please, I'd love to hear your opinion on this, you know, unless you've all been like your internet connections are dropped. Who knows? Producers, producer Jones will let me know if I could be cut off. I think it's an awkward position to put you in, Eric, to be honest with you. Yeah, I think it's an awkward position that you were put in on this one. And like I said, it calls into question both the aim and the method. Right. And that way. But I think, you know, the thing that we were talking about here, though, right where we started was just this idea. Right. So we've already gotten away from it. How easily you get distracted. We've already gotten away from this idea that the that an entity and I'm not talking about bullying anymore. I want to get back to sort of the bigger picture that you in this case, you happen to have, you know, an entity responsible for fighting fraud, being accused of fraud, like that ultimate like irony that occurs. And so some of it, I think, talks about, too, we were talking about responsibility before, you know, I one of the things that's come up during the course of the season is we've talked to people that are taking on a lot of different pieces of of a bigger set of problems. And a lot of them are going at it on their own in a lot of cases. And some people, you know, are right. And then sorry, they're going out of their own and at different phases of development and maturity. And sometimes what I start to think is like, hey, if we're all doing this independently and for our own purpose or for our own passion project or something like that, that's actually not as effective as if you need to kind of pull it together as some sort of an accountability. And I don't know how that actually works. But if there were to be an effort at having something that strives for promoting more accountability and responsibility in across tech industries, I'm not just talking about communications, I'm talking about across like like the greater converged ICT industry that's especially emerging now. Right. Then it it's a collection of all of those voices like yours, like Tom, who we spoke to. There's another gentleman. Forgive me. We spoke to earlier this year. Right. And you'll remind me of who, you know, had another I think was it really just a seven, perhaps various other initiatives are out there, the folks that we talked to who are, you know, involved in the verification of banking transactions, you know, all of these different pieces that we've talked about, as long as we leave them all as pieces and separate. I think it's it's like it's not just easy for the bad guys to win. It's easy for the people that don't care enough to do anything to win. Right. Which is a lot of the I think the root of some of these problems. So I guess what I'm saying is I'm rooting to what anything we can do to get those messages out there more consistently as part of why I want to keep doing what we're doing. But look at the example that was given. The example was John Hoffman, the GSMA, they're dangled as bait. They're dangled as bait. Don't say anything. Don't rock the boat. Everything's all fine. We're going to give you some goodies. So an association that you would want to be bringing people together to stamp out corruption. I'm not saying that they in any way endorsed what happened and certainly nothing came. I never got to stand on the Mobile World Congress stage. So if, you know, whatever was being offered, nothing actually was received in the end. But they're being dangled as bait. They're being offered the suggestion being that. If they were taking care of all these problems, we wouldn't bother to have the show. We would need to. I mean, if as much effort was put into stopping things like robocalling, these other frauds that we talk about all the time as there are to defining the real time specs for 5G charging, we'd solve the problem. Well, this is it. I'm getting gray hairs. I need somebody else to solve the problem. I can't be doing it myself. I'm not a young man anymore. Okay. So viewers, if you've got any suggestions for who can take on solving this problem going forward, we'd love to hear it. Now, some of the topics we discuss on the show can be rather gloomy and can be rather difficult. So I was thankful for the ray of sunshine provided by another of our sponsors, OneRoot, the experts in core authentication, fraud prevention and geolocation. They're working their absolute best. They always do work with integrity. That's why we're so glad to have them as sponsors of the show. And as well as making the world a better place, they always give good, effective solutions to telcos and to regulators. Each week, they remind us of the things we have in common and the things that make people special by taking us on a trip around the world via the phones and our pockets. This week, the destination for OneRoot's Alyssa Giles. She's taking us to Egypt. Producer James, roll VT. Hi, everybody from OneRoot. I'm Alyssa Giles, and this is The World In Your Phone. Let's talk about Egypt. Egypt is the most populous country in the Arab world and the third most populous country in Africa behind Nigeria and Ethiopia. But did you know that in March 2023, Telecom Egypt announced that it's working with IBM to adopt intelligent automation technologies to implement an umbrella solution for all of its operating support systems on mobile, fixed and core networks. This will reportedly offer the Egyptian operator a holistic view of its entire IT environment and help it innovate quickly, reduce operational costs, minimize the time required to troubleshoot and resolve network-related incidents. A few other interesting facts that I found about Egypt include that almost all of Egypt's population lives in a narrow strip of fertile land just along the Nile River, which represents only about 5% of Egypt's land area. Egypt is also home to the only remaining original ancient wonder of the world. This, of course, you guessed it, is the Great Pyramids of Giza. Another fun fact is that Facebook is extremely popular in Egypt with 5 million users residing there. When most people think of Egypt, they think of desert. But did you know that the clear waters of the Red Sea make it one of the best scuba diving destinations on earth? Be sure to subscribe to OneRoute on YouTube where you can catch up on the world in your phone and watch OneRoute Roundup, the show that spotlights individuals and companies making a positive difference in the telecom industry. I'll leave you with one last fun fact about Egypt. It is the third sunniest place in the world. Now, Eric, back to you and more of your awesome communications risk show. Thanks, Alyssa. Ed and Lee, let's circle back to the questions raised at the beginning of the show. Those were, which risks will dominate the comms sector in 2024? Are security budgets rising fast enough? Are cuts to other budgets leading to increased risk for companies and their customers? Is the comms sector trying to convince everyone that scammers will never be significantly reduced? And is privacy dead? So let's take those questions in turn and see where we end up. And please, viewers, we'd love to have your comments. Don't be shy. Season finale, no holds barred. We can say anything we like because they can't take us off air next week because we're not going to be on air next week anyway. So we can say anything we like. Now, even Lee can say something, though he usually tries to avoid saying anything too contentious, unless it's putting me down, which case is fine. We're talking about. Let's start with you, Lee. Which risks are the ones that you've identified as the ones that will dominate the comms sector in 2024? So there's three items here that I want to discuss. I think the ones, in particular, the ones which will dominate will be, again, quite depressing. It'll just be scam calling, SMS phishing attacks. You know, if you look at the trend, it's been growing year on year. So I don't see 2024 being anything different. Most operators will struggle to get this under control without leadership and coordination from the regulators. So that's what's going to dominate. I've got a far out. My next one's a pretty far out one. And I think next year we're going to see our very first big cyber attack on telco. Now, I'm not talking about ransomware on a couple of a few PCs. I'm referring on here about taking down an entire network, right, similar to the kinds of stuff which Carsten Nol talks about where cloud infrastructure is compromised. And then the third thing, which is one of my kind of pet topics or one of my interests, should I say, and that's the emergence of kind of voice cloning or deepfake audios to commit fraud or spread mass misinformation similar to what we saw with Keir Starmer and a couple of others a few weeks ago, but also like using AI in general to commit fraud, right? So, you know, if you imagine now those overseas call centers, those scam call centers, they're quite easy to detect, right, because they don't have a native local accent. However, if someone uses something like an AI voice changer to sound like a person or have an accent like you're familiar with, then that makes fraud a lot harder to detect, especially when you can't see that person. Okay, great points. Ed, any overlap with your risks that you've identified for dominating the comms sector in 2024? Yeah, definitely a little bit of overlap. I agree with Lee on a lot of these, and I'll add one. So just top three here. So one, I agree, ransomware. And I agree, Lee, that it's that what's hanging out there, the other shoe we're kind of waiting for to drop is some big infrastructure attack. And it feels like that move to cloud networking is the thing that opens that door, as again, we had talked about with Carsten. So if that's a big one, I would keep an eye on. And one of the reasons I'm also keeping an eye on that is just because I'm reminded of having heard that article I mentioned in a previous show, where the folks who had started out as ethical or white hat hackers had gotten so frustrated at being ignored that they turned to becoming attackers instead, because it's just easier and more lucrative. And they kind of got to the point where they wanted to say, I told you so. And that stands out to me, because I think that that actually is rising. I think the I told you so is a bigger, bigger, not just the money, I think the I told you so is a bigger part of it than people realize. That's one thing. The other two is impersonation, right? And Lee summed up a lot of the details of what that means. But yeah, I think that the application of AI is only going to make so many of these impersonation scams that we see more effective. And probably there'll be new ones created that we haven't thought of. And I think telcos really need to be prepared for that. And a lot of those impersonation scams are going to be social engineering type stuff, right? It's pretending to be someone that you're not to the help desk, pretending to be someone you're not to the contact center to get a SIM swap through whatever it is, it's, it's just really accelerating all those same types of scam angles, and attack angles that we already see. The one I want to add that we didn't maybe didn't address is real time payments. So this is kind of the linkage I try to look at between telecom and banking. And Eric, I think you maybe published something. I don't know if you published something or I saw another headline that was talking about countries, maybe even in Thailand, starting to look at splitting liability between telecoms and banks, when those kinds of scams occur. It was Singapore. Sorry. Thank you. Yeah. And I found that very, very interesting. So there's obviously like a natural connection between those two things. We've seen the introduction, like in the US of a new real time rail for payments. So the payment side of that is growing extremely fast, right? And that's a reason why I think you're going to see increasing growth in these, these real time payment scams, which incidentally, tend to link back to the stuff that we talk about, like robocalling, and phishing, and smishing, and all these other abuses of the telecom infrastructure. So those are the three that I'm probably looking at and reading at the most right now. And topics we've all discussed during the course of this season. So from both of you, from both of you, the feedback is we've been talking about the right things this season, which is good to hear. Let me throw something else into the mix. Let me throw something else into the mix that I think is easy to leave off the agenda. And which relates to everything we've just talked about now, and makes everything worse. Job cuts. I think we're going to see in 2024, then worsening in 2025, and worsening again in 2026, that job cuts will mean that we lose a lot of experienced people who understand the things that go wrong in telcos, understand why we need to be cautious about doing certain things in telcos, have the skills in place to diagnose when things go wrong, and try and put in place some kind of expectation. We're going to lose a lot of skills. We're losing them already. We're losing them right now. Maybe some of those people, they do freelance work for a while. Maybe some of them go work for a vendor or consulting business for a short while. But a lot of people are going to be exiting the telecoms industry very soon, because there isn't enough money to keep them all employed. We'll lose all those skills. We'll lose all that experience. And we have no means, no way whatsoever to replace it. We haven't even thought strategically about what it means to lose all these people. We're going gung-ho with technology, technology, technology. And then I know, Ed, you're not the biggest fan of Elon Musk, but we're going to go technology, technology, technology. And then Elon Musk is going to have a chat with Rishi Sunak at Blenchley Park, and they'll work out at some helicopter level how we're going to put in place rules that will mean that we won't misuse things like artificial intelligence, which will greatly influence things such as whose calls get connected. Just last week, I was struck by this. The timing, I thought, was extraordinary. Last week, President Joe Biden is a bit upset because he's a bit of an old man. He can't make his way over to Blenchley Park in the UK to attend the AI convention, so he's had to send Kamala Harris instead. Old man Biden, he doesn't want to be left out, though, of the debate. So he has to do an executive order. Look at me, look at me. We're setting the global framework for AI. You can trust us, US government. We'll not just do it for ourselves, but we'll do it for the whole world. His appointee, Jessica Rosenworcel, same week, we're going to have a look, a look at using AI for deciding whose calls and whose text messages will get through. When Joe Biden talks about AI and the power of government, it's about stopping things like racial profiling. When Jessica Rosenworcel talks about the power of AI to stop bad calls and bad text messages, nobody says anything about racial profiling. How odd. How odd that a one-layer government, the discrimination, the unfair discrimination between some people in our society is front of mind, and yet another layer of government that will actually be deciding what specifically gets discriminated, what specifically are the calls that get connected, what specifically are the text messages that get blocked. Suddenly we don't have any attention to detail on this particular point, which I would have thought would be the most important point you could make in terms of, am I allowed to speak to somebody else? Is somebody else allowed to speak to me? I think we're going to lose all our industry expertise. We're already bad at talking about the problems we already have. We're already bad at coming up with solutions to problems we have. We're already bad at being honest. Then we're going to take a huge chunk of the workforce, throw them in the bin, lose all their expertise, and then we're going to deal with worse problems coming forward. I think we're stuffed. I genuinely think we're stuffed. These problems you've identified, they're going to be three times worse than they would have been otherwise. Lee, we're losing good people. We're losing good people, and they're not being replaced in the regulatory bodies, in the government bodies that are making decisions. We don't have the skills anymore in this industry to tackle the problems we've created. What can be done? What can be done to turn this around? Is there a way to turn this around, or are we? Am I now stuck in the mode of being a doomsayer? The end of the world is nigh. Is there no way to turn this around and to hold on to some of the knowledge that we have? Because I think we're losing a lot of knowledge. I think we're accelerating towards a future which is harder and harder to predict and control without the people who can help us to understand the route we should be navigating. Yeah, I think you're right, Eric. I don't have a solution to this particular problem, but we see it all the time. People leaving the company, they don't get replaced. When they do go out the door, they take a huge amount of experience and knowledge. If it's just about how systems work, how governments work, how whatever, they just go. If it's not replaced, that's a big risk. In fact, that's one of the other questions we had. We were looking at other budgets, and that was something I wanted to raise here about job losses. Actually, within the industry, it actually does create gaps in working practices, and that can add to the risk as well. I had it covered just in a different section. There you go. Well, I'm going to keep on rolling through the questions now, guys, because there's so much here. We won't get it all done in time. We'll just plow through as quickly as we can. Let's talk specifically about budgets. One area, more money is being spent. Fair enough, security. More money is being spent on security. My question starting with you, Ed, is security budgets, is security expenditure going up as quickly as it needs to go up? Look, I can't answer that question only because I haven't been studying that number year over year as an analyst. It's hard for me to say, is it going up fast enough? I want to answer a little bit different. We've seen a lot of numbers about increased spending. I don't think this is a spending issue. I think this is an approach problem. I think it's a tooling problem. I think it's also possible, and I'd love to hear from someone who covers this market regularly, although I have talked to a couple such people about this. I think it is a market maturity problem, the chaos of the security market. When I've dipped my toe in that market and looked at it from a maturity standpoint, it reminds me of where the OSS business was 15 or 20 years ago. You have a lot of boxes designed to do specific things for specific silos. They don't necessarily have an awareness of each other. It's those seams that are being attacked. You have a fundamental... The attacks have evolved around the problems in the existing legacy security environment. That legacy business, I don't think, has necessarily morphed to address the way that the new threats have evolved and how they're continuing to evolve beyond that. That's where I actually think the gap might be here. Even if you throw a lot more money at it, you're probably throwing a lot more money at something that isn't necessarily going to solve the problem that you need solved, which is more like, again, that's I think... We talk about Carson a lot. Carson's a great person to talk to about how do you sort the noise from the practicality of what you need to do. It's useful. I think that's the big question for CSPs right now because there's also a tremendous amount of noise, a fear noise that comes out of that market right now. One of the things that's coming out of it, I just want to say, because I think you'll see a lot of money get thrown at it, is AI, which you were just talking about. You're going to see a lot of money get thrown at that AI as the solution to everything. I think whether it's from the vendor side or it's from, like you said, the regulatory government side, what a convenient deity AI is to have. It's this wonderfully convenient... It can predict the future. It can learn anything you want. It's all-knowing. It can do all these things that you can't do for yourself better than you can do them. What a wonderful deity we've created for ourselves that people in very influential positions can now go and sell and push down on other people. I think that's a risk. It just is. You're going to bet way too much and bank way too much on this thing we call AI to solve a whole set of problems that it's not going to solve. In 99% of the cases, like we talked about, it doesn't even exist. Assume it's fake until you make it and it never makes it. I have to start there. As cynical as that is, I have to start there with it. Well, I think you're just right. I mean, when something comes along that's better than what you had in the past and cheaper than what you had in the past, you should better be pretty sure it really is better and it really is cheaper too, because it turns out that we're very good for believing in new things that are going to be cheaper and better in the past. And then when we actually total up all the spending we made after fixing all the problems, after uncovering all the things that weren't so good with the technology we implemented, it might have been cheaper to stick with what we had. Some human intelligence, as I often talk about. We seem to be putting a lot of our eggs in the basket, this very convenient basket that we don't need human intelligence anymore because AI, better and cheaper, get rid of the people, cut the costs. And yet, I struggle to imagine there's anybody who's had any serious career in the telecoms industry who can't think of examples of telecoms companies spending a hell of a lot of new technology only to find out that they wasted it. I've seen plenty of examples of wasted expenditure. So do we really believe that this is completely different to every other case? We can just barrel in, spend the money, it'll be fine, it'll all work out cheaper. And yet, the current crisis we have right now is caused by some absolutely fantastical thinking about spending money on networks and then complaining that nobody wants to use them. Lee, security budgets. I would say, and we'd add on this one, I would say, yes, they're going up, but I think the issue is money being spent well. Your point of view as a telecoms insider, is enough money being spent on security? Should be more be spent? Yeah, I mean, I do have some figures here. So, you know, if you look at Gartner, they're predicting a 14% year-on-year growth in cybersecurity spending. So if you look at that globally in 2024, it reaches 215 billion US dollars, right? I actually agree with Ed, right? I personally think that security budgets are probably where they need to be right now, right? If you ask a CISO, then he'll probably tell you that they need more money, right? And I think regulatory fines and data breaches are kind of driving that investment in security right now. But Ed raises a good point there about using AI for cybersecurity detection. It's actually already used for things like intrusion detection. So if you look at the average kind of data flows within a network throughout the day, you can kind of train that and it learns the patterns of traffic by day, and then it can kind of spot anomalies in that traffic. So if somebody's trying to exfiltrate data at three o'clock in the morning, it sets things like alarms off. But then what they do is they use AI actually on the other side, right? So they use AI to detect these patterns, and then they send the data out at nine o'clock in the morning when everybody's logging on, and at lunchtime when everybody... So you have this competing war against, you know, kind of attacking and defending that is quite interesting. And that's where I think we're going wrong. This is where I want to bring it back to human intelligence. Human skills, losing human experience. The one thing we've not been doing well in recent years is making the full use of some very good, very experienced professionals who have been inside telcos, their skill set, investigation. Investigation, by definition, is not clear what you're going to conclude when you start an investigation. But you need investigators in telcos because they're effectively doing a specialized job that law enforcement can't do because law enforcement's not inside your company, and they're not going to train people to the level needed to go and investigate what is the cause of some bizarre, anomalous, strange experiences you're having, whether it's handsets disappearing from a warehouse or strange traffic on your network. We're trying to solve every problem by turning it into a data problem. Put it into data, stir the data around, look for odd patterns. Well, that seems to me to be a very narrow way of understanding how problems occur in the real world. And if you're only going to look for problems of that type that can be solved in that way, you're going to be blind to every other problem. I'd rather see some investigators working, not saying don't have artificial intelligence, but working in parallel alongside. Take what we can from artificial intelligence, but also have some human beings going, are we looking for the right things? Are we examining the data we've got in the right way? Should we be looking elsewhere for evidence? I think we're going to completely miss that. I want to agree with you, Eric. I want to just quickly, if I can interrupt you to agree with you, the AI that's doing that detection in the world of scams or anything we're talking about probably isn't, or maybe it is because they're using cameras, but it's probably not looking out of the parking lot and seeing the guy who pulled up in the fancy new car and wondering what happened. Because we know that bribes are part of this. The human intelligence part of it is a critical piece of this. So I agree with you. You can blind yourself by being overly reliant on the bright shiny bubble. Yeah. And even if it's not a bribe, who's connected to who, who's friends with who, who has got a track record of bad behavior, good behavior, all this stuff that can't necessarily be taken to court. Reputation, the reputation of a business. It's very difficult to turn the reputation of a business into data, but it's valuable experience that a lot of people that we're currently throwing out of telcos, we're throwing that experience out and we're trusting data will somehow tell us. If I was a criminal, I'd be rubbing my hands with glee. Fantastic. No human history. Nobody remembers anything. All I just need to do is keep chopping and changing my approach and just stay ahead of the algorithms. Anyway, keep moving on. Lee, let's stick with you on this one. Security budgets going up. Are budgets for other areas going down? Will that lead to more risk? Yes, it will. So I had two items for this particular question. The first one, which we already spoke about, which is the job cuts. You lose that experience, the knowledge, and you also can create kind of gaps in working practices as well. And that kind of adds to the risk. I think we've already covered that one. The second one on here is, I would say, kind of a lack of investment in kind of sunsetting older technologies. So things like 2G and 3G where communications can be intercepted and not actually replacing them with things like 5G. Great points. Great points. Ed, are they on your list too? Or are you less worried about budget cuts affecting other... budget cuts in other parts of the business affecting the risk profile of communications? I had kind of a screwball reaction to this one that could just be like pearl clutching and paranoid, but bear with me. People let go. Projects that were running don't get finished. They may not be well-documented. They're sitting out there on a server somewhere. That's the skunkworks or whatever, the sandbox, sorry, the backdoor that gets attacked. Right. That kind of thing was what occurred to me is it's... so many times it's like those totally unintended consequences that that's the thing that ends up being attacked. And so I think there's actually risks that just from that, just from people leaving things hanging. I mean, the talk hack a few years back, it was just some unneeded real estate still left on the web that should have been taken down. Nobody ever got around to taking it down. Left there, left the vulnerability and the vulnerability was exploited because it's housekeeping. It's about keeping your affairs in order. And when you're making job cuts and when you're saving money, you leave it and you don't get around to doing these things. Great points. I'm conscious of time guys. Let's keep going with the questions here. Let's stick with you, Ed, on this one. I always bias my questions. I'm sorry. I can't help myself. Is the comms sector trying to convince everyone that scams will never be significantly reduced? I mean, it seems that way. But I mean, the only reason I can imagine that's the case is because no one wants to peg themselves to... no one ever wants to peg themselves to being the person that eliminated it. So better than to peg yourself even to an improvement number to say, oh, this will never be solved. But look, we're making improvements. I mean, not from like, I'm not going to take any responsibility, but I need a communications plan point of view kind of makes sense to me. That's a very weak, defensible position to take, right? Yeah, exactly. But it's not going to solve the problem anytime soon, you know, for sure. And so I, again, I mean, we've talked about this a lot this season and I, it is, I still haven't figured it out. It's all of these different things that we've talked about. It's a reluctance for law enforcement to pursue it, right? It's like this lack of understanding of what it is, right? It's the politicization of solutions that go in a incomplete or odd direction, right? It's every one of those things together that we, as we've talked about on the show, that ends up resulting in this really bizarre global problem that we have. That's right. That has countless number of victims. Yeah. Lee, are we being too harsh here? Are we being too downcast here? Are there some rays of sunshine saying that, showing us that we can actually start to significantly reduce the amount of scams that we all suffer through our phones? Or is it, is it, is it, are we just having our expectations managed because everyone expects them to just keep on going up? Well, I think it depends on where you are in the world, right? So, some companies, they do excuse it, right? You know, and others, they actually do, do a good job. They actually try and, you know, protect their customers. I mean, this year, just to give you some examples here, Myanmar, they work very closely with China to shut down and arrest some of the scammers in their call centers, which I think is a really positive sign of kind of cross-border collaboration. Also in India as well, we've seen scam call centers being shut down by the police as well. But, you know, there's still a lot of work that needs to be done, right? I'd like to see an international law, which relates to telecommunications crime and better kind of cooperation between countries when this happens. Okay, I'm not so, I'm not so convinced by the international law. You don't sound convinced with that, do you? No, international laws, we had, we had it, we have, we've had data protection for a long, long time now. And my next question is privacy dead. So, I think you can see where my thought process goes in terms of how much laws have helped us out in the long run in terms of technology risk. They have not really been a part of the, they've been part of the problem, not part of the solution. You know, it's easy, it's easy to pass, they're going to do it. Ed's favorite bogeyman, Elon Musk, is going to be meeting up with Rishi Sunak, Bletchley Park, you know, and there'll be some series of words produced at Bletchley Park that will be along the lines of, we're all going to leave here, and we're all going to make the world a better place. And we're all doing something now. And well, you know, it's easy to produce words. It's easy to write laws. It's a lot harder to actually achieve the results in practice. And this is why I go back to losing skills, losing actual people, you know. Let's use a corollary. Let's use, let's use a different example to illustrate the point. There's been a lot of fuss made in Britain in recent years that the standard of policing has gone way, way downhill. And the argument has been that what's the factor that's driven it is that policing numbers have been reduced systematically over time. So a lot of experienced police officers leave the police force, you lose their skills, you lose their attributes, and you lose them as people who can help train new people when you recruit new people. So when you just go out and recruit new people, you can't get back to where you were, because those new people don't have experience, and they're not helped by people with experience. We've got to have a bunch of people come out and say, we know about technology, we're going to solve this problem. But as Ed's pointed out, a lot of the people who are going to be at the top, helping to write the laws, well, they're going to be part of what Ed calls the tech con. The people who we shouldn't be trusting anyway. They help to create the marketplace that's exploitative, rather than protecting us. They've been part of the- Well, in fact, they get conned. And they are conned. They are themselves being conned by tech people who execute tech cons. And we've seen it happen many times. We've got no foundation of truth to build on anymore. And so it's easy from the top to create a cloud of words and to promise everything will happen afterwards. We don't have a foundation of truth to build on anymore. We don't have people with actual real knowledge that we can rely upon anymore. That's what I would say in terms of being negative. Oh my God. No one's immune from it. If you're watching this show. Sorry, go ahead. No, I'm saying no one's immune from it. No matter how much of an elitist you are, how much power you think you have, the Theranos story is a perfect example of how people with the highest levels of power can be taken in by these things. Because why? Because everybody wants to buy the uniform or rub up against it for one reason or another. And it's almost like this religious aspect of it. That's why I say he is a convenient deity. And let me tell you the difference between Theranos and a lot of this technology we're talking about. In Theranos, as much as you can create a bogus machine that's going to be super small and do all these blood tests, in the end, a human being, you take some blood from them and you do some tests on the blood. And so they had to go to a lot of trouble to fake the tests on the blood to get the results. There's some grounding in truth, ultimately. Did this machine produce that data or not? Did this machine process that blood or not? Or were you having to go through a really complicated series of scam activities in order to use other machines, other technology to do the same test? Because you still need the result. AI, data in the abstract. How are you supposed to know you got the right result? No, but you can't go back. You can't compare the little Theranos machine to the big, proper machine. There is no big, proper machine you're comparing your AI machine to, to tell you the truth. So you block something. You don't block something. You say that this looks like fraud. You say that doesn't look like fraud. There's no truth. There's no truth left anymore to compare your results to. Like early in the 20th century called the Wizard of Oz. And they talk about, don't look behind the, I mean, don't, right. There's a parable, many parables for this already. Right. That's what I'm getting at. And it amazes me that how much it keeps growing and people want to keep buying into it. And I'll tell you one thing I get, I know I'm still going off on the, on the AI thing. Cause I think right now it's the thing that's has the most launch gas behind it, you know, in, in the hype cycle. But I think if I was someone, we talked before a little bit about like maybe we talked earlier about, you know, data, data governance, that's become a very big thing in telcos. It's become a great discipline. There's been a lot of analytics, big data, all this kind of thing. And then AI kind of came in and stole the show. And I feel like if I was the guy who built the big data thing and started doing some pragmatic stuff for the business that was practical, that all of a sudden was like, no, no, no, no, no. We got to rebrand this AI. I'd be pissed off. It's like, what's wrong with what I did? I didn't need AI to do any of that stuff. I brought a whole new organization together. I did all kinds of things for the organization, right? Now the PR guys are saying, call it AI, right? Like it's, it's, it's absurd. I'm going to make time for a couple of comments from the viewers here. Thank you for everybody who's left comments. So Daniel Adachi in reference to what we were talking about earlier on with the, with the situation, with the lawsuit concerning Immobilium, he says, ouch. And I think you're right, Daniel, certainly ouch, if I was a shareholder in that company. And Hank Van Haster, thanks as always, Hank, for watching. So it's nothing is faster than the human brain and customer complaints. AI is always running after the facts and creating a solution for what has been. Yeah, I think that's, it's important point. It's also about history. When you rely upon data, it's always about history. It's never about anticipating the future. You have no data for the future. So you can't anticipate the risks of the future using artificial intelligence. You need somebody with this thing here to anticipate what's going to happen. And the weird thing is we're getting rid of, we're getting rid of those people who learn from experience. Final question, guys, conscious of time here. Lee, let's start with you on this one. Again, always a loaded question, always a slanted question, but it makes it more interesting. Is privacy dead? Is privacy dead? Whoa. Yeah. So CSAM, or if you look at child sexual abuse material laws, in particular in the UK, EU, US, I think that will end privacy as we know it today, if I'm being honest. It won't be in 2024, but at some point I can see things like client-side scanning on handsets actually coming into law. So that's giving the authorities the ability to see everything on the phone. And I think this is going to be a gradual progression over time. So it'll start off, we've got the UK Online Safety Act, we've got the EU's Digital Services Act, and this will start to enforce the platform providers to comply. But then guess what, the governments will start to say, well, yeah, you know, it's not effective. It doesn't go far enough, right? It doesn't work quite right. So now you need to give us access to your handsets, right? So even the GCHQ and NCSC in the UK, they're actually promoting client-side scanning on handsets. So I think it's definitely coming at some point and the ability to do this already, it's already on iPhones. Ed, is Lee being too skeptical? No, I think Lee's right. And I think because of that, I think where I see this going is that privacy is going to get a rebrand. So there's two pieces to this, right? One, you're asking, is privacy dead? I thought privacy was dead anyway, and the US has a lot to do with that, for reasons we've talked about. You know, unfortunately, I just, but I tend to encourage people to, you know, in your digital life, assume that your, you know, identity's out in plain sight, you're hiding in plain sight, you know, and we all are in that sense. So I mean, that's one thing I kind of assume, but I think just building off what Lee was saying, I think privacy ultimately is going to get a rebrand because it's now going to be, oh, well, we're going to have to violate your privacy in order to protect you from these threats that Lee's describing. So we're going to have to call this something touchy-feely that makes you feel safe, and not privacy anymore. It's going to get a new category. I just feel like that's a political thing that's coming. What would you call this category? If I gave you the job of being the marketeer for this new category of semi-privacy, what would you, you wouldn't call it that, because that'd be a terrible name. No, happy, fluffy digital life something. Yeah, something like that. They've happy, fluffy digital life. I think we probably call it sustainable digital sustainability in your digital life. There'll be something like that, right? Yeah. I think I'd probably call it something like the, I'd call it like the Bletchley Park constitution or the Bletchley Park announcement or something like that. I'd just give it like something completely left field so people would go, oh, well, yeah, technology, clever, and there was a building and all the clever people went there, and people don't even pay any attention to the detail. I mean, I'm just, I know we've run out of time, but I'm just going to really go down the Alex Jones InfoWars approach on this show. So I really am taking a risk here. Not that I approve of Alex Jones InfoWars just in case anyone's confused here, but if you look at how things are done, say climate change, see where I'm going with this, all right, okay. But if you actually look at how the news gets reported, it's a journalist summarizing what a political appointee has written in terms of like abbreviating an awful lot of research that's been done by people at a detailed level. So when you get to that point of abstraction of what is the percentage chance of something happening to a climate, you're really a long way away from the original base science in terms of what you're doing. And that's what we're going to have with safety online in future. That's what we're going to have with safety in our networks is we're going to have principles that are so very abstracted from the truth of what's happening on networks. There's reason to be skeptical about whether you are or aren't being protected. There's bound to be counter examples. There's bound to be evidence that doesn't fit the message that's been presented to the public as a whole. That reassuring message, keep on going on public, keep on consuming, keep on doing the things you're doing because nothing has greatly changed. And there'll be some conspiracy theorists, the David Ikes of the world, the Alex Joneses of the world who will try to make things that don't really exist, exist in the minds of their followers. But then there'll also be some truth to things that are being simplified, abbreviated to the point where even the experts are actually tainted. They're not really giving impartial expert opinion. They're seeking to draw the conclusion that they want you to reach. That's why we need this show, isn't it, Lee? Because we need people like us to say how it really is. Isn't that the real message of this entire season, Lee? Don't ask me. I'm just like a co-presenter on this show, yeah. But ask the audience, yeah, ask the audience what they think. But look, I think the stuff we discuss on these shows, I think it's relevant. I think some of it's probably seems a little bit far out for some of the audience members to grasp, maybe. But some of the stuff is, you know, in particular, I think client-side scanning and end privacy, 100%. Not next year, but a couple of years down the line, for sure, that's coming. Yes, it's going to be... Tell that to Khashoggi, yeah. That's effectively what did for him in Saudi Arabia. I know that maybe that's a difficult one for you to talk about based out in the Middle East, Lee, but we've already got the Pegasus software on people's phones, effectively doing the same thing. And if the wrong government gets that data. And on that happy note, we'll hold an end for this season. Thank you, everybody who's been watching. I've enjoyed it. I know that we get pretty dark. It's some of the stuff we talk about, but at the same time, I've had a great laugh with these guys. I really have. I think Ed is a fantastic co-presenter, brings so much to it. Lee, I've been so grateful to have him as a wingman, not just on this show, but on the previous show. And my gosh, our producer, James Greenley, what a star he is to have been able to hold this show together, such a high quality production on such a small budget. So we will be back in future. And if you want to see us back in future, then it's always helpful to throw a few of the readies our way. We take anything. Bitcoin, Venmo, we'll take anything. We'll work for food. We're not ashamed. We'll take anything. Although Lee has got higher standards, obviously. His agent will be in touch if you want his services. So that's it. We're going to call time on today's show, call time on today's season. Thank you, everybody. I have to say, I've enjoyed it tremendously, and I hope that you, the audience, have too. That's all for this show and for this season of the Communications Risk Show. Thanks for watching today. It's been splendid. We will be back next year. But if you've missed any of the episodes, you'll find them on tv.commsrisk.com. Go back and watch the old ones. They've all been cracking shows. Lee's been fantastic. Ed's been fantastic. We've had some amazing guests this season as well. We do hope you'll be watching us again in the new year. Now, I say it every week, but now's a good time to subscribe to our broadcast schedule, because when we start again, it'll get added to your diary automatically. You won't need to worry about missing any of the shows. Thanks to my co-hosts, Lee Scargall, Ed Finegold, both of you. Big pat on the back for both of you. Huge pleasure debating with you every week. I'm so grateful for the time you commit to this show. And thanks again, James Greenley, our tremendous producer of the show. I think a big round of applause for James. He doesn't get many mentions during the show, but my gosh, where would we be without him? He's looking for a new full-time job at the moment as James, but I'm very sorry to see him go if he does, especially he doesn't really have time to produce this show anymore. He's done an amazing job with so many of the work, some of the tasks, the 101 things that go into producing this show every week. It's been a real pleasure to work with James. You've been watching the 11th and final episode of the second season of the Communication Risk show, and I'm Eric Pritzker. Catch up on any episodes you missed by replaying the show's dedicated website, tv.commsrisk.com. Keep visiting our main site, commsrisk.com, for news about risks in the communications sector, with updates every weekday. And there will be soon some good news to share about the Risk and Assurance Group, RAG, including the fraud and leakage catalogues at riskandassurancegroup.org. Thanks for watching. We'll see you again.