Why data expires – Explained by a hacker
The expiry of mobile data is a hot-button issue in South Africa, and to address data expiry industry regulator ICASA proposed new regulations under its End-User and Subscribers Service Charter.
During public hearings on the regulations, the National Consumer Commission (NCC) stated that data bundles must have a minimum validity period of three years.
However, the NCC also said it had no interest in starting a war with the industry – it prefers a strategy of persuasion and collaboration with the sector regulator.
Mobile operators do not interpret the CPA the same way as the regulators, however, arguing that it was clearly referring to physical data vouchers and not the product redeemed from the voucher.
ICASA and the NCC were warned that if they insisted on including regulations to force a three-year minimum for data expiry, the matter would end up in court.
Ultimately, ICASA removed these data expiry regulations from the charter, but included provisions that requires operators to roll over unused data and allow data to be transferred to other subscribers.
Over-simplified explanations
When operators are asked why data expires, though, they usually give one of a few explanations.
- Their business model takes into account that people don’t always use all their data and prices are lower because of it.
- They don’t buy data by the megabyte, but sell it that way to make it affordable – which requires that the data expires.
- Data is a service, not a physical product.
Security researcher Rogan Dawes responded to a MyBroadband article featuring one of these explanations by Vodacom CEO Shameel Joosub, and offered more insight into the matter.
How data is made
Dawes said that Internet service providers buy capacity, not data.
“That is, they buy a 100 Megabit per second (Mbps) transceiver, or a 1 Gigabit per second (Gbps) fibre line.”
This grants them a certain theoretical maximum amount of data transferred, if the lines are 100% utilised all the time.
“Most of the time they calculate an average data rate, and work from there, to allow for temporary over-utilisation, as well as time to perform upgrades when the averages increase too much,” Dawes said.
“So, they calculate how much they are paying for all their capacity and the average bytes transferred (data), add their profit margin, and come up with a figure that they charge the masses for their data bundles.”
Importantly, capacity has a time element – expressed as “per second” – that data does not. Unused capacity can never be recovered. It can’t be “rolled over”, or “banked” for later.
“If it is not used, that’s it. Pay up, regardless,” said Dawes.
“Hence, to a certain extent, I am sympathetic to their claims that you cannot simply roll over the bundles that you have bought. Certainly, not indefinitely. Even rolling over data for an extended period, such as a year, can cause all sorts of problems.”
An experiment
To illustrate his point, Dawes proposed a thought experiment.
Consider if 10 million people bought a 1GB data bundle that is valid for one year. That is, 10 petabytes over 365 days.
Converting days to seconds, the ISP would have to provision for an average capacity of 3 Megabits – rounded up – per second.
To allow for different usage patterns, they provision a 10Mbps connection.
If none of the subscribers use their data for the first 50 weeks, but start in the middle of the last month to ensure they use all their data, 10PB over 14 days would require capacity of 8267195 bytes per second.
The ISP would need to upgrade their capacity to at least 100Mbps to avoid hitting the ceiling, and have customers complaining about poor performance.
That’s 10 times more than the capacity the ISP had originally designed the product for.
“So, should they provision a 10Mbps connection, or a 100Mbps connection? And if they provision a 100Mbps connection, how much more will they have to charge their customers per gigabyte, in order to pay for that capacity?”
Feeling ripped off
Responding to feedback that people don’t care about logical explanations for data expiry because of the historical behaviour of South Africa’s mobile network operators, Dawes agreed.
“I certainly understand the feeling that many have about the mobile operators, that they are being ripped off,” he said.
However, one shouldn’t throw the proverbial baby out with the bathwater.
ICASA may have removed data expiry regulations from the charter, but there have already been positive changes without the risk of heavy-handed enforcement of the NCC’s interpretation of the CPA.
Telkom has increased the expiry periods of its non-promotional data bundles, for example, with smaller data bundles now lasting six months. This is in addition to complying with the new regulations on data transfer and rollover.