The goal of this policy document is to provide a framework for how information about WISPA members will be defined, collected, retained, protected and shared. This is meant to be the guiding document that will be used by all WISPA members involved in information activities. It is envisioned that future additions will be made to this document over time regarding information collection, retention and sharing policy. The WISPA Board will maintain this policy document. A majority vote of the entire Board is required to amend the document. A new version number will be assigned after each such amendment. A copy of each version of this policy document will be retained by WISPA. Each new version will contain a “revision file” that lists the changes that have been made from the previous version.
1. Information Definition and Collection
A. General Membership Information (GMI) Collection
It is understood that as part of the process of running the WISPA trade association that collection of some member information is necessary. Prior to the creation of this Information Policy Document, information collection has already taken place. Names, addresses, phone numbers, email addresses and website addresses of member companies and representatives have already been collected for General Membership purposes. For the purposes of this document WISPA will classify this as General Information. It has been the desire of most members that their names and other General Membership Information be made available to all and in fact have been advertised through vendor ads, new member introductions, press releases and so on. Henceforth, WISPA will assure that General Information is not sold or distributed in whole to other interests outside of WISPA unless so authorized in this Information Policy. It is understood that part of the value that WISPA brings to the industry is in acting as a point of contact to our members from vendors and others who wish to market to our industry However, the bulk transfer of General Information to others outside of WISPA will not be allowed.
B. Sensitive Membership Information (SMI) Collection
Sensitive Membership information collection is related to data that should not be distributed beyond the confines of WISPA membership except in an Aggregated Data Format (ADF). The scope of what is defined as Sensitive Membership Information could expand over time. The litmus test for definition of Sensitive Membership Information should be any information that, if revealed, could cause negative economic or reputation effects among our members or competitive interests. No member should suffer any damage from the sharing of their Sensitive Membership Information nor should one member be able to use this information to their benefit without approval by, and compensation to, WISPA. WISPA may request and acquire Sensitive Membership Information from its members and others in order to aggregate such information to help WISPA in efforts involving promotion, lobbying or other efforts designed to improve outcomes for our industry and its members. WISPA may also use this information, in aggregated form only, in ways which could bring in revenues for the association. Examples of Sensitive Membership Information include:
- Number of square miles of WISP coverage
- Number of customers of a WISP
- Revenues of a WISP
- Amount of debt or other obligations of a WISP
- Annual equipment purchasing of a WISP
- Zip codes (or other location data) covered by a WISP
- System platforms or equipment used by a WISP.
2. Information Security, Use and Distribution
A. SMI Aggregation
Sensitive Membership Information that is retained may be aggregated and used to produce reports, maps, charts, papers or any other such Aggregated Data Formats that may help improve our industry.
B. Information Security
It is the responsibility of the WISPA Board of Directors to see that all Sensitive Membership Information will be securely stored or destroyed when considered outdated.
C. Distribution of Non-Aggregated SMI
The distribution of Non-Aggregated Sensitive Membership Information is forbidden.
D. Board Member Access to SMI
The Board of Directors will have no access to SMI other than that which has been approved by a majority of the entire board during a regular or special meeting of the Board. Access to SMI will be limited to the scope approved by the board.
E. Board Member Use of SMI
A board member who handles SMI Is prohibited from using the SMI in any way as a resource for his or her own purposes.
F. Board Approval for Aggregated Data Formats
A vote of the majority of the entire board is required for WISPA Aggregated Data Format(s) to be approved.
G. SMI Storage Security
Storage and access to any SMI will be limited to a password protected, SSL secured web resource and will only be viewed by a WISPA representative who has been approved to do so by a majority vote of the whole board.
H. System Admistrator Security
WISPA will assign the duty of protecting this information to a system administrator who will agree to the terms of this document and retain data accordingly.
I. Information Retention Period
Information may be held for as long as needed provided that information is retained in the protected methods as outlined here.
J. Aggregation Procedures
It is the responsibility of the WISPA Board of Directors to prepare aggregated data. SMI information is specific, detailed information about WISP operators and their WISP operation. WISPA needs to aggregate this information together with other operator’s specific information in such a way as to obscure the details of each specific WISP operation. Aggregated data must be general enough that specific details about the operation of each and every specific WISP are not discernible and could not be used to harm any individual WISP operator.
Examples of aggregated data could include 1) The total number of subscribers served by WISPA members, or 2) The total number of square miles that WISPA members serve.
To perform this aggregation a board member would be chosen to aggregate the data and add together the subscriber counts and square miles of all the individual operators. The results would eliminate the possibility of identifying any one operator’s customer counts or square miles covered. Once the total has been produced it would be reviewed by the WISPA Board to vote as to whether to accept the aggregated results. Once the results are accepted they can be delivered to the internal or external interests who would then use this aggregated data to produce an ADF. The ADF could then be used by WISPA or others to show what WISP operators have done to bring broadband to the entire country.
K. Data Use and Ethical Behavior
Board members are required to demonstrate and practice the highest ethical behavior with regard to the security and the use of SMI. Board members may not use SMI for any personal, competitive or monetary gain or for any other non-WISPA purpose. Board members who violate this provision and who are deemed by the Board to be in violation can be impeached and removed from office by a majority vote of the Board.
L. Board Member Security Responsibility
Every Board member tasked with retaining Sensitive Membership Information will be responsible for insuring that access to this data is governed under the rules outlined in this policy.
M. Backup Information Security
Backups of Sensitive Membership Information must be secured to insure that the SMI cannot be copied or otherwise distributed outside of WISPA.
3. Information Aggregation
A. When to Aggregate
It is the WISPA Board of Director’s responsibility to assign a board member to aggregate SMI when and only when such activities have been approved, by Motion of the Board.
B. Aggregation Approval
Requests for aggregated data for the purpose of producing Aggregated Data Formats can be made by anyone but the board must vote to approve the preparation and delivery of the aggregated data.
C. Aggregation Requests
Requests for aggregated data must come in the form of a Letter of Intent from an interested party. This Letter of Intent must state:
- The purpose of the request.
- The identity and contact information of the requester.
- The proposed use of the data.
- What data is being requested.
- The format of the requested data.
- Agreement that the data will not be used in any way to defame or otherwise bring harm to WISPA or its members.
- Agreement that the requestor recognizes that WISPA has rights to use and/or publish any resulting data produced from the Aggregated Data Format for its own purposes at any time and without permission from or reference to the requestor’s use of the Aggregated Data Format information.
- Agreement that any published Aggregated Data Format information will clearly state (in large enough text and conspicuously positioned) the original date that data were gathered.
D. WISPA Publication of Aggregated Data
WISPA may publish any Aggregated Data Format information for its own purposes at any time whether such information was produced by its own membership, contractors or others.
E. WISPA Revenue Generation from Aggregated Data
WISPA may charge or barter for aggregated data resources in order to help raise money or other value for WISPA. An example of where this would be appropriate would be in any situation where the aggregated data would be used to provide revenue opportunities to the recipient of such data.
4. Letter of Intent Example
Below is sample text that can be used to meet the Letter of Intent Requirements stipulated in Section 3 subpart C of this policy.
WISPA Board of Directors,
(Company Name and Representative) wishes to acquire information from WISPA regarding (insert WISPA Membership aggregated data requested) so that we may publish a (map, chart, article, etc.) about the WISP industry. We request that the provided data be arranged using an (xx,yy,zz) format.
If WISPA agrees to provide this data, it will only be used to portray the WISP industry in a positive light. Any derived works from the information provided by WISPA will be delivered to WISPA for review and approval prior to any publishing of the resultant works derived from the WISPA supplied aggregated data. We understand that WISPA holds all rights to use the resulting works as they see fit and we hold no restrictions as to WISPA’s use of the resulting works. We will display the date that this data was supplied by WISPA and reference this conspicuously on this or any future publications of the derived work. We also know that further use of similar information in other forms will require a new Letter of Intent and approval of resulting works by the WISPA Board of Directors. We understand that the sale or transfer of information derived from WISPA aggregated data is prohibited without written permission of the WISPA Board of Directors.
(Company Representative / Title / Company Name)
Questions regarding this policy or Letter of Intent requests for aggregated data should be directed to the WISPA Board of Directors via the Contact page.