Telecom operators, internet service providers, and activists hailed the recommendations of the Telecom Regulatory Authority of India (TRAI) on data ownership and privacy, while the industry body representing major internet firms has expressed concern over it.
“This is one of the most forward-looking, futuristic recommendation of TRAI. That is for the first time placing consumer interest at the top. Both privacy and net neutrality recommendations of TRAI are placing the consumer fare and square in the telecom and technology space,” co-petitioner in Right to Privacy case and Rajya Sabha MP Rajeev Chandrasekhar told PTI in response to TRAI’s recommendation.
The telecom regulator on Monday said firms collecting user data don’t have a right over it and emphasised that consumers’ consent should be mandatory and they should also be given the ‘Right to be Forgotten’.
Terming the existing data protection framework as inadequate, TRAI in a set of recommendations to the Department of Telecommunications (DoT) said that companies should not use meta-data to identify users and should disclose any data breaches.
It stated that each user owns his/her personal data and information submitted to any entity and entities controlling and processing user data are “mere custodians” and all of them should be brought under a data protection framework.
The government, it said, must notify policy framework to regulate devices, operating systems, browsers and applications.
Mobile device industry body, Indian Cellular Association (ICA), said TRAI’s recommendation which goes beyond telecom operators is “wholly illegal”.
“TRAI jumped the gun by seeking to regulate the digital ecosystem without waiting for the general data protection law under consideration by the Justice Srikrishna Committee. This piecemeal approach is dangerous and unproductive,” ICA said.
The Internet and Mobile Association of India (IAMAI) said that TRAI’s recommendation may impact mobile app related businesses and if the same rules are applied, then there is a possibility that India will never be able to build data businesses.
“TRAI recommendation to formulate standards of anonymisation and de-identification is akin to putting the cart before the horse, and till such time the Sri Krishna committee report is out and a notification or a law is passed, making these standards would be groping in the dark,” IAMAI, whose members include Google, Facebook, Twitter, and Flipkart, among others, said.
The regulator has said that the existing framework is not sufficient to protect the privacy of consumers and the government must notify a policy framework to regulate devices, operating systems, browsers and applications.
IAMAI said that TRAI’s assertion that the existing framework is not sufficient to protect telecom consumers and current rules applicable to TSPs is, prima facie, contradictory.
“The TRAI recommendations on privacy are premised on a voice and SMS regime. It is not meant for data-driven businesses, which the app economy represents. App companies pseudo-anonymise the data; these companies do not retain/ share Call Detail Records,” IAMAI said.
On the other hand, internet service providers body ISPAI’s President Rajesh Chharia said that TRAI’s suggestions have been made in-time.
“Responsibilities of telecom ecosystem should be shared with all entities and shareholder in the telecom space and TRAI has recommended the same,” Chharia said.
Boradband India Forum BIF President TV Ramachandran said that the recommendations with regards to data ownership and privacy can be considered as very good in some respects and could be lauded for being strongly pro-consumer.
“However, while excessive and unnecessary compilation of consumer data should be avoided, we similarly need to also ensure that excessive regulations do not stifle innovation,” Ramachandran said.
Mobile devices ecosystem advocacy group, The Mobile Association, called TRAI’s suggestion a historic Data Privacy protection milestone for India.
“We firmly believe that to build a transparent and efficient Digital India, user data should not be exploited, manipulated or taken advantage of without the explicit consent of users,” TMA President Bhawna Kumari said. – Business Standard