The Telecom Regulatory Authority of India (TRAI) has issued a press release to all access providers to develop and deploy the digital consent acquisition (DCA) facility to create a unified platform and process to register customer consent digitally across all service providers and principal entities. TRAI had issued a direction on similar lines on 2 July 2023 under its Telecom Commercial Communication Customer Preference Regulations, 2018 (TCCCPR 2018).
This press release provides directions to seek, maintain and revoke the consent of customers using digital means only and stipulates that consent acquired through any alternative means must be rendered null and void.
The new directions aim to curb the amount of spam occurring through unsolicited commercial communication. Since consent from customers is obtained and maintained by various principal entities, it is not possible for the entities to identify the veracity of such consent. Accordingly, if a digital means is deployed to seek consent, the veracity of the consent can be identified.
The key highlights of the TRAI direction dated 7 November 20233 regarding the DCA’s implementation under the TCCCPR 20184 are enumerated below.
All access providers are directed5 to ensure the following.
No promotional messages are sent without scrubbing the customers’ consent and preferences.
- No promotional messages are sent under the service message category.
- Methods are developed and deployed so that –
- subscribers can record and revoke their consent;
- short codes are used by all access providers to send consent-seeking messages;
- an SMS or online facility is developed to register customers’ unwillingness to receive any consentseeking messages and whitelist their telephone numbers so that no such message is delivered to them;
- the purpose, scope and the principal entity’s name is mentioned clearly in the consent-seeking message sent through the short code;
- only existing uniform resource locators (URLs), android application packages (APKs), over-the-top (OTT) links and call-back numbers are whitelisted and used in the consent-seeking messages;
- the consent acquisition confirmation message to the customers has information related to the revocation of consent;
- if a customer has rejected or not responded to the consent-seeking requests, no such messages to the customer are initiated by the same principal entity for the next 90 days for the same consent;
- no other mode of consent acquisition is adopted after successful implementation of the DCA platform.
- consent data collected by various principal entities are shared on the distributed ledger technology platform, established under TCCCPR 2018.