Recommending stricter data privacy and protection rules, the Telecom Regulatory Authority of India (TRAI) says that the ownership and control of telecom data must lie in hands of people, and not with the telecom giants and mobile phone manufacturers.

For the first time in modern telecom history, the TRAI has boldly stood up and ventured into areas of data protection, security and privacy. In the firm statement, TRAI has suggested the requirement of tightening existing framework for data protection as it is “not sufficient to protect customers”. Currently, the telecom service providers rely on one-sided user agreements that are complicated and difficult to understand – using which, they collect “unrelated or unnecessary data” from the user – breaching user data privacy without the consumers’ consent.

TRAI stands by the fact that people should have the ownership, control and right over data instead of telecom and phone manufacturer companies. To achieve this, TRAI has given out a series of measures of “privacy, security and ownership of data in telecom networks”. These recommendations say that the real owners of all data are the consumers and that entities controlling, processing their information are “mere custodians and do not have primary rights over this data”. The right to choose, notice, consent, data portability and right to be forgotten should be handed over to the consumers.

To achieve complete user data privacy and security, TRAI recommends the telecom operators to be transparent about disclosing the information of privacy breaches and actions taken to mitigate the breaches on their website. This is the first time that TRAI has boldly talked about data privacy, and there are a lot of positives in the new recommendations. Perhaps, the law people and techies will rejoice over recommendations as it will mean a lot of positive changes – like the need of better encryption with higher DoT privacy and encryption standards, as well as total data control in people’s hands. A welcome move from TRAI, indeed.

789