Trai seeks view on data ownership, privacy to check misuse
It is important to have a clear policy related to data ownership, privacy and security in the telecom space, said Trai chairman.
New Delhi: Telecom regulator Trai on Wednesday floated a paper on developing a framework that can give people more control over their personal data and prevent chances of misuse by various sources amid lingering privacy concerns.
"It is important to have a clear policy related to data ownership, data protection, privacy and security in the telecom space," Trai Chairman R S Sharma told PTI.
He said users of telecom devices are also consumers of telecom services and hence, device is an important part of access.
"There should be responsibilities with regard to data protection and security in the course of using telecom services," Sharma said.
The Telecom Regulatory Authority of India (Trai) said there are provisions for data protection and privacy under the IT Act, but "we are yet to formulate a more comprehensive privacy and data protection law for the country".
The consultation paper said devices used by individuals can collect large volumes of data about the user's behaviour. "Incidents have come to light where device manufacturers have distributed pre-installed software that allowed them to monitor the location, call and messaging activities of the device owners," the paper said.
The observation comes in light of ongoing tussle with Apple that is reportedly not allowing convergence of the Trai's Do-Not-Disturb app on its iOS platform.
The regulator's app allows users to flag pesky calls and unsolicited messages directly to the regulator as it pulls out such details from messages and call logs.
Citing provisions under the Indian Telegraph Act, Trai said preserving data confidentiality is a fundamental motivator for ensuring security of telecom infrastructure and "vulnerabilities in the telecommunication infrastructure can lead to disruption of basic services with a severe impact on citizens, businesses and the delivery of public services".
The regulator has noted that many mobile applications seek access to subscriber data like call records, access to microphone, pictures, SMS and the like which may not be required for providing the service desired by the user. "The one-sided nature of these arrangements with an uneven bargaining power between the provider and the user implies that the user often does not have an effective choice in the matter -- the app may not be available for use without authorising those permissions," the consultation paper stated.
A panel has been formed amid concerns over personal information being compromised with increasing use of biometric identifier Aadhaar in an array of services -- from filing tax returns to availing of government benefits.
The paper made a mention of mobile directory applications that can compel a user to give access to phone number of another person, who may not be using the application, but his number gets leaked without his knowledge or consent.
The regulator in the consultation paper on privacy, security and ownership of the data in the telecom sector has sought public views on data protection in relation to the delivery of digital services.
The paper has sought public views to define personal data, who should be its owner, responsibilities of entities storing or controlling data of subscribers for delivering services among various other aspects to give users more control over their digital data.
Trai has set deadline of September 8 for comments on the paper and September 22, 2017, for counter comments.