TRAI (Telecom Regulatory Authority of India), giving significant recommendations regarding privacy of common people has directed to all the firms collecting user data, does not have any right over it. The regulatory body emphasized on consumer’s consent for obtaining
Not just underlining importance of privacy, TRAI has also termed the existing data protection framework as inadequate. In a set of recommendations to DoT, TRAI said that companies should not use meta-data to identify users and are obligated to disclose any data breaches.
Stating that each user owns his/her personal data and information submitted to any entity, it said entities controlling and processing user data are “mere custodians” and all of them should be brought under a data protection framework.
The government, it said, must notify policy framework to regulate devices, operating systems, browsers and applications.
TRAI has recommended to the Department of Telecom that users be granted the right to choice, consent and to be forgotten to safeguard privacy. It has suggested that all entities in the digital ecosystem be brought under a data protection framework to guard against the misuse of personal data of telecom consumers.
The recommendations assume significance as issues around data protection have come into the spotlight, and privacy concerns have amplified in the wake of the recent Facebook data leak fiasco.
This is first time ‘Right to be forgotten’ has been given weightage by an Indian authority. It empowers users to delete past data that he may feel is unimportant or detrimental to his present position. Past data could be in terms of photographs, call records, video clippings and so on which could potentially harm the reputation of the consumer.
“The Government should put in place a mechanism for redressal of telecommunication consumers’ grievances relating to data ownership, protection, and privacy.” Said TRAI
It has also favored that entities getting control of data in any form should not be allowed to use “pre-ticked” boxes to gain users consent.
