The Telecom Regulatory Authority of India (TRAI) will finalise its recommendation on privacy, security and ownership of data in telecom sector by the month-end, its Chairman R S Sharma has said, asserting that the regulator intends to give the issue its due importance. The comments by the sector regulator assume significance as issues around data protection have come under the spotlight, and privacy concerns have amplified in the wake of the recent Facebook data leak fiasco. The Telecom Regulatory Authority of India (TRAI) had floated a consultation paper on the privacy, security, and ownership of data in telecom sector last year and followed it up with an open house discussion in February this year.
“Our recommendation on data privacy, security and ownership of data in the sector will come by the end of this month,” Sharma said. TRAI will also share the views with the Justice B N Srikrishna Committee, which is working on a detailed data protection framework for the country. “We will be making the recommendations available to the Justice Srikrishna Committee. Essentially, we will provide these as our inputs. We have already written to them saying we are expected to come out with our views and we will be sharing them,” Sharma said.
Over the last few weeks, there has been a loud outcry over data privacy and protection issues after British data analytics and political consulting firm Cambridge Analytica was accused of harvesting personal information of 87 million Facebook users illegally to help political campaigns and influence polls in several countries. The Indian government too shot off notices to both the companies questioning them on the impact of the data breach, following which Facebook admitted that nearly 5.62 lakh people in India were “potentially affected” by the incident.
While the Indian Government is examining the responses furnished by Facebook and Cambridge Analytica, IT Minister Ravi Shankar Prasad last week said the new data protection law – currently in the works – will be finalised ‘soon’. The TRAI chairman termed data privacy, security, and ownership “extremely important and relevant issues” but declined to comment further on the regulator’s ensuing recommendations. “I will not be able to lay out the contours, but we treat this subject as extremely sensitive and important and we give it the importance which it deserves,” he said.
TRAI’s consultation paper has sought to define personal data, who should be its owner, responsibilities of entities storing or controlling data of subscribers for delivering services among various other aspects, to give users more control over their digital data. It had noted that many mobile applications seek access to subscriber data like call records, access to microphone, pictures, SMS and the likes which may not be required for providing the service desired by the user, and had even flagged the “one-sided nature of these arrangements with an uneven bargaining power between the provider and the user”.