Users should have rights to their own data, not telecom companies, says TRAI
The telecom authority said that a better protection framework is required and that user awareness programmes about data protection and privacy are necessary.
The Telecom Regulatory Authority of India said on Monday that consumers, not telecom companies, own their data and have the right to choice, consent and to safeguard their privacy. “The entities [firms] controlling and processing such data, are mere custodians and do not have primary rights over it,” the telecom authority said in a press release.
In its recommendations to the Department of Telecommunications, the TRAI said that the existing framework for the protection of consumer data is not sufficient. It recommended that “all entities in the digital ecosystem which control or process the personal data of users should be brought under a data protection framework”.
The telecom authority said that consumer awareness programmes about data protection and privacy are necessary. It added that devices sold by telecommunications service providers should disclose the terms and conditions of use in advance.
“A common platform should be created for sharing of information relating to data security breach incidences by all entities in the digital ecosystem, including telecom service providers,” TRAI added. “It should be made mandatory for all entities in the digital ecosystem including all such service providers to be a part of this platform.”
However, TRAI said that the users’ right to data portability and the “right to be forgotten” remain restricted rights, which are subject to restrictions as per law.