Nifty99000 100%

Sensex99000 100%

Article rating: No rating
Article rating: 4.8
Article rating: 5.0
Article rating: 3.0
Article rating: No rating
Article rating: 5.0
Article rating: No rating
Article rating: No rating
Article rating: 4.5
Article rating: No rating
Article rating: No rating
Article rating: 4.2
Article rating: 5.0
Article rating: 4.0
Article rating: No rating
Article rating: No rating


Data belongs to individual users, says TRAI urging strong safeguards against misuse

Author: IANS/Tuesday, July 17, 2018/Categories: Telecom

Data belongs to individual users, says TRAI urging strong safeguards against misuse

New Delhi - The Telecom Regulatory Authority of India (TRAI) on Monday released the recommendations on "Privacy, Security and Ownership of Data in the Telecom Sector", where it has mentioned each user owns his/her personal information/ data collected by/stored with the entities in the digital ecosystem.

"The entities, controlling and processing such data, are mere custodians and do not have primary rights over this data," it stated.

The TRAI recommended that a study should be undertaken to formulate the standards for annonymisation/de-identification of personal data generated and collected in the digital eco-system. "All entities in the digital ecosystem, which control or process the data, should be restrained from using meta-data to identify the individual users."

It mentions that the existing framework for protection of the personal information/ data of telecom consumers is not sufficient. "To protect telecom consumers against the misuse of their personal data by the broad range of data controllers and processors in the digital ecosystem, all entities in the digital ecosystem, which control or process their personal data should be brought under a data protection framework," it adds.

TRAI said that till such time a general data protection law is notified by the government, the existing rules/licence conditions applicable to telecom service providers (TSP) for protection of users' privacy be made applicable to all the entities in the digital ecosystem. 

"For this purpose, the government should notify the policy framework for regulation of devices, operating systems, browsers, and applications."

The principle of privacy by design coupled with data minimisation should be made applicable to all the entities in the digital ecosystem like, service providers, devices, browsers, operating systems and applications.

It said: "The Right to Data Portability and Right to be Forgotten are restricted rights, and the same should be subjected to applicable restrictions due to prevalent laws in this regard."

Consumer awareness programs be undertaken to spread awareness about data protection and privacy issues so that the users can take well informed decisions about their personal data, the sector regulator suggested.

"Data Controllers should be prohibited from using 'pre-ticked boxes' to gain users consent. Clauses for data collection and purpose limitation should be incorporated in the agreements. Devices should disclose the terms and conditions of use in advance, before sale of the device," it said.

"For ensuring the security of the personal data and privacy of telecommunication consumers, personal data of telecommunication consumers should be encrypted during the motion as well as during the storage in the digital ecosystem. Decryption should be permitted on a need basis by authorised entities in accordance to consent of the consumer or as per requirement of the law," it said.

The TRAI said all entities in the digital ecosystem including telecom service providers should be encouraged to share the information relating to vulnerabilities and threats in the digital ecosystem/networks to mitigate the losses and prevent recurrence of such events.

"A common platform should be created for sharing of information relating to data security breach incidences by all entities in the digital ecosystem including telecom service providers. It should be made mandatory for all entities in the digital ecosystem including all such service providers to be a part of this platform," TRAI said. 

It further said data security breaches may take place in-spite of adoption of best practices, adding: "Sharing of information concerning to data security breaches should be encouraged and incentivised to prevent/mitigate such occurrences in future."

Print Rate this article:
No rating

Number of views (184)/Comments (0)

rajyashree guha


Other posts by IANS
Contact author

Leave a comment

Add comment



Ask the Finapolis.

I'm not a robot
Dharmendra Satpathy
Col. Sanjeev Govila (retd)
Hum Fauji Investments
The Finapolis' expert answers your queries on investments, taxation and personal finance. Want advice? Submit your Question above
Want to Invest



The technical studies / analysis discussed here can be at odds with our fundamental views / analysis. The information and views presented in this report are prepared by Karvy Consultants Limited. The information contained herein is based on our analysis and upon sources that we consider reliable. We, however, do not vouch for the accuracy or the completeness thereof. This material is for personal information and we are not responsible for any loss incurred based upon it. The investments discussed or recommended in this report may not be suitable for all investors. Investors must make their own investment decisions based on their specific investment objectives and financial position and using such independent advice, as they believe necessary. While acting upon any information or analysis mentioned in this report, investors may please note that neither Karvy nor Karvy Consultants nor any person connected with any associate companies of Karvy accepts any liability arising from the use of this information and views mentioned in this document. The author, directors and other employees of Karvy and its affiliates may hold long or short positions in the above mentioned companies from time to time. Every employee of Karvy and its associate companies is required to disclose his/her individual stock holdings and details of trades, if any, that they undertake. The team rendering corporate analysis and investment recommendations are restricted in purchasing/selling of shares or other securities till such a time this recommendation has either been displayed or has been forwarded to clients of Karvy. All employees are further restricted to place orders only through Karvy Consultants Ltd. This report is intended for a restricted audience and we are not soliciting any action based on it. Neither the information nor any opinion expressed herein constitutes an offer or an invitation to make an offer, to buy or sell any securities, or any options, futures or other derivatives related to such securities.

Subscribe For Free

Get the e-paper free