JOIN US
IPL
News Shots
Explainers
Bengaluru
Science
Trending
Brandspot
Photos
Newsletters
Home
News Shots
Trending
Menu
×
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
Homeindia

Trai: people have right over data, not firms

Says consumers be given the right to choice, consent and to be forgotten.
Last Updated 25 October 2018, 11:58 IST

Follow Us

Directives

  • Transparently
  • disclose information about privacy breaches on websites
  • Mention actions taken for mitigation, and preventing such breaches in future
  • Data controllers should be prohibited from using pre-ticked boxes to gain users’ consent
  • Devices should disclose the terms and conditions of the use in advance

Amid rising concerns over privacy and safety of users’ data, the Telecom Regulatory Authority of India (Trai) on Monday said people should have a right over their data and not companies.

Trai, in its recommendation to the Department of Telecom on “Privacy, Security and Ownership of Data in the Telecom Sector”, said that consumers are owners of their data and firms controlling or processing such data are just custodians and do not have primacy rights on it.

“The Right to Choice, Notice, Consent, Data Portability, and Right to be Forgotten should be conferred upon the telecommunication consumers,” Trai recommended to DoT.

Terming that the existing framework for the protection of personal information or data of telecom consumers was not sufficient, the regulator said that to prevent misuse of consumers’ personal data, all entities in the digital ecosystem, which control or process their personal data, should be brought under a data protection framework.

“Privacy by design principle coupled with data minimisation should be made applicable to all the entities in the digital ecosystem including service providers, devices, browsers, operating systems and applications,” the regulator said.

It said that in order to ensure sufficient choices to the users of digital services, granularities in the consent mechanism should be built in by the service providers.

The regulator also suggested that all entities in the digital ecosystem including telecom operators should transparently disclose the information about the privacy breaches on their websites along with the actions taken for mitigation, and preventing such breaches in future.

“The data controllers should be prohibited from using pre-ticked boxes to gain users’ consent. Devices should disclose the terms and conditions of the use in advance before the sale of device,” it said

The department of telecom should re-examine the encryption standards, stipulated in the licence conditions for the telecom service providers to align them with the requirements of other sector regulators, the Trai said.

ADVERTISEMENT
(Published 16 July 2018, 13:30 IST)
PrivacyDataTelecom Regulatory Authority of India

Follow us on

ADVERTISEMENT
ADVERTISEMENT