TRAI’s caller ID faces privacy test; SC ruling, Data Bill key hurdles

Financial Express, March 10, 2023

The Telecom Regulatory Authority of India’s (Trai) move to make a caller’s name flash on the phone screen when a user receives a call may be delayed due to concerns over personal data protection flagged by stakeholders. The regulator is likely to first examine if the feature would be in sync with the Personal Data Protection Bill and past Supreme Court rulings on privacy.

After an open house session on Thursday where stakeholders — consumer groups and telecom operators — voiced these concerns, Trai chairman PD Vaghela directed his legal team to analyse a 2017 SC judgment on privacy to understand the issues with regard to implementation of the caller ID feature.

“We are concerned about privacy, there is no doubt about that. Trai has always stood for the privacy of people,” Vaghela said.

In 2017, the Supreme Court had declared privacy to be a fundamental right under Part III of the Constitution. The Court had also ruled that the grounds for restricting the right to privacy have to pass the three-fold test of legality, necessity, and proportionality. Experts said the proposed solution by Trai poses harm to user privacy and goes against the apex court’s order.

“Because of the various data privacy issues CNAP (Calling Name Presentation) would be difficult to implement, as the feature should be based on user consent,” Mahipal Singh, vice president of regulatory affairs at Reliance Jio, said on Thursday at the open house session.

The Personal Data Protection Bill, likely to be tabled in Parliament soon, has a clause which mandates that firms dealing with consumer data can use it for purposes other than it was collected for, only after seeking the consent of users.

According to DeepStrat, a New Delhi-based think tank, storing a user’s personal information in any database and then disclosing it through a caller ID has privacy implications.

“If a database needs to be created, it needs to be one of telemarketing numbers rather than of all users, which is a much more appropriate solution given that the risk of compromising the privacy of an average user is at stake,” said Gauri Kumar, consultant at DeepStrat. “Until a privacy law is in place, this goal is not possible without the caller’s personal information being at risk,” Kumar added.

“CNAP should be implemented only after the Data Protection Law comes into effect so that the rights of users can be protected and there can be an assessment of its impact on individual privacy,” said Amrita Choudhury, director at CCAOI, a policy advocacy organisation. “CNAP should be introduced as an alternative and voluntary ‘opt-in’ service and not made mandatory for users as proposed,” Choudhury added.

Apart from the concerns related to privacy, telecom operators also urged Trai to implement the feature in a phased manner and recommended that the government to subsidise the operators for its rollout.

The feature should first be implemented for telemarketers or commercial entities and then for individuals if required, some stakeholders said.

Consumer Unity and Trust Society (CUTS) argued that Trai should also analyse the existing caller identification solutions based on crowdsourced data, ie apps like Truecaller.

“We feel that there is a lack of data on evidence with respect to whether the crowdsourced data is reliable or not. And therefore, there is a need for in-depth study to understand existing solutions before taking a call on introducing a new solution (CNAP),” said Amol Kulkarni, director of research at CUTS International.

Based on the discussions on Thursday, Trai has asked the stakeholders to submit their final comments on the subject by March 17.

This news item can also be viewed at: