TRAI released a draft regulation [PDF] on Tuesday outlining a plan to combat SMS and call spam using blockchain technology. In what the authority described as a ‘regulatory sandbox’, telecom companies and TRAI will work together to build an encrypted and distributed database (which is where the blockchain comes in) which will record user consent to be included in SMS or call send-out lists.

‘A major nuisance’

Unsolicited Commercial Communications, the legal term for SMS and call spam, is something TRAI has spent a lot of regulatory energy on. In 2010, TRAI established a national opt-in registry of users who didn’t want any spam sent to them. Over 23 crore phone numbers have been added to that registry since then.

But spam hasn’t stopped. The regulator says that even users who have registered on its national Do Not Disturb (DND) registry still get texts and calls from telemarketers. A lot of this spam comes from ten-digit phone numbers (the kind that’s usually given to regular individual mobile subscribers). By creating a permanent distributed ledger, TRAI says that compliance to DND and consumer opt-outs from spam will be improved. Unregistered telemarketers will also be detected more quickly, the regulator said.

Explicit consent

In its draft regulation, TRAI said that when users give their phone number out to someone, that doesn’t necessarily translate into consent to receive marketing information. If these regulations go into force, there will be a lot more oversight by TRAI and telcos on whether a spam sender actually got consent from users who they market to.

What’s more, users will now actually be able to withdraw the consent that they gave earlier. And since all of this is on a standardized distributed ledger, there’s bound to be little wiggle room for spam senders. Having a note on how to opt-out of spam is a common feature in email (even a regulatory requirement in some countries), but not so much in SMS. This draft regulation’s consent withdrawal mechanism will essentially give all telecom subscribers a way to pull consent from individual spammers, as opposed to the DND registry, which seems like a nuclear option in comparison.

Regulatory sandbox

A regulatory sandbox is a sort of simulated environment similar to the real world where regulatory technologies are tested before they are actually approved and deployed in the real world. And on top of this regulation just being in a draft stage (comments are open till late June), TRAI is following a regulatory sandbox model, which means that it could be some time before a real world solution is actually up and operational. But the regulation is backed by TRAI’s powers as a regulator, as the regulator pointed out in its statement, so this could move forward in a reasonable timeframe.

It’s interesting that the regulator has chosen a co-regulation model. Telecom companies themselves will play an active role in executing the regulation and designing the technology that will be used to deploy it. That is most likely a result of the demography that participated in TRAI’s consultation on this subject — much of the 27 responses TRAI received were from telcos or organizations that use bulk SMS services.

BJP’s IT Cell head wants exemption for political parties

Interestingly, Amit Malviya, who heads the BJP’s IT wing, sent in a filing requesting that political parties be exempted from regulations that would require periodic re-confirmation of consent. He also argued against a mandatory charge per SMS for political parties.

MediaNama’s Take

With phrases like ‘regtech’ (regulatory technology) and ‘blockchain’, TRAI’s draft regulation is littered with technocratic buzzwords. But the fact remains that this is an incredibly ambitious regulation. Like TRAI noted in its press release, no country has attempted this kind of technology to combat spam before. But underneath all that bumble, the central principle TRAI upheld is this: if you’re receiving marketing messages, you should be in control — both before and after you consent, explicitly, to receive them. The success of this regulation will depend on its final form, and whether its technological design can annihilate the problem of uninformed consent that pervades the Indian spam ecosystem.

Nikhil adds: invariably, it’s the telecom operators who benefit as a business from the spam: They sell additional SIM cards that are used for spam calls and messages, and also sell bulk SMS services, including those that use the transaction pipe for promotional messages. Blockchain might help address differences in databases that are used to determine which users are on the Do-not-call registry, but it won’t necessarily help address spam unless the business model of spam is made unviable for the telecom operators: heavy penalties on telecom operators for enabling spam are needed.