The Department of Telecommunications (DoT) will only take up those segments of Telecom Regulatory Authority of India’s (TRAI) recommendations on data ownership, privacy and security that are relevant to the sector, while the remaining will contribute to Justice BN Srikrishna’s committee that is framing a data protection law, the Economic Times reports. According to the report, DoT will limit itself to the purview of the Indian Telegraph Act, telecom secretary Aruna Sundararajan told ET. She went on to say that the parts of the recommendations that fall under the purview of the Information Technology Act, will be the responsibility of Ministry of Electronics and Information Technology (MeitY).
Sundararajan praised the report in an event in Delhi on Wednesday.
TRAI data security recommendations
In its recommendations on data privacy, ownership and security, TRAI earlier in the week said that entities controlling and processing user data were “mere custodians” and that individuals were the actual owners of personal information. The regulator said that firms collecting user data don’t have a right over it, and emphasised that consumers’ consent was a must for obtaining and using any data.
TRAI’s chairman RS Sharma said that the regulator was well within its jurisdiction while recommending that companies should not use meta-data to identify users, should disclose any data breaches and that users be granted the right to choice, consent and to be forgotten to safeguard privacy. He added that TRAI‘s aim was to protect the interest of consumers in the telecom sector.
TRAI, while describing the existing data protection framework as inadequate, also called for inclusion of apps, browsers, operating systems and mobile phones under the same set of rules that govern telecom companies in India, till an overarching data protection law is put in place to safeguard consumer rights, ET reported.
“We will send these recommendations to the committee, but we did not time it to coincide,” said TRAI chairman RS Sharma when asked of the report will be shared with the Srikrishna Committee, the ET reported. “We’re not dependent on the committee and we had issued this suo moto, since we felt the need to rigorously deliberate on the issue,”. There could be sector-specific laws within the general data protection framework for the telecom sector, he added.
Srikrishna Committee upset with TRAI timing
The Justice BN Srikrishna Committee, which is drafting India’s first model data protection and privacy law, is upset by the timing of recommendations made by TRAI as it could delay the submission of the long awaited report, the ET reported, citing a senior member of the said panel. However, he said that the ten-member panel may incorporate some of TRAI’s suggestions before submitting the report to the union government next week. “Next week somebody will make some recommendations and that will have to be merged, then again somebody will make some other recommendations,” the person complained to ET.
The committee— consisting of jurists, academicians and policymakers — was formed last July with a brief to suggest principles for data privacy and a draft data protection bill for the country.