The Telecom Regulatory Authority of India (TRAI) is likely to seek more powers to regulate the flow of data from users to app makers, while defining what comprises personal information, as it finalizes recommendations on data ownership, privacy and security that are likely to be released this month.
According to people aware of the discussions, the telecom regulator may suggest an amendment to the TRAI Act or seek government intervention in getting the tools required to gain larger control on the data flowing through telecom networks, including that of apps riding on the networks. Any such move, though, may face strong resistance from app makers who say they are already regulated under the IT Act, say experts.
TRAI S recommendations, which are meant for the telecom sector, could also feed into the ongoing consultations of a committee headed by former Supreme Court Justice BN Srikrishna that is drafting India s first law on data protection.
The way to do so (get control over data on apps) could be by amending the TRAI Act or asking the relevant ministry to give it powers to delve further into this issue, said one person, revealing the contours of some of the recommendations that the telecom regulator may make.
Excess permissions that apps take beyond the app s usage also need to be relooked at apps should be restricted from taking any unauthorized data or seeking more permissions than required to run the app, the person added.
App Makers Against TRAI Move
The person pointed out that many mobile apps sought access to a user s call records, device microphone and picture library, which may not be needed to provide the service.
The recommendations are still in the draft stage and are likely to be firmed up or ironed out further before they are released. They should come within this month, a second person said.
The recommendations will come amid a global uproar around data privacy and protection triggered by revelations that British data firm Cambridge Analytica had illegally accessed information of some 87 million Facebook users, including over half a million Indians, and had allegedly influenced elections. Facebook CEO Mark Zuckerberg has apologised for the misuse of the data, admitting that the social networking giant hadn t done enough to protect users information.
TRAI had issued a consultation paper on data ownership, privacy and security in August last year much before the Facebook episode which many say was triggered by its spat with Apple over the smartphone maker s lack of support for the Indian regulator s Do Not Disturb app. Apple said the app violated its privacy rules as it sought the users call and message details. TRAI S view was that the data belonged to users, and it was not for Apple to deny access.
TRAI had said its paper was aimed at covering the broader aspects of developing a framework that can give people more control over their personal data and prevent chances of misuse amid lingering privacy concerns.
The problem is urgent. The problem is also difficult, because thus far we have not dealt with these kinds of problems. So, the laws of this world will have to be different, TRAI chairman RS Sharma had told ET earlier.
Sharma had said government intervention was needed in data protection and ownership to prevent harm to consumers , who typically underestimate the value of personal data and the impact of agreeing to share it, while service providers benefit by acquiring and holding, and sometimes selling, such data.
Taking data or using data without authorization is wrong right of the data should be with the user, said one of the two persons quoted earlier, adding the terms and conditions of using an app should be clearly disclosed.
But app makers have rejected any move by the telecom watchdog to regulate apps or their content.
TRAI has no jurisdiction under the TRAI Act to control apps, or content. It only has control on the carriage, they can only make recommendations to the Department of Telecommunications or the Ministry of Electronics and Information Technology.
Any jurisdiction would exist with the Information and Broadcasting ministry, which has already formed a committee to look into regulating online content, said Nikhil Pahwa, cofounder of the Internet Freedom Foundation.
There can be delegated regulation, where platforms such as Facebook, Google Play store and Apple App Store have the mandate to control apps on their platforms, which has to be in consonance with global practices and not necessarily Indian practices, because the moment you have India-specific regulation, it lends itself to Balkanisation of the open Internet, he added.-News Feed