Telecom Regulatory Authority of India (TRAI) announced a major statement. Ownership of data generated by telecom consumers should rest with the users and not internet giants and mobile device.
TRAI also said the existing framework for data protection is “not sufficient to protect consumers’ data.
TRAI has additionally recommended that “One-sided user agreements which are complicated and difficult to understand” often thrown in by various app makers and mobile device companies should be done away with, while a collection of “unrelated or unnecessary data” should be barred.
It also added on ‘privacy, security and ownership of data in the telecom sector, “Each user owns his/her personal information/data collected by/stored with the entities in the digital ecosystem… the government should notify the policy framework fc regulation of devices, operating systems, browsers, and apps”.
The recommendations are not binding in nature but assume importance in view of various cases of a data breach, including the recent one involving millions of users of the views of the telecom regulator.
This rule will impact the tech giant like Apple, Samsung, Google, Amazon, and Facebook.
Trai chairman R S Sharma told TOI after submitting the recommendations to the government that “We find that telecom users are real owners of data and rest of players are mere custodians”
Trai’s recommendations were unequivocal with regard to the rights of users. “In respect of the ownership of personal data… the individual must be the primary right holder qua his/ her data. While the right to privacy should not be treated solely as a property right, it must be recognized that controllers of personal data are mere custodians without any primary rights over the same
Ownership rights of the user over personal data “are supreme”, Trai said, adding that these should not be superseded by the rights of data controllers, data processors, or any other entity in the eco-system. While data controllers may collect and process personal data, this must be subject to various conditions and obligations, “including importantly, securing the explicit consent of the individual”. Read the full article.