TRAI's data privacy suggestions valuable, timely; DoT to take institutional view: Sundararajan

Regulator Trai's recent recommendations on data privacy and ownership framework are "valuable and timely", and the Department of Telecom (DoT) will have to take "institutional view" of the matter, Telecom Secretary Aruna Sundararajan said today.

"DoT will have to take an institutional view...but this is very much in line with what the courts have said in the matter and what the government has already said on protecting privacy and data rights of individuals," Sundararajan told PTI.

Speaking on the sidelines of an event organised by CUTS International, Sundararajan said that Trai's assertion that data belongs to users is in sync with the current narrative of Indian telecom market, that places customers and users at the centerstage.

"What TRAI has said about data belonging to users is in line with what's emerging in Indian market, overall...that is...putting customers and users in the centre," she said.

Trai's recommendations and inputs are extremely "valuable and timely", Sundararajan said adding that Justice B N Sri Krishna panel too is expected to finalise its report on data privacy law shortly.

Telecom Regulatory Authority of India (TRAI) Chairman R S Sharma recently said that mobile devices and apps are like 'faucets' to the telecom pipe and should be subjected to similar rules as telecom operators till an overarching data protection law is put in place to safeguard consumer rights.

Asserting that Trai has not overstepped its mandate while calling for regulation of all digital entities handling consumer data, Sharma has emphasised that users are the primary owners of their data.

Trai earlier this week termed entities controlling and processing user data as "mere custodians" and recognised individuals as the actual owners of personal information, as it also called for regulation of all digital entities handling consumer data.

In significant recommendations concerning privacy, Trai argued that firms collecting user data don't have a right over it, and emphasised that consumers' consent is a must for obtaining it.

Describing the existing data protection framework as inadequate, the Trai in a set of recommendations to Telecom Department has also said that companies should not use meta-data to identify users and should disclose any data breaches.

Stating that each user owns his/her personal data and information submitted to any entity, Trai has said that entities controlling and processing user data are "mere custodians" and all of them should be brought under a data protection framework.

The government, it has said, must notify policy framework to regulate devices, operating systems, browsers and applications. Batting for telecom consumers, Trai had also suggested that users be granted the right to choice, consent and to be forgotten to safeguard privacy.