On 7th November 2023, the Telecom Regulatory Authority of India issued a press release (“Press Release”) requesting Principal Entities (“PEs”) such as banks, other financial institutions, insurance companies, trading companies, business entities, real estate companies etc. to onboard the Digital Consent Acquisition (“DCA”) facility as per the timelines outlined in the direction issued by the TRAI dated 2nd June 2023 under the Telecom Commercial Communication Customer Preference Regulations, 2018 (“TCCCPR”).
By way of brief background, on 2nd June 2023, TRAI issued a direction for all the Access Providers (“AP”) to develop and deploy, the DCA facility. The DCA facility is a unified platform and process to register customers’ consent digitally across all APs and PEs to curb spams through Unsolicited Commercial Communication (“UCC”). In the present system, consent for sending any commercial communication in obtained and maintained by PEs. Therefore, it is not possible for the APs to check veracity of consents. Furthermore, such consent is being used without re-verification and updation as provided for in the TCCCPR. There exists no unified system for customers to provide or revoke the consent provided for subscribing to such commercial communications. This has given rise to the menace of mobile users getting promotional and scam messages and calls from unregistered marketers. To curb the menace of spams through these UCCs, TRAI issued the said direction to develop and deploy the DCA.
Key highlights of the DCA are as follows
- DCA facility has methods to seek, maintain, and revoke the consents of customers, as per the processes envisaged under TCCCPR.
- The consent data so collected will be shared on Distributed Ledger Technology (“DLT”) Platform, established under TCCCPR for commercial communications, for scrubbing by all APs.
- A common short code 127xxx (or any other code as prescribed by TRAI) is to be used for sending consent seeking messages to the subscribers.
- Only whitelisted URLs/ APKs/ OTT links/ Call Back numbers, etc. shall be used in the consent seeking messages. The consent acquisition confirmation message to the customers shall also have information related to revocation of the consent.
- Further, APs are also to develop a SMS/ Online facility to register unwillingness of the customers to receive any consent seeking message initiated by any PEs.
- After implementing DCA, the existing consents, acquired through alternative means, shall be rendered null and void and fresh consents will have to be sought by all PEs through digital means only.
The said direction also laid down in detail, the consent and modalities of consent seeking message to be sent to users and a period of 2 months was given to APs to comply with the same.
As per the Press Release issued by TRAI, all the PEs are directed to take “urgent necessary steps” to onboard the DCA system as per the timelines prescribed in direction dated 2nd June 2023, i.e., on-boarding of PEs belonging to the Banking, Insurance, Finance and Trading sectors by 30th September 2023 and on-boarding of PEs belonging to remaining sectors by 30th November 2023. This would mean that, with the new DCA system in place, all PEs, will now have to take fresh explicit consent from mobile users digitally before sending any commercial or marketing messages and any earlier consent given by users will be void.
The TRAI’s implementation of the DCA system is a welcome development in the fight against spam calls and messages. The system will provide a unified platform for customers to digitally register their consent for receiving commercial communications and will make it easier for telecom operators to verify user consent. However, it is important to note that the success of the DCA system will depend on the commitment of telecom operators to implement it effectively. Telecom operators have a financial incentive to keep spam messages a part of the system, as they benefit from the revenue generated from these messages. Therefore, it is important for TRAI to continue to monitor the implementation of the DCA system and to take steps to disincentivize telcos from failing to control spam. The recent fines imposed by TRAI on Bharti Airtel and Vodafone Idea for failure to control spam are a positive step in this direction. However, more needs to be done to ensure that telecom operators are held accountable for keeping their networks free of spam. One way to do this would be to make it easier for customers to report spam calls and messages by establishing a dedicated spam reporting platform where customers can report spam calls and messages. This data could then be used by TRAI to identify and take action against the entities responsible for sending spam.
Link to Press note on Implementation of Digital Consent Acquisition (DCA) under TCCCPR-2018 – https://www.trai.gov.in/sites/default/files/PR_No.118of2023.pdf
Link to TRAI’s direction dated 2nd June 2023 regarding implementation of Digital Consent Acquisition (DCA) under TCCCPR, 2018 – https://www.trai.gov.in/sites/default/files/Direction_02062023.pdf