TRAI’s Regulatory Efforts to ensure Consumer Consent and Curb Unsolicited Commercial Communications

February 11, 2025
Consumer Consent and Curb

By Anuradha Gandhi and Rachita Thakur

Introduction

On January 15, 2025, The Supreme Court in the case of Gowrishankar S v. Union of India issued notice to the Union Government in response to a PIL seeking implementation of the Calling Name Presentation (CNAP) service by telecom operators which was introduced by TRAI to display the caller’s name on the recipient’s phone, offering a more reliable alternative to Truecaller.[1] The implementation of CNAP aligns with the Telecom Commercial Communications Customer Preference Regulations, 2018 (hereinafter referred to as ‘TCCCPR’) introduced by TRAI on July 19, 2018 to curb the menace of Unsolicited Commercial Communication (hereinafter referred to as ‘UCC’) and ensure consumer consent and privacy. The regulations were brought to force on February 28, 2019.[2]

Ecosystem of Commercial Communication under TCCCPR

The TCCCPR defines various stakeholders involved in the transmission of Commercial Communication:

  1. Telecom Service Providers: These are companies that manage the network infrastructure and deliver voice calls and SMS to end users.
  2. Sender or Principal Entities: These are businesses, government bodies, and other organizations that want to send bulk communications.
  3. Telemarketers/ Aggregators: These are intermediaries and may assist Principal Entities in sending large volumes of messages by aggregating and routing the communications
  4. Customers/ Recipients: They are the end users who receive the commercial communications[3]

Transmitting Commercial Communication in compliance with TCCCPR

[4]

  1. Registration as a Principle Entity – Any business or government entity wishing to send commercial communication must register as a principal entity with the telecom service provider.
  2. Assignment and Registration of Headers – After registration, the Principal Entity is assigned a header in the format of an alphanumeric string of up to 11 characters which uniquely identifies the Sender. This header is used to verify the source of the communication
  3. Registration of Content Template – The content template defines the structure of the message, including fixed parts and variable parts. Registering the template with the TSP ensures that the messages conform to pre-approved formats and content guidelines.
  4. Transmission of Key Identifiers – When sending a message, the system must transmit the Principle Entity’s ID, the registered header, and the content ID to the TSP. This step facilitates traceability and ensures that each message can be linked back to it register source and format.
  5. Registration of Consent Template and Acquisition of Consumer Consent – For commercial communication, it is crucial to obtain prior consent of the customer. Principal Entities must register a consent template, which outlines how consent is acquired and recorded. Only after securing the necessary consents from the customers can the communication be legally sent.

Mechanism for curbing UCC[5]

The Department of Telecommunications (hereinafter referred to as ‘DoT’) has developed facilities like the Sanchar Saathi Portal, empowering the citizens to report suspected fraud Communications and UCC through its Chakshu facility.

  1. Suspected Fraudulent Communications – Citizens can report suspected fraudulent communications intended to defraud telecom service users through cyber-crime, financial fraud, impersonation, or other misuse via calls, SMS or Whatsapp. However, Chakshu only deals with suspected cases if fraudulent communication and does not deal with cases where the user has already lost money due to financial fraud or is a victim of cyber-crime.
  2. UCC – Chakshu allows citizens to report on UCC or spam received via voice calls or SMS that do not comply with the recipient’s consent or registered preferences. However, there is a deadline within which such report shall be filed:
    1. Complaints filed within 3 days of receiving UCC or spam are considered valid and investigated by telecom service providers, potentially leading to action against the sender.
    2. Reports filed after 3 days do not directly lead to action against sender but help in identifying and mitigating spamming activities.
  3. Telecom Cyber Security Rules, 2024 [6]These rules were notified by the DoT on November 21, 2024 and supplements TCCCPR by prohibiting the use of telecommunication resources to endanger telecom cyber security by fraud, cheating or personation including transmitting any message which is fraudulent and committing or intending to commit any security incident. This prohibition is encompassed in Rule 4(3) of the Cyber Security Rules.

Consequences of Non-Compliance with TCCCPR[7]

To address the issue of UCC, TRAI has the authority take the following actions against the violators:

  1. Blacklisting of Violators – Registered entities and telemarked found violating TCCCPR shall be blacklisted.
  2. Action Against Unregistered Telemarketers – TRAI may issue warnings, impose usage caps on Unregistered Telemarketers and repeated violations may lead to disconnection.
  3. Disconnection of Unregistered Spam Callers – All telecom resources of unregistered senders making spam calls shall be disconnected, and the senders shall be blacklisted.
  4. Financial Disincentives on Access Providers – Telecom service providers failing to control UCC may be penalized through Financial Disincentives.

Effectiveness of TCCCPR

On August 13, 2024, TRAI issued a directive mandating strict action against entities violating regulations, leading to widespread enforcement by Access Providers.[8] A total of 1,150 entities and individuals have been blacklisted, and 18.8 lakh telecom resources have been disconnected. These measures have led to a noticeable decline in complaints regarding unsolicited telemarketing activities. The number of complaints saw a steady reduction from August to October 2024 with a 13% reduction in September 2024 and 20% reduction in October, 2024.[9]

Automated Transmission and Consumer Consent

An increasing number of entities are making promotional calls using 10 digit mobile or landline numbers, often leveraging auto dialers or robo calls to bypass regulatory provisions. According to data collected by TRAI for January to March 2024, 25.3% of SIM cards in the country made fewer than 10 calls per day on average. In contrast just 136 sim cards were responsible for making between 500 to 1000 calls daily, while only four SIMs made over 1000 calls per day. The disparity is even more pronounced in text messaging. Between January to March 2024, 111 million SIMs i.e., 95% of the telecom user base, sent one or fewer text messages per day. Meanwhile, just 47,427 SIMs, representing a mere 0.004% of users, sent more than 100 texts daily.

In its consultation paper[10], TRAI has proposed mandatory user consent for automated calls and prior notification to telecom operators when using auto dialers or robo callers for commercial communication. It also suggested that pre-recorded voice calls should follow an approved content template given the high incidence of fraud and harassment of ordinary citizens in this category.[11]

Digital Consent Acquisition

TRAI, vide its circular dated November 7, 2023, directed all Access Providers to develop a centralized digital platform where customers can grant, manage, and revoke consent digitally. This data is shared on the Distributed Ledger Technology (DLT) platform to ensure transparency and prevent unauthorized communications

A common short code ‘127xxx’ is used for sending consent requests, ensuring clarity regarding the purpose, scope and sender details. The direction also voided all existing consents obtained through any other means, requiring the Principle Entities to seek fresh digital consent.

Use of Artificial Intelligence and Machine Learning

Despite existing measures, Unregistered Telemarketers continue to evolve new techniques, making traditional detection methods inadequate. To address this, TRAI, vide a circular dated June 13, 2023 directed all Access Service Providers to deploy AI and ML-driven detection systems that can adapt to emerging pattern, signature, and fraud techniques in real-time. These intelligent systems will enhance the identification of bulk UCC senders violating regulations.[12]

Prateek Chandgothia, Assessment Intern at S.S.Rana & Co. has assisted in the research of this article.

[1] WP(C) No. 664/2024, SC

[2] https://trai.gov.in/sites/default/files/2024-08/PR_No.10of2021.pdf

[3] http://trai.gov.in/advice-to-senders

[4] Ibid

[5] https://www.sancharsaathi.gov.in/sfc/

[6]https://dot.gov.in/sites/default/files/Gazette%20Notification%20of%20Telecommunications%20%28Telecom%20Cyber%20Security%29%20Rules%2C%202024.pdf

[7]https://pib.gov.in/PressReleaseIframePage.aspx?PRID=2080641#:~:text=TCCCPR%2D2018%20of%20TRAI%20has,1909%20and%20calling%20on%201909.

[8] http://www.trai.gov.in/sites/default/files/2024-10/PR_No.51of2024.pdf

[9] https://pib.gov.in/PressReleasePage.aspx?PRID=2083730

[10] http://trai.gov.in/sites/default/files/2024-10/CP_28082024.pdf

[11] https://www.communicationstoday.co.in/trai-tightens-controls-on-robocalls-and-bulk-texts-to-curb-spam/

[12] http://www.trai.gov.in/sites/default/files/2024-08/PR_No.51of2023.pdf

More Articles

  1. Pink Tax – Reinforcing Gender Disparities
  2. Phone-Model-Based differential Pricing: A New Trend in India’s Ride-hailing Platforms
  3. Ensuring Student Privacy in Education: Compliance with the Digital Personal Data Protection Act, 2023
  4. DPDP Rules to be notified by April
  5. AI in Financial Sector: Ethical use and Legal frameworks
  6. Adapting cookie strategies: ensuring compliance and building trust in a privacy driven world
For more information please contact us at : info@ssrana.com