Ikigai LawIkigai LawIkigai LawIkigai Law
  • About Us
    • About
    • Our Team
    • FinTales
    • Tech Ticker
  • Practice Areas
  • Blog
  • News & Events
    • Ikigai Law in the news
    • Ikigai Law at events
    • Ikigailaw on the social media
  • Careers

Stakeholders’ responses to the TRAI privacy consultation paper (Part VII Of XII): Definition of personal data, permissible grounds and empowerment of users

    Home Data Governance Stakeholders’ responses to the TRAI privacy consultation paper (Part VII Of XII): Definition of personal data, permissible grounds and empowerment of users
    NextPrevious

    Stakeholders’ responses to the TRAI privacy consultation paper (Part VII Of XII): Definition of personal data, permissible grounds and empowerment of users

    By Ikigai Law | Data Governance | 0 comment | 5 April, 2018 | 2

    This is the seventh post, in a twelve (12) part series of posts, to map the opinions of all the stakeholders on the basis of their responses to the consultation paper on Privacy, Security, and Ownership of the Data in the Telecom Sector (Consultation Paper) published by the Telecom Regulatory Authority of India (TRAI) on 9th August, 2017.

    In order to address key data privacy and security issues, the TRAI framed twelve (12) questions and invited comments to these questions. In total, fifty-three (53) stakeholders submitted detailed responses. Comments of all stakeholders are available here. Our comments to the Consultation Paper are available here.

    The mapping of stakeholders’ opinion, and the analysis of such mapping, is based on the interpretation of all the responses to the Consultation Paper. A few details may have been lost during the interpretation of the responses. All suggestions, requests, and comments, to rectify any such omission(s) or error(s) in this exercise, are duly invited.

    “Q. 2 In light of recent advances in technology, what changes, if any, are recommended to the definition of personal data? Should the User’s consent be taken before sharing his/her personal data for commercial purposes? What are the measures that should be considered in order to empower users to own and take control of his/her personal data? In particular, what are the new capabilities that must be granted to consumers over the use of their Personal data?”

    The concerns in relation to the definition of personal data and consent for sharing of personal data, raised by stakeholders in their responses to abovementioned question 2 of the Consultation Paper, broadly correspond to the issues raised under Part II (Chapter 3) and Part III (Chapter 1) of the White Paper of the Committee of Experts on a Data Protection Framework for India (White Paper). Chapter 3 of Part II deals with the definition of personal data. Chapter 1 of Part III explores consent as the ground for sharing of personal data. The mapping of stakeholders’ opinion, and the analysis of such mapping, has been conducted in context of the issues raised under Part II (Chapter 3) and Part III (Chapter 1) of the White Paper, particularly the concerns related to the definition of personal data and the consent required before sharing of data.

    The following table projects the stances of the stakeholders on the issues concerning the definition of personal data and whether personal data definition should be amended.

    Categories of Stakeholders Should the definition of personal data be amended?
    Yes (27) No (12) Maybe (7) No response (7)
    Industry Associations – 16*

    (IAMAI, ACTO, ASSOCHAM, COAI, GSMA, ISPAI, NASSCOM-DSCI, USISPF, ITI, USIBC, BSA, EBG, BIF, ACT, ISACA, iSPIRT)

    5

    NASSCOM-DSCI

    USISPF

    ITI

    iSPIRT

    USIBC

    6

    ASSOCHAM

    COAI

    GSMA

    ISPAI

    BSA

    EBG

    3

    IAMAI

    ACTO

    BIF

    2

    ACT

    ISACA

    Telecom Service Providers – 10**

    (AT&T, RJIL, Bharti Airtel Ltd., Idea Cellular Ltd., MTNL, RCOM, TTL, BSNL, Telenor, Vodafone)

    4

    Idea Cellular Ltd.

    MTNL

    RCOM

    BSNL

    5

    AT&T

    Bharti Airtel Ltd.

    TTL

    Telenor

    Vodafone

    1

    RJIL

    __
    Civil Society Organisations/ Think Tanks – 12***

    (NLUD, IDP, CIS, ITfC, SFLC, FCSO, CUTS, CGS, CPA, Takshashila Institution, Access Now, IFF)

    10

    NLUD

    Takshashila Institution

    Access Now

    IDP

    CIS

    ITfC

    SFLC.in

    CUTS

    CGS

    CPA

    __ 1

    IFF

    1

    FCSO

    Individuals – 3

    (Sangeet Sindan, Baijayant Jay Panda, Apurv Jain)

    1

    Sangeet Sindhan

    __ __ 2

    Baijayant Jay Panda

    Apurv Jain

    Companies/Firms – 12

    (SPAN Technologies, TRA, Zeotap Pvt. Ltd.,  IBM, Make My Trip, Sigfox, Exotel, Mozilla, Citibank, Disney India, KOAN, Redmorph)

     

    7

    Zeotap Pvt.

    Ltd.

    IBM

    Sigfox

    Exotel

    KOAN

    Citibank

    Redmorph

    1

    Make My Trip

    2

    Mozilla Disney India

    2

    Span TechnologiesTRA

     

    *Industry Associations: IAMAI – Internet & Mobile Association of India, ACTO – Association Of Competitive Telecom Operators, ACT – Association for Competitive Technology, ASSOCHAM – Associated Chambers of Commerce and Industry of India, COAI – Cellular Operators Association of India, GSMA – Groupe Speciale Mobile Association, ISPAI – Internet Service Providers Association of India, NASSCOM-DSCI – National Association of Software and Services Companies – Data Security Council of India, USISPF – U.S. India Strategic Partnership Forum, ITI – Information Technology Industry Council, USIBC – US India Business Council, BSA – Business Software Alliance, EBG – European Business Group Federation, BIF – Broadband India Forum, ISACA – Information Systems Audit and Control Association, iSPIRIT – Indian Software Product Industry Round Table.

    **Telecom Service Providers: AT&T Global Network Services India Pvt. Ltd., RJIL – Reliance Jio Infocomm Limited, MTNL – Mahanagar Telephone Nigam Limited, TTL – Tata Teleservices Limited, BSNL – Bharat Sanchar Nigam Limited.

    ***Civil Society Organisations/ Think Tanks: NLUD – National Law University, Delhi,  IDP – Internet Democracy Project, CIS – The Centre for Internet and Society, ITfC – IT for Change, SFLC – Software Freedom Law Centre, FCSO – Federation of Consumer and Service Organization, CUTS – Consumer Unity and Trust Society, CGS – Consumer Guidance Society, CPA – Consumer Protection Association, IFF – Internet Freedom Foundation.

    The following table projects the stances of the stakeholders on user consent as the only permissible ground for sharing of personal data for commercial purposes.

    Categories of Stakeholders Should user consent be the only ground for sharing of personal data for commercial purposes?
    Yes (27) No(14) Maybe(8) No response (4)
    Industry Associations – 16

    (IAMAI, ACTO, ASSOCHAM, COAI, GSMA, ISPAI, NASSCOM-DSCI, USISPF, ITI, USIBC, BSA, EBG, BIF, ACT, ISACA, iSPIRT)

    4

    ITI

    iSPIRT

    EBG

    COAI

    9

    ACTO

    ASSOCHAM

    GSMA

    NASSCOM-DSCI

    ACT

    USISPF

    USIBC

    BSA

    BIF

    3

    IAMAI

    ISPAI

    ISACA

    __
    Telecom Service Providers – 10

    (AT&T, RJIL, Bharti Airtel Ltd., Idea Cellular Ltd., MTNL, RCOM, TTL, BSNL, Telenor, Vodafone)

    8

    RJIL

    Bharti Airtel Ltd.

    Idea Cellular Ltd

    MTNL

    RCOM

    TTL

    BSNL

    Vodafone

    __ 2

    AT&T

    Telenor

    __
    Civil Society Organisations/ Think Tanks – 12

    (NLUD, IDP, CIS, ITfC, SFLC, FCSO, CUTS, CGS, CPA, Takshashila Institution, Access Now, IFF)

    8

    NLU-D

    Access NowIFF

    CIS

    SFLC.in

    CUTS

    CGS

    CPA

    2

    FCSO

    ITfC

     

     

     

    1

    IDP

    1

    Takshashila Institution

     

     

    Individuals – 3

    (Sangeet Sindan, Baijayant Jay Panda, Apurv Jain)

    2

    Sangeet Sindhan

    Baijayant Jay Panda

     __ __ 1

    Apurv Jain

    Companies/Firms – 12

    (SPAN Technologies, TRA, Zeotap Pvt. Ltd.,  IBM, Make My Trip, Sigfox, Exotel, Mozilla, Citibank, Disney India, KOAN, Redmorph)

     

    5

    Span Technologies

    IBM

    Make My Trip

    Exotel

    Citibank

    3

    KOAN

    Disney India

    Redmorph

    2

    Zeotap Pvt. Ltd.

    Mozilla

    2

    TRA

    Sigfox

     

    The following table projects the stances of the stakeholders on whether consent is required for processing or sharing of anonymised data.

    Categories of Stakeholders Should consent should be required for processing or sharing of anonymised data?
    Yes (0) No (8) No response (45)
    Industry Associations -16

    (IAMAI, ACTO, ASSOCHAM, COAI, GSMA, ISPAI, NASSCOM-DSCI, USISPF, ITI, USIBC, BSA, EBG, BIF, ACT, ISACA, iSPIRT)

    __ 3

    IAMA

    COAI

    ISPAI

     

    13

    ACTO

    ASSOCHAM

    NASSCOM-DSCI

    ACT

    ISACA

    USISPF

    iSPIRT

    USIBC

    BSA

    EBG

    BIF

    GSMA

    ITI

    Telecom Service Providers- 10

    (AT&T, RJIL, Bharti Airtel Ltd., Idea Cellular Ltd., MTNL, RCOM, TTL, BSNL, Telenor, Vodafone)

    __ 3

    Bharti Airtel Ltd.

    Telenor

    Vodafone

    7

    AT&T

    Idea Cellular Ltd.

    MTNL

    RCOM

    TTL

    BSNL

    RJIL

    Civil Society Organisations/ Think Tanks – 12

    (NLUD, IDP, CIS, ITfC, SFLC, FCSO, CUTS, CGS, CPA, Takshashila Institution, Access Now, IFF)

    __ __ 12

    SFLC.in

    FCSO

    CUTS

    CGS

    CPA

    NLU D

    IDP

    CIS

    ITfC

    Takshashila Institution

    Access Now

    IFF

    Individuals – 3

    (Sangeet Sindan, Baijayant Jay Panda, Apurv Jain)

    __ __ 3

    Sangeet Sindhan

    Baijayant Jay Panda

    Apurv Jain

    Companies/Firms – 12

    (SPAN Technologies, TRA, Zeotap Pvt. Ltd.,  IBM, Make My Trip, Sigfox, Exotel, Mozilla, Citibank, Disney India, KOAN, Redmorph)

     

    __ 2

    Zeotap Pvt. Ltd.

    Sigfox

    10

    Span Technologies

    TRA

    IBM

    Exotel

    KOAN

    Mozilla

    Citibank

    Disney India

    Make My Trip

    Redmorph

     

    INSIGHTS

     

    Should the definition of personal data be amended?

    • 9% of all stakeholders, comprising of 18.5% of industry associations, 14.8% of TSPs, 37% of civil society organisations/think tanks, 3.7% of individuals and 25.9% of companies/firms, agreed that definition of personal data should be amended.
    • 6% of all stakeholders, comprising of 50% of industry associations, 41.7% of TSPs and 8.33% of companies/firms, opined that there is no need to amend the definition of personal data.
    • 2% of all stakeholders, comprising of 42.8% of industry associations, 14.3% of TSPs, 14.3% of civil society organisations/think tanks and 28.6% of companies/firms, did not provide a clear stance on whether definition of personal data needs to be amended.
    • 2% of all stakeholders, comprising of 28.6% of industry associations, 14.28% of civil society organisations/think tanks, 28.6% of individuals and 28.6% of companies/firms, did not comment on whether definition of personal data be amended.

    Should user consent be the only permissible ground for sharing of personal data for commercial purposes?

    • 9% of all stakeholders, comprising of 14.8% of industry associations, 29.6% of TSPs, 29.6% of civil society organisations/think tanks, 7.4% of individuals and 18.5% of companies/firms, opined that user consent should be the only ground for sharing of data for commercial purposes.
    • 4% of all stakeholders, comprising of 64.3% of industry associations, 14.3% of civil society organisations/think tanks and 21.4% of companies/firms, stated that user consent should not be the only ground for sharing of data for commercial purposes.
    • 09% f the stakeholders, comprising of 37.5% of industry associations, 25% of TSPs, 12.5% of civil society organisations/think tanks and 25% of companies/firms, did not provide a clear stance on whether user consent is the only ground for sharing of data for commercial purposes.
    • 5% of all stakeholders, comprising of 25% of civil society organisations/think tanks, 25% of individuals and 50% of companies/firms, did not comment on whether user consent is the only ground for sharing of data for commercial purposes.

    Detailed Mapping of Responses

    A detailed mapping of the responses of all the fifty-three (53) stakeholders, including the stances of the stakeholders, their response to question two (2) of the Consultation Paper and the suggestions they have made to the TRAI in view of the question, is available here.

    [This post is authored by Sakshi Nigam, a fourth year undergraduate student of RMLNLU, Lucknow with contributions from Aashraya Sharma, a fifth year undergraduate student of NLSIU, Bangalore, under the supervision of Pushan Dwivedi (Associate, TRA) and Nehaa Chaudhari (Public Policy Lead, TRA), during her internship with TRA].

     

     

     

    Anonymised Data, Consent, Consultation, Consultation Paper, Data Controllers, Data Minimisation, Data Portability, Data Protection, Data Subjects, Government, Ikigai Law, Indian government, Personal Data, Privacy, Recommendation, Responsibilities of Data Controllers, Srikrishna Committee, Stakeholders, Tech Policy, TRAI, User Empowerment

    Ikigai Law

    More posts by Ikigai Law

    Related Post

    • Stakeholders’ Responses to the TRAI Privacy Consultation Paper: Part IX of XII – Key Issues Pertaining to Encouraging the Creation of New Data Based Businesses

      By Ikigai Law | 0 comment

        This is the ninth post, in a twelve (12) part series of posts, to map the opinions of all the stakeholders on the basis of their responses to the consultation paper on Privacy, Security,Read more

    • Stakeholders’ responses to the TRAI privacy consultation paper (Part VIII of XII): Key issues pertaining to personal data collection and use

      By Ikigai Law | 0 comment

      This is the eighth post, in a twelve (12) part series of posts, to map the opinions of all the stakeholders on the basis of their responses to the consultation paper on Privacy, Security, andRead more

    • Stakeholders’ responses to the TRAI privacy consultation paper (Part X of XII): Safety and security of telecommunications infrastructure and digital ecosystem

      By Ikigai Law | 0 comment

      This is the tenth post, in a twelve (12) part series of posts, to map the opinions of all the stakeholders on the basis of their responses to the consultation paper on Privacy, Security, andRead more

    • Stakeholders’ responses to the TRAI privacy consultation paper (Part XII of XII): Technological solutions to monitor compliance

      By Ikigai Law | 0 comment

      This is the twelfth post, in a twelve (12) part series of posts, to map the opinions of all the stakeholders on the basis of their responses to the consultation paper on Privacy, Security, andRead more

    • Stakeholders’ responses to the TRAI privacy consultation paper (Part XI of XII): Parity in the data protection norms between TSPs and other communication service providers

      By Ikigai Law | 0 comment

      This is the eleventh post, in a twelve (12) part series of posts, to map the opinions of all the stakeholders on the basis of their responses to the consultation paper on Privacy, Security, andRead more

    Leave a Comment

    Cancel reply

    Your email address will not be published. Required fields are marked *

    NextPrevious

    Tags

    #DataProtection #Fintales bitcoin Blockchain Budget Consent Consultation Consultation Paper cryptocurrency data Data Controllers data governance Data localisation Data Protection Data Subjects digital economy Digital India Drones E-Commerce Facebook Fintech Government Government of India healthtech Ikigai Law India Indian government Innovation MeITY Notice Payments Personal Data policy Privacy RBI Recommendation Regulation Srikrishna Committee Stakeholders Startups Surveillance Technology Tech Policy TechTicker TRAI

    Connect with Ikigai Law

    Copyright 2018 Ikigai Law | All Rights Reserved             

    Information

    • Practice Areas
    • Blog
    • Careers
    • Contact Us
    • Privacy Policy

    Contact us

    Office
    T-7/402, Commonwealth Games Village Apartment,
    New Delhi, Delhi 110092 India.

    Email Address

    contact@ikigailaw.com

    • About Us
      • About
      • Our Team
      • FinTales
      • Tech Ticker
    • Practice Areas
    • Blog
    • News & Events
      • Ikigai Law in the news
      • Ikigai Law at events
      • Ikigailaw on the social media
    • Careers
    Ikigai Law