India: The Telecom Commercial Communications Customer Preference Regulations, 2018

Last Updated: 7 September 2018
Article by Trilegal .

The Telecom Commercial Communications Customer Preference Regulations, 2018 is a significant step towards regulating unsolicited commercial communication. The Regulations confer wide powers on access providers to deal with unsolicited commercial communication and provide for granular customer preferences and consent to be considered while sending commercial communication.

The Telecom Commercial Communications Customer Preference Regulations, 2018 (2018 Regulations) issued by the Telecom Regulatory Authority of India (TRAI) provide a revised regulatory framework aimed at regulating 'unsolicited commercial communication' (UCC) in India. The 2018 Regulations will take effect in a phased manner over a period of 150 days from 19 July 2018 and will replace the Telecom Commercial Communications Customer Preference Regulations, 2010 (2010 Regulations).

The new regulatory framework has devolved control and regulatory powers to access providers, who are now required to establish their own codes of practice (CoPs) to deal with UCC. This is a significant change from the 2010 Regulations, which tried to regulate the telemarketers directly. This will impact most companies which provide B2C services across sectors.

The 2018 Regulations provide for a wide range of customer preferences which are to be implemented in near real time using Distributed Ledger Technology (DLT) to make communications traceable and capable of being controlled effectively. The 2018 Regulations also provide for the use of cloud-based solutions for handling complaints, the registration of headers and preferences, and use of smart contracts for automated allocation of roles between entities in the commercial communication ecosystem. The technology-based solutions are required to be tested in regulatory sandboxes under the oversight of the TRAI.

This update provides a snapshot of the key requirements and compliances for different participants in the ecosystem and a brief comparison of the significant changes in the regime governing commercial communication.

1. Key Definitions

Commercial Communication and UCC

Commercial communication is defined as any voice call or message using telecom services, where the primary purpose is to inform, advertise, or solicit business for, (a) goods or services, (b) a supplier or prospective supplier of goods or services, (c) business or investment opportunities, or (d) a provider or prospective provider of such opportunities.

UCC is defined as commercial communication that is not in accordance with the consent or the registered preferences of telecom subscribers. Transactional messages or calls, service messages or calls and communications made under the direction of the Central Government and the TRAI are excluded from the scope of UCC.

Transactional and service messages or calls

Transactional messages or calls are those triggered by a transaction performed by the subscriber, such as a banking transaction, delivery of OTP and purchase of goods and services. These messages or calls must be sent within thirty minutes of the transaction.

Service messages or calls are sent to subscribers with their consent and for facilitating, confirming or completing transactions, providing warranty information, product recall information, or security information about commercial products or services bought by the recipient.

The 2010 Regulations categorised commercial communications into transactional messages and non-transactional messages but did not contain any specific provision with respect to transactional calls. Further, transactional messages were not subject to customer preferences and were defined broadly to include any message received as part of availing goods or services.

The 2018 Regulations take a more nuanced approach to categorising commercial communications. The specific inclusion of transactional and service calls will exempt from the scope of UCC, calls made by entities in relation to their business based on consent.

2. Access Providers

The 2010 Regulations required telemarketers to register with the TRAI and scrub the National Customer Preference Register (NCPR) to ensure that their communications were in accordance with customer preferences. Telemarketers were made accountable to access providers who were in turn accountable to the TRAI.

Under the 2018 Regulations, access providers are required to act as co-regulators and are responsible for registering all entities making commercial communications and ensuring their compliance with the 2018 Regulations. This is a significant shift in the way telemarketing will be regulated in India. The 2018 Regulations lay down the broad regulatory requirements, and access providers must implement them in practice through CoPs approved by the TRAI.

Access providers, in consultation with each other, are required to prepare CoPs that address entities, customer preferences, handling of complaints, UCC, and monthly reporting requirements to the TRAI. Therefore, the compliance requirements applicable to a sender under the 2018 Regulations will depend upon the CoPs of the specific access provider providing the telecom resources to such sender. This is likely to create non-uniform practices in the market, but the TRAI's intention seems to be to let the market determine the best possible ways to deal with UCC. In any event, the TRAI will have oversight over the CoPs which will ensure that it does not deviate from the stated objectives.

The 2018 Regulations require access providers to prepare a migration plan for existing data and for the processes and roles played by different entities. Databases under the control of the TRAI such as the NCPR are required to be migrated, and consents and preferences are required to be registered with access providers in accordance with access provider's migration plan. CoPs in this regard will have to adopted by the access providers by 16 November 2018.

3. Registration Requirements and Compliance

A 'telemarketer' is defined as a person or a legal entity who is engaged in the activity of transmission or delivery of commercial communication, scrubbing or aggregation.

A 'sender' in relation to a commercial communication includes the person or legal entity making the commercial communication, as well as the person or entity on whose behalf such communication is made and any person or entity dealing with the goods, services, business or investment opportunities being marketed through the commercial communication. Upon a literal reading of this definition, businesses that contract telemarketers for making commercial communications on their behalf would fall within its scope, implying that such businesses will require registration as telemarketers. The 2010 Regulations only mandated entities carrying out the telemarketing activities to register as telemarketers.

Under the 2018 Regulations, all senders of commercial communications are required to be registered with access providers. Senders without a telemarketer registration may have their telecom services capped, and upon repeat violation, telecom services provided to the sender may be disconnected altogether. Senders of commercial communication must also register (a) content templates for the different kinds of commercial communications (transactional messages, service messages and promotional messages); and (b) a template for obtaining consent from the message or call recipients, for each type of commercial communication. The consent template must indicate the sender and the purpose of the commercial communications. Each sender of commercial communication would be assigned a unique alpha numeric header upon registration. Businesses previously sending transactional and promotional messages under the 2010 Regulations may face additional compliance requirements under the new regime with respect to submitting and adhering to content and consent templates for their commercial communication.

4. Customer Preferences

Consent under the 2018 Regulations

Consent may be explicit or inferred. Inferred consent is when consent can be understood from the customer's conduct or the relationship between the sender and recipient. A relationship refers to a prior or existing relationship between the sender and recipient for business reasons, based on (i) a purchase or transaction made by the receiver; (ii) an enquiry regarding products and services; or (iii) for social reasons, by voluntary two-way communication between the sender and recipient. This was a much -needed change as the 2010 Regulations did not properly differentiate between solicited and unsolicited communication, leading to practical challenges for companies indulging in bona fide business practices.

The 2018 Regulations introduce for the first time the concept of 'social reasons'. There is no requirement on senders to obtain explicit consent or register consent templates, in such cases, but the scope of the term is unclear. The Australian Spam Act, 2003, makes a provision for inferred consent based on conduct or business or other relationships, but does not make any reference to social reasons. It is likely that this term has been inserted in the 2018 Regulations to cover bilateral communications pertaining to goods or services, business opportunities, etc., that would fall under the definition of 'commercial communications' This provision would provide greater flexibility to businesses to send commercial communications where there are two-way communications.

It is important to note that communications based on explicit consent must include a suffix providing for the procedure through which customers can revoke consent.

Scrubbing

Access providers must maintain registers based on DLT that act as regulatory pre-checks to ensure that commercial communications on the access providers' networks are lawful. These include registers of each entity in the commercial communication ecosystem, preferences of the consumers consent and various templates for the different kinds of communications.

Access providers must ensure that all commercial communications occur in accordance with registered customer preferences or consents. For this purpose, entities carry out the process of 'scrubbing', where they verify whether a customer has opted out of receiving such commercial communication to their telephone number(s). Under the 2010 Regulations, registered telemarketers were required to scrub numbers against the NCPR database maintained by the TRAI. However, under the 2018 Regulations, the scrubbing function is required to be carried out by entities registered as scrubbers with access providers.

Scrubbers are required to check the list of target telephone numbers obtained from the sender against the consents and preferences maintained by the access provider on a distributed ledger. The Explanatory Memorandum of the 2018 Regulations states that the distributed ledgers are to be synchronised in real time between different access providers to enable scrubbing. However, the 2018 Regulations do not contain provisions on how the DLT will function.

The scrubbed list of telephone numbers must then be provided to senders, who will deliver the message in accordance with the scrubbed list. For inferred consent, communications are required to be sent out under the templates and headers assigned. Therefore, where there is inferred consent scrubbers are required to check against such headers and content templates on a sample basis to ensure compliance.

The absence of stipulation of how DLT will operate and introduction of scrubbing entities as another player in the eco-system is likely to cause errors in the scrubbing and database maintenance process.

5. Intermediaries

Mere intermediaries providing cloud services or bulk messaging services through which messages are routed do not require registration as telemarketers, if they do not qualify as 'senders' under the 2018 Regulations.

The 2018 Regulations however empower access providers to regulate such intermediaries and platforms by requiring them to register or sign up to agreements in accordance with the respective access providers' CoPs. This will mean that cloud telephony providers and platform services which are currently unregulated will be regulated henceforth.

6. Complaints Mechanism

Access providers are also required to establish a Customer Complaint Registration Facility (CCRF) and provide for different means of lodging complaints for violation of a customer's registered preferences via call or SMS to 1909, calling customer care, mobile app, interactive voice response systems, Unstructured Supplementary Service Data codes, etc. Complaints must be made within three days of receipt of the UCC.

If the sender is a registered telemarketer and has not carried out all the regulatory pre-checks in accordance with the 2018 Regulations, the originating access provider must take action against the telemarketer within two business days in accordance with its CoP. The 2018 Regulations therefore allow a more flexible system where access providers may determine the action to be taken against non-compliant registered telemarketers in accordance with their respective CoPs.

If the sender is an unregistered telemarketer, the originating access provider must examine the call detail records and check the number of complaints made against the sender in the last seven days. If there have been ten or more, the sender's telecom services are put on a usage cap of twenty SMSs and twenty calls per day. Usage caps may extend for up to two years, depending on repeat violations.

Senders who are found by the originating access provider to have engaged in sending UCC, may face blacklisting for a period of two years after the third instance of such violation. This has far reaching implications on corporate connections and direct inward dial form of connections, among others, as it may affect all the individual connections that the sender has obtained.

The TRAI has the power to examine such usage caps and disconnection of telecom resources and to require access providers to remove usage caps or delete the sender from the blacklist.

7. Penalties

Any originating access provider failing to curb the UCC sent through its networks would be subject to a financial disincentive under a three -strike policy per calendar month. The maximum penalty for failure to curb UCC may extend to INR 5,000,000 per calendar month. Further, access providers may impose financial disincentives on entities in case of any contravention of its obligations prescribed under the 2018 Regulations. The 2018 Regulations also impose an obligation on the access provider to comply with the CoPs, failing which, the access provider would be liable to pay a penalty by way of financial disincentive which may extend up to INR 1,000,000.

In addition to the specific penalties prescribed under the 2018 Regulations, the TRAI may constitute an inquiry committee to inquire into any contraventions of the 2018 Regulations by access providers. If on inquiry, the access provider is found to be in contravention of the 2018 Regulations, it would be liable to pay a penalty that may extend up to INR 1,000,000 in a week of contravention.

8. Other Highlights

Calls made with Auto-dialers

Senders are prohibited from initiating calls with an auto dialer that may result in abandoned or silent calls. To use auto-dialers without resulting in silent or abandoned calls, the sender must inform the access provider and set limits on such calls as required by the 2018 Regulations and the CoPs of the access provider. For example, business entities returning calls to all customers who express interest in their products must comply with the limitations on using auto-dialers.

Robo Calls

'Robo calls' have been defined as calls made to any customer using an artificial or prerecorded voice to interactively deliver a voice message without the involvement of a human being on the calling side for participating in the dialogue. Under the 2018 Regulations, customers may opt-out and opt back in for receiving commercial communication through robo calls. The CoPs must account for reporting of entities found to be engaged in making such calls when brought to the notice of the access provider.

It would be interesting to evaluate the implications of this new regulation on calls made by new technologies such as Google Duplex which may fall within the scope of the definition of 'robo calls'.

Possible Derecognition of Smartphones

The 2018 Regulations require access providers to ensure that all smartphone devices registered on their networks support the permissions required for the functioning of mobile applications that are developed by TRAI or an entity approved by TRAI (TRAI Apps) within a period of six months. The date from which this six -month period would be calculated has not been clarified.

The TRAI Apps will support various functionalities such as registering customers' preferences and allowing customers to make complaints against senders of UCC. Devices that do not permit functioning of the TRAI Apps are required to be derecognised by access providers, based on orders/directions issued by TRAI. Device manufacturers will be given a reasonable opportunity to make representations to TRAI before such an order/direction is passed. Some device manufacturers have objected to this requirement as it may compromise customer privacy standards on the device and have created secure alternatives to the TRAI Apps. It remains to be confirmed whether such alternative versions will be acceptable to the TRAI.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
Similar Articles
Relevancy Powered by MondaqAI
 
In association with
Related Topics
 
Similar Articles
Relevancy Powered by MondaqAI
Related Articles
 
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Mondaq Sign Up
Gain free access to lawyers expertise from more than 250 countries.
 
Email Address
Company Name
Password
Confirm Password
Position
Industry
Mondaq Newsalert
Select Topics
Select Regions
Registration (you must scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions

Mondaq.com (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of www.mondaq.com

To Use Mondaq.com you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.

Disclaimer

The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.

General

Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions