On 2 July 2021, the Department of Telecommunications (DoT) announced the approval for the creation of the 'Digital Intelligence Unit' (DIU) and 'Telecom Analytics for Fraud Management and Consumer Protection' (TAFCOP) to curb financial frauds committed through misuse of telecom resources, such as consumer harassment by sending of unsolicited commercial communication (UCC), use of false or forged documents to obtain telecom resources, and other deceitful activities. The circular issued by DoT in this regard bespeaks its aim to inter alia provide effective resolution to consumers against bad actors, enable better coordination between concerned authorities and law enforcement agencies (LEAs), and monitor the circulation of UCC.
To prevent the misuse of telecom resources and fraudulent activities such as phishing calls, the Telecom Regulatory Authority of India (TRAI) and DoT have been taking proactive steps such as the introduction of the Telecom Commercial Communications Customer Preference Regulations, 2018 (TCPR) for registration of entities sending commercial communication (e.g., promotional calls or messages), ensuring consumer consent, scrubbing of UCC, etc.
Despite this framework, several entities continue to flout the rules which has also led to TRAI issuing warnings to defaulting entities to comply with the TCPR. Yet, in recent times, there have been several reports of fraudulent banking alerts and calls and even instances of SIM swaps (obtaining a SIM with someone else's registered number) to receive OTPs for transaction. These instances have certainly been a wake-up call for the authorities to devise more stringent measures to control such deceitful activities.
DoT's New Measures
During this year, the Government of India has been deliberating various measures to tackle the above issues through its press releases. The DoT thereafter issued the circular under discussion on 2 July 2021 elaborating on the functions of the DIU and the TAFCOP and the forthcoming scrutiny. Some of the key highlights of the circular are:
- 'Digital Intelligence Unit' Platform: Amongst other things, the DIU platform seeks to create a 'Central Telcom Subscriber Database' (CTSD) with details of subscribers of telecom services at a central level across all licensed service areas (LSA) and assign 'unique IDs' to such subscribers. The central database will be connected to the telecom service provider's (TSP) data base and will be updated every 24 hours. This will enable the platform to detect any suspicious telecom connections and activities and aid tracing of SIM and other telecom subscriptions obtained using false or forged documents.
- TAFCOP: The TAFCOP is aimed to be an analytics portal for detection of fraudulent activities through telecom resources at an LSA level (while the DIU is at the central level). TAFCOP will inter alia undertake (a) analysis of new and existing connections (and the associated identification documents) to disconnect such resources if issued on forged documents, and (b) analysis of headers, templates (as contemplated under the TCPR) and other relevant data associated with telemarketers, including sample audits of the SMSs sent by telemarketers in each LSA.
- 'SATHI' system for grievance redressal: With the vision to provide recourse to consumers, DoT also mentions creation of a grievance redressal system called 'Safe Access of Telecom Resources without Harassment and Infringement (SATHI) system' which will be integrated with and connected to various stakeholders such as DIU, TAFCOP, TSPs, LEAs, cyber cells, financial institutes, etc. Consumers will be able to use the SATHI website / mobile application to lodge complaints against UCC, enquire about the SIMs registered against their unique ID, seek disconnection of unauthorized mobile connections, etc.
- Fraud prevention database: Apart from the CTSD, DoT mentions creation of 'Mobile Number Portability' (MNP) fraud prevention database and a mobile application which can be integrated with the TSPs' systems for verification of subscribers obtaining MNP connections. This database will be maintained by DIU centrally and monitored by the TAFCOP at LSA level for detection of any fraudulent connections.
- Calling line identification system: To combat hidden calling line identification (CLI) (i.e., a caller ID), DoT is exploring a mechanism for TSPs to verify and display the calling party's name and number in the call logs of the called party.
- Graded financial penalties: Notably, DoT has also provided graded penalties for sending of UCC by registered and unregistered telemarketers separately (which has been an ambiguous point thus far). Depending on the count of UCC circulated and status of the telemarketer (whether registered or not), the penalty can include imposition of usage cap and/or disconnection of all telecom resources as well (aside from a monetary penalty).
This circular by DoT is certainly a step towards regulating commercial communication and telemarketing activities, especially UCC and financial frauds. From a consumer's perspective, this is likely to alleviate the mechanism for lodging complaints against 'spam' calls and messages, phishing, and other fraudulent activities. This will be a key lookout area for telemarketers and entities making any promotional and/or transactional messages and calls (whether on their own or through telemarketers).
It is yet to be seen how DoT's new measures will be integrated into the TCPR by TRAI. Amendments to the TCPR may be anticipated, especially with the introduction of the graded financial penalties (which has been a grey area under the TCPR thus far). Given the recent trends towards stricter enforcement by the regulatory authorities, it is more crucial than ever for entities operating in this sector to comply with TCPR.
The content of this document do not necessarily reflect the views/position of Khaitan & Co but remain solely those of the author(s). For any further queries or follow up please contact Khaitan & Co at firstname.lastname@example.org