Introduction
The The Telecom Regulatory Authority of India (TRAI) on 20 August 2024 issued new directions to prevent fraudulent activities from being committed through promotional and transactions commercial messages (Directions). Some parts of the Directions have been subsequently revised by TRAI on 30 August 2024 to provide additional time period for certain compliances (Revised Directions). The Directions, read with the Revised Directions, follow a slew of directions that have been released in the recent past to combat the menace of unsolicited commercial communications (UCC).
Background
TRAI noted that despite the Telecom Commercial Communication Customer Preference Regulations, 2018 (TCCCPR) that was notified to regulate unsolicited commercial communication, registered Headers and Content Templates have been misused to fraudulently deceive members of the public. According to TCCCPR, any commercial communication using telecom resources such as SMS and phone calls, is required to take place inter alia using registered headers (Headers) and registered content templates for both transactional and services messages (Content Templates) that are assigned to a particular sender (Sender). Headers assigned to business entities help users/ recipients identify such businesses when receiving commercial communication.
TRAI noted multiple malpractices such as (a) misuse of registered headers and templates, Entity ID, Header ID, Content Template ID, (b) usage of words like 'disconnections', 'lottery', 'OTP', etc. in Content Templates which did not match the business of the Senders, (c) inclusion of malicious APKs and URLs in messages, (d) registration of promotional messages under the service / transactional messages category, etc. Previous directions issued by TRAI
To resolve these issues and to increase traceability of
messages, TRAI has in the past, issued multiple directions that,
TRAI notes, have not been fully implemented by the Access
Providers.
Some key directions include:
- directions dated 16 February 2023 that called upon Access Providers to re-verify all Headers registered on the distributed ledger technology (DLT), block the unverified templates, and obtain the complete chain of the telemarketers engaged by the Principal Entity to ensure traceability of messages;
- directions dated 12 May 2023 requiring Access Providers to inter alia ensure use of only whitelisted URLs / APKs / OTT links / call back numbers in the registered message templates;
- directions dated 4 May 2024 requiring Access Providers to implement DLT based voice solution for 140-numbering series; and
- TRAI also issued a letter dated 22 March 2024 directing Access Providers to resolve all resembling / look-alike Headers to prevent misuse and fraud.
Key directions issued by TRAI
In light of the above, TRAI has issued the following directions:
- Access Providers to ensure end-to-end implementation of the 140-numbering series on the DLT platform for better monitoring and control by 30 September 2024.
- Access Providers are prohibited from transmitting traffic containing URLs / APKs / OTT links that are not whitelisted by Senders, with effect from 1 October 2024 (in view of the Revised Directions).
- Access Providers are required to ensure traceability of messages from Principal Entities to recipients with effect from 1 November 2024 and to reject messages with undefined or mismatched telemarketer chain.
- Access Providers are required to blacklist Content Templates in case of registration in the wrong category (i.e. promotional category messages being registered under service / transactional messages category) and in case five Content templates are blacklisted then the Originating Access Provider is required to suspend the services of the Sender for one month or till the time the Content Templates are reverified.
- One Content Template should not be linked to more than one Header. This is required to prevent misuse due to failure in authentication of the Sender. In case misuse of Headers and / or Content Templates (e.g., by another person or entity for fraudulent purposes) is noticed or reported, (a) traffic from the concerned Sender should be suspended by all Access Providers immediately till the time the Sender takes corrective measures or files a complaint / FIR for such misuse, and (b) the Delivery- Telemarketer should identify the entity that has pushed the traffic from such Headers or Content Templates into the network and file a complaint/ FIR for such misuse against the entity within 2 business days (failing which the originating Access Provider can file a complaint/ FIR against the concerned Delivery-Telemarketer) and traffic from the concerned Delivery- Telemarketer should be suspended by all Access Providers immediately (till such time a complaint / FIR is made for such misuse) and the entity that pushed the traffic should be blacklisted by all Access Providers for a period of one year.
Access Providers are directed to comply with the Directions and furnish status reports to TRAI with updated Codes of Practice within 15 days from the date of issuance of the Revised Directions.
Comments
Given the rise in misleading and deceitful promotional messages via telecom resources, TRAI's Directions are a welcome step. By requiring transmission of only whitelisted APKs, URLs, OTT links, etc. TRAI seeks to prevent various scams that cause victims to lose funds through deception. Blacklisting miscategorized Content Templates and suspending services for repeat offenders could also serve as a major deterrent for social miscreants. TRAI also seeks to identify and catch offenders by enhancing message traceability between Senders and recipients. TRAI's proactive approach, involving specific directions to Access Providers with strict timelines after considering the on-ground position, could serve as a long-term solution in ensuring a clean and secure messaging ecosystem for consumers. However, the efficacy of the Directions will lie in the strict implementation and adherence to timelines by all entities. It is possible that there may be disruptions in the delivery of certain transactional and service messages in the process, which may also lead to hardship for consumers.
The content of this document does not necessarily reflect the views / position of Khaitan & Co but remain solely those of the author(s). For any further queries or follow up, please contact Khaitan & Co at editors@khaitanco.com.