Experts weigh in on privacy dangers of the draft Telecommunication Bill 2022

If ou are someone who is averse to the idea of sharing personal data like an Aadhar card with overthetop OTT communication platforms or fear the loss of your personal and professional data online then you might have certain contentions with the draft Indian Telecommunication Bill ITB 2022 in its current formThe Department of Communications DoT which comes under the Ministry of Communication recently released the draft of ITB which is open for stakeholdersrsquo comments till October 20 The Bill aims to combine three laws currently in placemdashThe Indian Telegraph Act 1885 the Indian Wireless Telegraphy Act 1933 and the Telegraph Wires Unlawful Protection Act 1950 to enact a new comprehensive legislation for the telecom sectorSatya Muley Ayush Tripathi and Jones VaidyaBut among other proposals it makes the ITB is being questioned for its intention in bringing OTT communication services such as WhatsApp Signal Telegram Facetime Zoom Facebook etc which are used to send messages and make voice and video calls over the internet under its ambit It seeks OTT communication platforms to also take up licence from the government to operate much the same way other telecom operators do which experts believe could make free communication platforms payable if the costs are transferred on to the consumers ITB also seeks to enforce knowyourcustomer KYC practices on these services Under Clause 47 which pertains to KYC platforms requiring a licence need to ldquounequivocally identify the person to whom it provides services through a verifiable mode of identification as may be prescribedrdquoIn addition Clause 48 requires the identity of the person sending a message to be made available to the user receiving the message Endtoend encryption as promised by many but WhatsApp in particular will also get affected under ITB which makes provision for the government to seek and store data transferred on these platformsMichelle Solomon Le Page Pranav Mandaliya and Gaurav AgrawalAccording to Forbes India Indians are most active on WhatsApp with over 390 million monthly active users in 2020 alone The move will thus affect a large number of users Advocates at the law firm in practice since 1909 Solomon amp Co tell midday that while the aims of the ITB ldquoare clear and may even be noble which is to protect consumers to aid law enforcement to improve national security its means are questionablerdquo Michelle Solomon Le Page partner at the firm says ldquoThere was certainly a pressing need for laws governing the telecommunication sector to be updated in order to keep up with changing times Unwanted advertising and publicity anonymous calls and messages identity theft fraud and cyber crime all require regulations to combat their virulent spread The Bill aims to protect consumers from receiving anonymous communication but it does so by obliging KYC information of senders to be provided to recipients It also enables the government to oblige service providers to share user information and content with it which fails to adequately protect data privacy rights of the consumers that the Bill so intends to protectrdquoAyush Tripathi agrees He is the programme manager at tech policy think tank The Dialogue According to him ldquothe Bill increases the power of the central and state governments to intercept messages on digital platforms without putting in place any checks and balances for issuing such directives In the absence of a data protection bill it will infringe on the privacy rights of the individualrdquoServices which provide endtoend encryption might also have to weaken their system to comply with the orders of the government At present platforms providing endtoend encryption services do not store data with them ldquoIn order to comply with the provisions they will have to start storing such data which will defeat the purpose of the said facility they aim to provide Weakening the encryption would mean that messages of the users will not be private and will be vulnerable to cyber attacksrdquo he says adding ldquoTRAI in its 2020 recommendations to DoT had opined that the security architecture of endtoend encrypted services should not be tinkered with as this will compromise the privacy safety and security of citizensrdquoPractising lawyer at the Bombay High Court and Supreme Court advocate Satya Muley says that the biggest concern is that the Bill gives ldquosweeping powers to the central government to suspend telecom services including internet services during a period of emergencyrdquo ldquoThe Supreme Court has also held that the government in such circumstances public emergency must first consider less intrusive and alternative remedies in place of blocking or intercepting telecom servicesrdquoWith KYC in place Muley says consumers can expect more safety when using OTT services but associates at Solomon amp Co Jones Vaidya and Pranav Mandaliya believe this will also dramatically increase the storage of personal data and the risk of data breaches ldquoA consumer may be relieved to no longer receive anonymous calls or texts but on the flipside consumers would be providing more and more personal information by way of KYC which would lead to large volumes of data which need to be responsibly managedrdquo The management of this data is a primary concern they feel ldquoIt is even more concerning now that the Data Protection Bill which has been in discussion since 2019 when it was first introduced was withdrawn by the government earlier in August for introducing an even more comprehensive legal framework It seems only logical and prudent that a robust data protection law be implemented before ITB is implemented in order to mitigate the risk of data breaches that comes along with the enactment of this BillrdquoThere are some like Gaurav Agrawal who believe that the draft Bill is needed for national security Agrawal who is senior vicepresident of cloud telephony company Exotel says ldquoCompanies will have to get a government licence like we already do All telecom players are bound by regulations I do not see a reason why OTT players should not be bound by the same rules on lawful interceptionrdquo