TRAI–RBI begin testing unified Digital Consent System with banks, telcos

The Telecom Regulatory Authority of India (TRAI) has announced that under the joint TRAI-RBI Digital Consent Acquisition (DCA) pilot to digitize and standardize consent for promotional communications, SMS notifications will begin to be sent shortly to select customers (limited in number) by the Telecom Service Providers (TSPs).

The pilot, starting with nine TSPs and eleven major banks, will allow this set of customers to digitally review, manage, and revoke the consents they had previously given for promotional communications. This pilot initiative aims to address long-standing gaps in legacy consent practices and test the readiness of the unified digital consent platform before nationwide rollout, TRAI informed on December 10.

TRAI reworks data-sharing proposal for telecom KYC, reiterates push for broader consent architecture

The existing regulations (Telecom Commercial Communications Customer Preference Regulations, 2018) allow customers to block promotional calls and messages on the basis of categories of callers belonging to different sectors.

At the same time, the regulations also empower the customers to selectively allow promotional communications from specific businesses and entities as per their choice. The regulations prescribe a Digital Consent Registry for this purpose, which business entities are expected to use for recording customer consents for receiving promotional communications. However, need of onboarding of the legacy consents taken previously through paper-based forms or through their digital systems at consumer outlets remained a deterrent in effective adoption of these provisions.

This resulted in fragmented, opaque, and non-standardized practices. The mechanism adopted so far also does not provide customers with the means to view or revoke the legacy consents i.e. the consents that they have given to various business entities. Therefore, despite the consent framework envisaged under TCCCPR 2018, full implementation could not be achieved due to the challenge of uploading and validating large volumes of legacy consents.

To introduce transparency in consent practices, and to empower customers with the ability to review, manage, or revoke such consents at any time, TRAI, in collaboration with the Reserve Bank of India (RBI), has undertaken a Digital Consent Acquisition (DCA) pilot. This initiative aims to provide consumers with a unified digital interface for consent management and to ensure that promotional communications are discontinued if customers revoke their consents.

A total of nine Telecom Service Providers (TSPs) and eleven banks - SBI, PNB, Axis Bank, Bank of Maharashtra, Canara Bank, Kotak Mahindra Bank, IndusInd Bank, ICICI Bank, HDFC Bank, Indian Overseas Bank, and Punjab & Sind Bank - are participating in the pilot project. Participating TSPs and banks have completed the required technical development and system integration over the past several months. The banks have now begun uploading sample sets of old consents onto the shared digital platform established for the pilot. Besides, the new consents acquired by the participating banks will also be uploaded onto the digital platform.

As part of system testing on a sample basis, customers whose old consents have been uploaded, may receive SMS notifications from short code 127000 sent by their respective Telecom Service Providers. These notifications will be issued only to a limited subset of customers whose consents have been uploaded by the banks on the digital platform, and are intended to assess platform readiness across TSPs, banks, and the consent registry.

DoT unveils directives for telecom operators to ensure inclusive KYC for persons with disabilities

Customers who do not receive such communication need not be concerned, as the pilot is presently limited in scope and intended for full-scale rollout only later. Each SMS will contain a standard advisory message along with a secure link directing the customer to the authorized Consent Management Page of the TSP. Through this portal, customers will be able to view the consents recorded by these 11 banks against their mobile numbers, and decide whether they wish to continue, modify, or revoke any of these consents. The consents visible on the portal will reflect all old consents uploaded by the participating banks. No personal or financial information will be sought at any stage, and customers are advised to act on the SMS received only from the 127000 short code.

Action on these SMS by the customers will be optional. However, if they wish to make changes to their consents displayed on the portal, they can do so.