Spam crackdown: TRAI asks Principal Entities to take urgent steps to be onboard digital consent acquisition system

New Delhi, Nov 7 (PTI) In line with its drive to curb spam and pesky messages, TRAI on Tuesday asked banks and other entities sending out commercial messages to telecom subscribers via SMS or voice calls to take 'urgent' steps to be onboard Digital Consent Acquisition (DCA) system as per stipulated timelines.

The DCA has the facility to seek, maintain, and revoke the consent of customers for commercial and promotional messages and calls.

The crackdown on spam and pesky messages had seen TRAI issuing direction in June this year to all the access providers to develop and deploy the Digital Consent Acquisition (DCA) facility for creating a unified platform and process to seek, and register customers’ consent digitally across all telecom operators and `Principal Entities'.

'All the Principal Entities' are hereby requested to take urgent necessary steps to be onboard the DCA system as per the timelines prescribed in Direction dated 02.06.2023. For any clarification, information, details in the matter, PEs may contact the concerned Access Providers,' the Telecom Regulatory Authority of India (TRAI) said.

Banks, other financial institutions, insurance companies, trading companies, business entities, real estate companies, send commercial messages to telecom subscribers through SMS or voice calls. These entities are referred to as `Principal Entities' or PEs or Senders in Telecom Commercial Communications Customer Preference Regulations, 2018 (TCCCPR-2018).

TRAI in its endeavour to curb the menace of spams through Unsolicited Commercial Communications (UCC) has taken various measures in recent past..

Earlier this year, TRAI issued a direction to all the access providers (telcos) to develop and deploy the Digital Consent Acquisition (DCA) facility for creating a unified platform and process to register customers’ consent digitally across all Access Service Providers and Principal Entities.

TRAI had at that time specified a timeline of September 30 for the onboarding of Principal Entities belonging to the banking, insurance, finance and trading sectors, and November 30 for on-boarding of PEs belonging to the remaining sectors.

In the prevalent system, consent is obtained and maintained by various PEs.

Therefore, it is not possible for the Access Providers to check the veracity of consent. Further, there is no unified system for customers to provide or revoke consent..

The Digital Consent Acquisition (DCA) process has the facility to seek, maintain, and revoke the consents of customers, as per the processes envisaged under the norms..

According to TRAI, the consent data collected will be shared on the Distributed Ledger Technology (DLT) Platform, established under TCCCPR-2018 for commercial communications, for scrubbing by all access providers.

Explaining the process, TRAI said a common short code `127xxx' will be used for sending consent seeking messages. The purpose, scope of consent, and Principal Entity/ Brand name shall be mentioned clearly in the consent seeking message sent through the short code..

'Only whitelisted URLs/ APKs/ OTT links/Call Back numbers, etc. shall be used in the consent seeking messages. The consent acquisition confirmation message to the customers shall also have information related to revocation of the consent,' it said.

Further, access providers shall develop a SMS/ Online facility to register unwillingness of the customers to receive any consent seeking message initiated by any Principal Entity.

'It is specifically highlighted that after implementing DCA, the existing consents, acquired through alternative means, shall be rendered null and void and fresh consents will have to be sought by all PEs through digital means only,' TRAI said. PTI MBI MBI MR