On June 13, the Telecom Regulatory Authority of India (TRAI) directed all telecom companies to deploy Artificial Intelligence and Machine Learning based UCC (Unsolicited Commercial Communication) Detect systems to detect, identify, and act against senders of commercial communication who are not registered under the provisions of Telecom Commercial Communication Customer Preference Regulations, 2018 (TCCCPR-2018), as per the press release.
The senders who are not registered under TCCCPR-2018 are called Unregistered Telemarketers (UTMs), but they are registered with the access providers and use ten digits mobile numbers for sending commercial communications through messages or calls.
TRAI has addressed UCC by taking various steps to curb it. UCC has been a significant source of inconvenience to the public. The actions taken by TRAI have resulted in a reduction in complaints against Registered Telemarketers (RTMs). Despite measures being taken by the Telecom Service Providers (TSPs), unsolicited commercial communication from unregistered telemarketers is still continuing.
TRAI states, “At times, these Unregistered Telemarketers (UTMs) through messages having fraudulent links and telephone numbers trap the customers into sharing of their critical information causing financial loss to the customers”.
To detect, identify and act against all such unregistered telemarketers, TRAI has been insisting Access Service Providers implement UCC Detect System with requisite functionalities within the framework of TRAI’s TCCCPR-2018. Access Service providers have implemented these detection systems based on their applicability and viability.
TRAI stated, “However, since the UTMs are continuously evolving new techniques to send unsolicited communications and the current UCC detect systems deployed by the Access Service providers are not fully capable to detect such UCC”.
TRAI said in order to ensure uniformity of UCC Detect System implementations, they have directed all Access Providers to deploy Artificial Intelligence and Machine Learning based UCC Detect systems that are capable of continuously evolving to deal with new signatures, patterns and new techniques used by UTMs. Access Providers have also been directed to share intelligence with other Access Providers using the Digital ledger technology (DLT) platform.
The regulatory body said, “Access Providers have further been directed to ensure that such UCC Detect System shall detect senders who are sending Unsolicited Commercial Communications in bulk and not complying with the provisions of the regulations”. TRAI has directed all Access Providers to comply with the abovementioned directions and submit an updated report on any measures taken within 30 days.
Recently in this regard, to curb the menace of spam through Unsolicited Commercial Communication, TRAI has directed all Access Providers to develop and deploy the Digital Consent Acquisition (DCA) facility for creating a unified platform and process to register customers’ consent digitally across all service providers and Principal Entities on June 2. TRAI has given two months to Access Providers to develop such facilities and thereafter implement them in a phased manner. The directions are given as per the regulations under TCCCPR-2018.
According to TRAI, “In the prevalent system, consent is obtained and maintained by various entities such as banks, other financial institutions, insurance companies, trading companies, business entities etc., referred to as Principal Entities (PEs) in TCCCPR, 2018 Regulations”. Therefore, it is not possible for the Access Providers to check the veracity of consents. Further, a unified system is needed for customers to provide or revoke consent.
The regulatory body said, “The Digital Consent Acquisition (DCA) process shall have the facility to seek, maintain and revoke the consent of customers. The consent data so collected will be shared on the Digital Ledger Platform for scrubbing by all Access Providers”.
TRAI has further directed Access Providers to use a common short code 127xxx for sending consent-seeking messages. The regulatory body states, “The purpose, scope of the consent and Principal Entity/Brand name shall be mentioned clearly in the consent-seeking message sent through the short code. Only whitelisted URLs/ APKs/OTT links/Call Back numbers etc shall be used in the consent-seeking messages. Further, Access Providers shall develop an SMS/IVR/Online facility to register the unwillingness of the customers to receive any consent-seeking messages initiated by any Principal Entity”.
TRAI has permitted only subscriber-initiated consent acquisition in the first phase. Afterwards, PE-initiated consent acquisition shall be permitted. The regulatory body states, “Initially, Principal Entities belonging to the Banking, Insurance, Finance and Trading related sectors shall be onboarded to initiate the Consent Acquisition process, and the remaining sectors shall be onboarded subsequently”.
