The regulator stated that previous consent given by users was no longer valid with the introduction of a new digital consent acquisition (DCA) facility for seeking and receiving permission from customers online. It urged businesses to “take urgent necessary steps” to establish a user consent mechanism.
For over 15 years now, telecom regulator TRAI has attempted various methods to curb pesky calls, starting with the Do Not Call registry, but it has failed to enforce discipline. The latest initiative aims to shift the responsibility to banks and other entities, such as insurance companies, which have been the biggest offenders for years. While consumers give consent when taking a loan from a bank, the data is easily accessed by other agencies, from various loan agents to RO service. It’s time TRAI demonstrated a strong will to act against the entities that violate the rule.
Currently, customer consent is scattered across various entities and platforms. The DCA platform will use distributed ledger technology (like blockchain) to collect and maintain all consumer consent records in one place.
“A common short code 127xxx will be used for sending consent seeking messages. The purpose, scope of consent, and principal entity/brand name shall be mentioned clearly in the consent seeking message sent through the short code,” the TRAI directive said. In June, TRAI had instructed banks, financial institutions, and other such entities to develop and deploy the DCA facility and set a deadline of September 30. Now, it has reiterated that these entities must onboard the new system.
“Only whitelisted URLs/ APKs/ OTT links/call-back numbers etc, shall be used in consent-seeking messages. The consent acquisition confirmation message to the customers shall also have information related to revocation of the consent,” it said.
