Bengaluru: RS Sharma, chairman of Telecom Regulatory Authority of India (TRAI) has said on Tuesday that any app that stores user’s information should collect minimal data just as Aadhaar regulator UIDAI does. According to him, the Unique Identification Authority of India issues a 12-digit Aadhaar number to citizens of the country after collecting “minimal data”.
Many customers using such apps that collect user information are unaware that more-than-required data is being collected from them in a ridiculous manner.
“For Aadhar enrollment, we collect just four sets of data – your name, date of birth and your communication address. Nothing more, nothing less. Similarly, every app must collect as much data as is required,” Mr. Sharma told ET Now in an interview in Bengaluru yesterday.
“Data minimization should be one of the principles just as Unique Identification Authority of India (UIDAI) adopts to collect data of people,” he said.
The Telecom Regulatory Authority of India understands that the present framework of data protection of telecom consumers is “not sufficient” and also that all entities in the digital ecosystem which handle personal data needs to be kept under a data protection policy.
This policy recommendation if brought into force may have far-reaching implications for big companies like Apple and Facebook along with apps like Paytm.
When inquired about the power of the Department of Telecommunications to create rules or regulations proposed by TRAI, Mr. Sharma clarified by saying that the responsibility to create rules and regulations lies with the government.
Along with that, he also said that the telecom regulator has powers to implement all such rules before the government makes it a law due to the fact that they have got the jurisdiction to protect consumer’s interest in the telecom sector.
According to him, there is regulatory imbalance being witnessed due to the entities not following any. Now the responsibility lies with the government to make a law with a broad framework and then it will be possible to apply rules on them accordingly.
Mr. Sharma also said that the reason for the regulatory imbalance is that these entities are not following any of the rules. Answering to a query, he also said that TRAI is not applying the same encryption standards for different sectors including telecom or Aadhaar.
“There are different rules for different sectors. For example in telecom, the maximum encryption is proposed to be 40 bits. UIDAI has the highest level of encryption where it is 2048 bits. So, what we are saying is that probably there is a need to have a general policy on encryption and we are not saying that we should apply same encryption standard,” he said.
He also said that the standards of encryption should be always proportional to the security that needs to be achieved.
You May Also Read: Strange And Uncertain Times Ahead: Barack Obama During Mandela Tribute