The Telecom Regulatory Authority of India (TRAI) is seeking ways to protect consumers more effectively from unsolicited commercial and spam calls and from calls designed to scam users. In late August 2024, TRAI released a consultation paper, proposing a review of the Telecom Commercial Communications Customer Preference Regulations, 2018 (TCCCPR-2018), in order to tighten regulations as part of the ongoing battle against unsolicited commercial and spam calls (UCC).
The TCCCPR offers users the option to block commercial communications in specific categories, or all of them, and actions have been taken against unregistered telemarketers (UTMs) according to the Performance Monitoring Reports submitted by mobile companies. But the scale of the problem is massive and it may be growing.
Between April 2020 and September 2023, warning notices were issued in 1,106,920 cases of first-time violations; 74,113 connections were disconnected for violating regulations for the third time and TRAI imposed fines amounting to Rs 1,099 million, invoking the provisions of TCCCPR-2018. Usage caps were also imposed in 790,843 cases during the investigation of complaints and usage caps were imposed for six months in 192,816 cases for second violations.
Nevertheless, between January and March 2024, over 550,000 UCC-related complaints had to be addressed across broadband and cellular networks. As per a recent survey by LocalCircles, 76 per cent of the 41,000 respondents claimed to receive three or more promotional or spam SMSs every day. Financial services and real estate companies are the worst offenders. TRAI says it has blacklisted over 50 entities and disconnected more than 275,000 mobile numbers/telecom resources including UTMs between January and June 2024.
According to a statement in Parliament in February 2024 by Devusinh Chauhan, Minister of State for Communications, “Since 2019, more than 20 telemarketers, roughly 500 principal entities (PEs), more than 3,000 SMS headers, and more than 40,000 content templates have been put on a blacklist for sending phishing SMSs or unsolicited commercial communication (UCC).”
Chauhan also said that in compliance with TRAI regulations, telecom service providers (TSPs) have temporarily deactivated more than 400,000 headers and over 1.1 million content templates to prevent the transmission of promotional messages via unregistered telemarketers or telemarketers using 10-digit telephone numbers.
The government also conducted an artificial intelligence/machine learning (AI/ML) based analysis of the entities sending commercial SMSs with their headers and content templates and more than 20,000 PEs, 30,000 SMS headers and 0.195 million SMS content templates were removed.
Further, safety measures were imposed to improve safety and security for telecommunication users. The government has adopted various security measures including strengthening know-your-customer (KYC) frameworks, mandating indisputable verification of each point of sale (PoS) by TSPs, while registering them for issuing SIMs , blacklisting PoSs across all TSPs in case that non-compliance with instructions and re-verification of users enrolled by non-compliant PoS.
These measures led to the disconnection of 5.552 million mobile connections taken on fake documents; and resolution of 2.7 million requests under the “Know Your Mobile Connections” facility. In addition, around 1.342 million suspected mobile connections were reported by citizens and disconnected, failing re-verification; 560,000 mobile phones were traced under the “Block Your Lost or Stolen Mobile” facility; and 63,548 mobile phones recovered by the state police and returned to citizens.
The revamping of the TCCCPR-2018 includes many new proposals in the August consultation paper.
While TRAI would mandate the “140” series of phone numbers for promotional calls, one real problem is spam calls and SMSs from (normal) 10-digit mobile numbers, many of which lead to financial frauds. TRAI proposes differential tariffs for SMSs and voice calls above a certain number. For example, subscribers making over 50 calls, or sending out 50 SMSs daily could be classified as “pesky callers”.
Differential tariffs may raise the financial bar for commercial communication using 10-digit numbers and, therefore, force unregistered telemarketers to adopt distributed ledger technology (DLT), where consent is mandatory, TRAI said. The regulator is also looking at using AI-based detection systems to diagnose UCCs, which would involve training AI models for identification, detection and prevention of spams.
TRAI is also looking at mandating the explicit consent of users for promotional communications, reviewing processes for scrubbing such content before delivery to consumers, redressal of consumer complaints and proactive actions to stop spams. It may also extend the type and quantum of fines for violations.
TRAI has also proposed that telemarketers should inform telcos in advance about using auto-dialler or robot-calls for commercial communications and also seek user consent. To prevent pesky SMSs, it recently asked telcos to permit only whitelisted URLs/APKs/OTT links in SMSs for promotional purposes. The deadline for this is October 1.
Whitelisting means that enterprises will register SMS headers, call-back numbers and URLs in those SMSs, with telcos. Then telcos will feed the same into their DLT platforms, to allow passage of SMSs with verified links. Telemarketing calls starting with the 140 series have to be migrated to DLT platforms or blockchain by September 30, for better monitoring. The trail of all messages from senders to recipients must be traceable from November 1.
The draft says, the if telecom operators are found to have failed to take action against unregistered senders, they would be liable to pay Rs 10,000 per instance if the sender belongs to the individual category of telecom consumers and Rs 0.1 million per instance, if the semder is from the enterprise category. The telecom regulator said if the access provider is found to have misreported the count of UCC, it would have to pay Rs 0.5 million as penalty per licensed service area (LSA) for each month.
The total amount payable as financial disincentives shall not exceed Rs 5 million per calendar month per LSA for telcos, according to TRAI’s draft regulations. The proposed financial penalties on registered telemarketers for failing to curb spam start at Rs 1,000 per valid complaint, Rs 5,000 per registration not done in accordance with rules and Rs 0.1 million per misuse of number series assigned for transactional calls.
If TRAI decides to implement differential tariffs for calls and messages beyond a certain limit, it would not affect most consumers. The January-March 2024 quarterly data indicates 99.38 per cent of the 1.16 billion telecom subscribers send no more than 10 SMSs per day per SIM. Only 364,127 (0.03 per cent of the total subscribers) send 51 to 100 SMSs per SIM per day, whereas only 47,427 (0.004 per cent of the total subscribers) send over 100 SMSs per SIM per day.
Telcos and other stakeholders are concerned about whitelisting norms, which may cause delay in the receipt of one-time password (OTP) related messages by mobile users. Under the new system, banks and other entities will have to register the content of SMSs with telcos before sending any message. According to industry executives, these OTPs and other links in SMSs are generated in real time and, therefore, cannot be pre-registered with telcos.
Telcos also want the government to enforce traceability and user privacy rules on OTT apps to curb spam and other illegal activities. The majority of messaging traffic has moved to data networks from SMSs, according to telcos. Telcos also complain that TRAI norms on quality of service are too stringent and increase the compliance burden disproportionately without ensuring much benefit for subscribers.
Regulators and policymakers need to examine the UCC epidemic from an economic perspective to understand the incentives, to map legitimate usage of telemarketing and to effectively regulate it. UCCs are extremely cheap and hence even a tiny “strike rate”, where very few UCCs receive responses, are economically viable. This is the basis for all telemarketing including legitimate users and unregistered marketers, especially scamsters.
While raising barriers against unauthorised or illegitimate use, regulators must ensure that legitimate businesses that comply with regulations and use telemarketing channels should not be blocked from accessing these channels, nor must the usage become prohibitively expensive.
The concern aired above about OTPs is also extremely valid. The entire digital economy, including banks, insurers, credit card issuers, and service providers including ride-hailing and delivery services and also government service providers depend on OTPs, which must be generated “on the fly”. Technical solutions have to be found to ensure that SMS registration does not cause glitches in this well-established process for service provision.
The regulators have to find a balance, where compliance is not difficult and where explicit user consent is necessary and costs of compliance do not escalate, such that legitimate users do not get forced out of telemarketing channels. At the same time, they must find ways to dissuade unregistered telemarketers from spamming subscribers, and to detect fraudsters quickly and shut them down. This is a daunting task and a study of the best practices in other digital markets indicates that no geography has found ideal solutions yet.
Devangshu Datta
