The Telecom Regulatory Authority of India (TRAI) has implemented the Digital Consent Acquisition (DCA), requiring principal entities such as banks, real estate companies, insurance companies, etc. to digitally obtain fresh consent from customers before sending commercial communications to them. The same has to be obtained by sending consent-seeking messages through whitelisted URLs, APKs, OTT links, call-back numbers, etc. in the prescribed manner.
It is clarified that the consent obtained prior to such implementation will be “null and void”. The principal entities have been directed to strictly adhere to the timelines prescribed under the Authority’s direction dated June 2, 2023. The said direction was issued under provisions of the Telecom Commercial Communications Customer Preference Regulations, 2018 (TCCCPR-2018) and mandated access providers to develop and deploy the DCA facility by July 31, 2023.
Under the present mechanism, principal entities obtain and maintain the consent and hence, the same cannot be authenticated by access providers. Additionally, the mechanism doesn’t provide the customers with the option to give or revoke their consent. This is remedied by the DCA facility which also envisages the sharing of consent data on the Distributed Ledger Technology (DLT) Platform.
The press release dated November 7, 2023, specifies that a common short code of 127xxx has to be used for sending consent-seeking messages which should include the name of the principal entity or brand, information relating to consent revocation, etc. A facility should be put in place by the access providers so that customers can register their unwillingness to receive such consent-seeking messages.