Implementation of Digital Consent Acquisition (DCA) under TCCCPR-2018
Various entities such as banks, other financial institutions, insurance companies, trading companies, business entities, real estate companies, etc. send commercial messages to telecom subscribers thorough SMS or voice calls. These entities are referred to as Principal Entities (Pes) or Senders in Telecom Commercial Communications Customer Preference Regulations, 2018 (TCCCPR-2018).
TRAI in its endeavour to curb the menace of spams through Unsolicited Commercial Communications (UCC) has taken various measures in recent past. In this pursuit, TRAI issued Direction dated 02.06.2023 under TCCCPR-2018 to all the Access Providers to develop and deploy the Digital Consent Acquisition (DCA) facility for creating a unified platform and process to register customers’ consent digitally across all Access Service Providers and Principal Entities.
In the prevalent system, the consent is obtained and maintained by various Pes. Therefore, it is not possible for the Access Providers to check veracity of consents. Further, there is no unified system for customers to provide or revoke the consent. The Digital Consent Acquisition (DCA) process has facility to seek, maintain, and revoke the consents of customers, as per the processes envisaged under TCCCPR-2018. The consent data so collected will be shared on Distributed Ledger Technology (DLT) Platform, established under TCCCPR-2018 for Commercial Communications, for scrubbing by all Access Providers.
A common short code 127xxx will be used for sending consent seeking messages. The purpose, scope of consent, and Principal Entity/Brand name shall be mentioned clearly in the consent seeking message sent through the short code. Only whitelisted URLs/APKs/OTT links/Call Back numbers, etc. shall be used in the consent seeking messages. The consent acquisition confirmation message to the customers shall also have information related to revocation of the consent. Further, Access Providers shall develop a SMS/ Online facility to register unwillingness of the customers to receive any consent seeking message initiated by any Principal Entity.
It is specifically highlighted that after implementing DCA, the existing consents, acquired through alternative means, shall be rendered null and void and fresh consents will have to be sought by all Pes through digital means only.
All the Principal Entities are hereby requested to take urgent necessary steps to be onboard the DCA system as per the timelines prescribed in Direction dated 02.06.2023. For any clarification/ information/ details in the matter, Pes may contact the concerned Access Providers.