For Google, Facebook, & phone companies, the regulator offers a clear statement: "Each user owns his/ her personal information/ data collected by/ stored with the entities in the digital ecosystem. The entities, controlling and processing such data, are mere custodians and do not have primary rights over this data." This applies to "all entities in the digital ecosystem, which control or process their personal data."

Potentially important, "The Right to Choice, Notice, Consent, Data Portability, and Right to be forgotten should be conferred upon the telecommunication consumers." Data Portability is crucial to any large-scale challenge to Facebook's near monopoly, althought that remains a difficult task.

TRAI  other sensible suggestions include:

"It should have provisions for revoking the consent, at a later date, by users."

"Multilingual, easy to understand, unbiased, short templates of agreements/ terms and conditions be made mandatory."

India is pulling ahead of most Western countries in Internet policy.

TRAI releases Recommendations on "Privacy, Security and Ownership of Data in the Telecom Sector"

New Delhi, 16th July, 2018:

The Telecom Regulatory Authority of India (TRAI) has today issued its Recommendations on "PrivacySecurity and Ownership of Data in the Telecom Sector".

2. The Authority had issued a Consultation Paper on "Privacy, Security and Ownership of Data in the Telecom Sector" on 9th August, 2017 with the following objectives: (a) To identify the scope and definition of Personal data, Ownership and Control of data of users of telecom services. (b) Understand and Identify the Rights and Responsibilities of Data Controllers. (c) To assess the adequacy and efficiency of data protection measures currently in place in the telecom sector. (d) Identify the key issues pertaining to data protection in relation to the delivery of digital services. This includes the provision of telecom and Internet services by telecom and Internet service providers (TSPs) as well the other devices, networks and applications that connect with users through the services offered by TSPs and collect and control user data in that process. 3. Comments and counter-comments received from the stakeholder were published on TRAI's website. An Open House Discussion was also conducted in New Delhi on 01.02.2018.

4. Comments and counter-comments received from the stakeholders along with the additional inputs received during the Open House Discussion were considered by the Authority before formulating its recommendations. 5. The recommendations made by the Authority are as follows: (a) Each user owns his/ her personal information/ data collected by/ stored with the entities in the digital ecosystem. The entities, controlling and processing such data, are mere custodians and do not have primary rights over this data. (b) A study should be undertaken to formulate the standards for anonymization/de-identification of personal data generated and collected in the digital eco-system. (c) All entities in the digital ecosystem, which control or process the data, should be restrained from using Meta-data to identify the individual users. (d) The existing framework for protection of the personal information/ data of telecom consumers is not sufficient. To protect telecom consumers against the misuse of their personal data by the broad range of data controllers and processors in the digital ecosystem, all entities in the digital ecosystem, which control or process their personal data should be brought under a data protection framework.

(e) Till such time a general data protection law is notified by the Government, the existing Rules/ license conditions applicable to TSPs for protection of users' privacy be made applicable to all the entities in the digital ecosystem. For this purpose, the Government should notify the policy framework for regulation of Devices, Operating Systems, Browsers, and Applications. (f) Privacy by design principle coupled with data minimization should be made applicable to all the entities in the digital ecosystem viz, Service providers, Devices, Browsers, Operating Systems, Applications etc. (g) The Right to Choice, Notice, Consent, Data Portability, and Right to be forgotten should be conferred upon the telecommunication consumers. (h) In order to ensure sufficient choices to the users of digital services, granularities in the consent mechanism should be built-in by the service providers. (i) For the benefit of telecommunication users, a framework, on the basis of the Electronic Consent Framework developed by MeitY and the master direction for data fiduciary (account aggregator) issued by Reserve Bank of India, should be notified for telecommunication sector also. It should have provisions for revoking the consent, at a later date, by users.

(]') The Right to Data Portability and Right to be Forgotten are restricted rights, and the same should be subjected to applicable restrictions due to prevalent laws in this regard. (k) Multilingual, easy to understand, unbiased, short templates of agreements/ terms and conditions be made mandatory for all the entities in the digital eco-system for the benefit of consumers. (1) Consumer awareness programs be undertaken to spread awareness about data protection and privacy issues so that the users can take well informed decisions about their personal data. (m) Data Controllers should be prohibited from using "preticked boxes" to gain users consent. Clauses for data collection and purpose limitation should be incorporated in the agreements. (n) Devices should disclose the terms and conditions of use in advance, before sale of the device. (o) It should be made mandatory for the devices to incorporate provisions so that user can delete pre-installed applications if he/she so decides. Also, the user should be able to download the certified applications at his/ her own will and the devices should in no manner restrict such actions by the users. (p) Department of Telecommunication should re-examine the encryption standards, stipulated in the license conditions for the TSPs, to align them with the requirements of other sector regulators. (q) To ensure the privacy of users. National Policy for encryption of personal data, generated and collected in the digital eco-system, should be notified by the Government at the earliest. (r) For ensuring the security of the personal data and privacy of telecommunication consumers, personal data of telecommunication consumers should be encrypted during the motion as well as during the storage in the digital ecosystem. Decryption should be permitted on a need basis by authorized entities in accordance to consent of the consumer or as per requirement of the law. (s) All entities in the digital ecosystem including Telecom Service Providers should be encouraged to share the information relating to vulnerabilities, threats etc in the digital ecosystem/ networks to mitigate the losses and prevent recurrence of such events. (t) All entities in the digital ecosystem including Telecom Service Providers should transparently disclose the information about the privacy breaches on their websites along with the actions taken for mitigation, and preventing such breaches in future

. (u) A common platform should be created for sharing of information relating to data security breach incidences by all entities in the digital ecosystem including Telecom service providers. It should be made mandatory for all entities in the digital ecosystem including all such service providers to be a part of this platform. (v) Data security breaches may take place in-spite of adoption of best practices/ necessary measures taken by the data controllers and processors. Sharing of information concerning to data security breaches should be encouraged and incentivized to prevent/ mitigate such occurrences in future. 6. The recommendations have been placed on TRAI's website www.trai. gov. in.

7. For any clarification/information Sh. Sunil Kumar Singhal, Advisor (BBBsPA) may be contacted on Tel. No. +91-11-23221509 or email: sksinghal@trai. gov. in. b\^ , (S. . ,.Gupta) Secretary, TRAI

The world needs a good news source on Internet and telecom policy. I hope to create one. Catch a mistake? Email me please.  Dave Burstein

Latest

Professor Noam's "Many Internets" http://bit.ly/ManyNets

Until about 2010, everyone agreed the Net was a "network of networks," not a monolithic entity. There was a central authority, ICANN, keeping track of domain names, but that was a minor administrative function.
Columbia Professor Noam suggests we might be better off accepting that some nations or groups might want to organize their networks differently. It's easy to see demand for an Internet with much more effective filters against material some think harmful to children. (Any 10 year old can easily find porn today. Many do.)
Internet translation is getting better very quickly. You might want an "Internet" that translates everything into your language. Google Chrome translation isn't perfect but I was able to research most of this story on Russian language sites. With a few more years progress, I might welcome an alternate that brings me everything in English, including caching for better performance.
De facto, Internet news is already split, as hundreds of millions only get their news from Facebook. Google AMP pages, including for news, also favor selected parts of the net
Centralizing the DNS doesn't prevent censorship, as the Chinese have demonstrated. There are many Jewish and Muslim fundamentalists who want to block what they consider blasphemy and limit free speech. See http://www.nytimes.com/2012/05/21/nyregion/ultra-orthodox-jews-hold-rally-on-internet-at-citi-field.html . More from Noam http://bit.ly/ManyNets

Russia Orders Alternate Root Internet System http://bit.ly/RussiaDNS
It's actually practical and not necessarily a problem.The Security Council of the Russian Federation, headed by Vladimir Putin, has ordered the "government to develop an independent internet infrastructure for BRICS nations, which would continue to work in the event of global internet malfunctions ... This system would be used by countries of the BRICS bloc – Brazil, Russia, India, China and South Africa." RT
Columbia University Professor Eli Noam and then ICANN CEO Fadi Chehadé have both said such a system is perfectly practical as long as there is robust interconnection.
Actually, the battle over ICANN and domain names is essentially symbolic. Managing the DNS is a relatively insignificant task, more clerical than governing. ICANN Chair Steve Crocker pointed out they had very little to do with policy.
Some will claim this is about blocking free speech but that's rhetoric. Russia doesn't need to fiddle with the DNS for censorship, as the Chinese have demonstrated. The wonders of the Internet will continue so long as the resulting nets" are robustly connected. The ICANN and U.S. policy goal should be to help create that system for interconnection.
I expect contentions that “The Russians are taking over our Internet” and “They are splitting the Internet.” The Internet is a “Network of Networks.” It is not a monolith so what would “splitting” it mean or do?
After the WCIT, China realized that ICANN and the DNS are side issues not worth bothering about. They have been building alternate institutions including the World Internet Summit in Wuzhan and the BRICs conferences.  The Chinese have put their main work where decisions that matter are made. Wireless standards are set by 3GPP, where nothing can be approved without China's consent.
The American battle at ITU is proving to be a historic mistake.
Why does Russia want an independent Internet?
They fear that Western sanctions on Russia could cripple the Russian Net. Communications minister, Nikolay Nikiforov, worries about, "a scenario where our esteemed partners would suddenly decide to disconnect us from the internet." I think that's highly unlikely but Nikiforov points out, “Recently, Russia is being addressed in a language of unilateral sanctions: first, our credit cards are being cut off; then the European Parliament says that they’ll disconnect us from SWIFT."
It makes sense for the Russians to be prepared for such a contingency as the Cold War has been warming up on both sides. "Britain's top military chief Air Chief Marshal Sir Stuart Peach just made headlines warning Russian subs "could CRIPPLE Britain by cutting undefended undersea internet cables." Much more http://bit.ly/RussiaDNS

ICANN Continues Excluding Russia & China From the Board http://bit.ly/CEOPromises
No wonder Russia wants an alternate root. Three years ago, ICANN CEO Fadi Chehadé promised "a seat at the table" to Chinese Premier Li. ICANN welched and this year added two more Americans.
Almost all the ICANN board is from the U.S. and close allies; only about 4 of the 18 board members are from countries on the other side of the North/South divide in Internet policy.  Claiming ICANN represents the Global Internet is inappropriate. China is 1/3rd of the Internet but has no representation on the board.
I know many of the board members. They are all basically honorable but generally share a strong opinion on North-South issues.
Larry Strickling of the U.S. government knew just what he was doing with the IANA transition. He handed over to a board with similar positions as the U.S. government.
"The system is unsustainable while it excludes half the world," I have been saying since 2012. More, including the transcript of Fadi's statements,http://bit.ly/CEOPromises

Sorry, Ajit Pai: Smaller Telcos Did Not Reduce Investment After NN Ruling http://bit.ly/SorryPai
Pai justifies his NN choice with the claim, "The impact has been particularly serious for smaller Internet service providers." #wrong (Actually, NN has minimal effects on investment, up or down, I’m convinced. Competition, new technology, customer demand and similar are far more important.)
The two largest suppliers to “smaller ISPs” saw sales go up. Adtran's sales the most recent nine months were $540M, up from $473M the year before. 2016 was $636M, 2015 $600M. Calix the last nine months sold $372M, up from $327M. The full year 2016 was $459M, up from $407M in 2015. Clearfield, a supplier of fiber optic gear, was up 8% in sales in the smaller ISPs.
There is nothing in the data from others that suggests an alternate trend. Anyone could have found this data in a few minutes from the company quarterly reports.
The results in larger companies are ambiguous. I can "prove" capex went up or went down by selecting the right data. The four largest companies' capex - two/thirds of the total - went up from $52.7B in 2015 to $55.7B in 2016. The result remains positive after making sensible adjustments for mergers and acquisitions. That's as close to "proving" that NN led to increased spending as the facts chosen to prove the opposite.
Actually, whether capex went up or down in 2016 tells us almost nothing about the choice on neutrality. Everyone knows a single datapoint could be random or due to other causes. Much more, including the source of the errors http://bit.ly/SorryPai

Elders Bearing Witness: Vint, Timbl, & Many More http://bit.ly/VintTim
Vint Cerf, Tim Berners-Lee, Steve Wozniak and more than a dozen true Internet pioneers wrote Congress to protect Neutrality. The best Congress money can buy didn't listen but I wanted to reproduce their letter.
I hope they are wrong believing "is an imminent threat to the Internet we worked so hard to create." My take is the impact will be moderate in the short run.
From the letter:
We are the pioneers and technologists who created and now operate the Internet, and some of the innovators and business people who, like many others, depend on it for our livelihood. ... The FCC’s proposed Order is based on a flawed and factually inaccurate understanding of Internet technology. These flaws and inaccuracies were documented in detail in a 43-page-long joint comment signed by over 200 of the most prominent Internet pioneers and engineers and submitted to the FCC on July 17, 2017.
Despite this comment, the FCC did not correct its misunderstandings, but instead premised the proposed Order on the very technical flaws the comment explained. The technically-incorrect proposed Order ... More, including the full list, http://bit.ly/VintTim