In an age where data is often dubbed the “new oil,” protecting personal information has become paramount. India’s regulatory landscape around data privacy comprises overlapping frameworks—chiefly, the Telecom Regulatory Authority of India (TRAI) regime for telecommunication data and the Information Technology Act, 2000 (IT Act) for electronic data exchanges. Together, they seek to balance legitimate business needs with individual rights to privacy.

Dual Frameworks: TRAI and the IT Act

• TRAI Act & Regulations
  TRAI oversees all matters related to mobile numbers and telecommunication services. Its Unsolicited Commercial Communications Regulations set strict guardrails on who can send promotional calls or messages and under what conditions.
• Information Technology Act, 2000
  The IT Act governs the exchange of electronic data more broadly, imposing duties on data handlers to maintain confidentiality and punishing unauthorized disclosures under Section 72.

Whether the user is registered under DND of the NCPR?

Marketing by telephone to individual subscribers without their consent is expressly prohibited with the telecom service providers being responsible to ensure that such a prohibition is enforced. Telecom service providers are required to establish a Customer Preference Registration Facility (“CPRF”) under which customers can provide or revoke their consent with regard to the category, the mode (whether voice calls or text messages) and the time slot of such marketing.

The CPRF provides customers the option to register under the ‘partially blocked category’ pursuant to which customers can opt for receiving promotional communications under the following categories:

1. banking/insurance/financial products/credit cards
2. real estate
3. education
4. health
5. consumer goods and automobiles;
6. communication/broadcasting/entertainment/IT;
7. tourism and leisure
8. Food and beverages.

Whether the data user is falls under the category of Tele-Marketer by definition or meaning?

The Telecom Unsolicited Commercial Communications Regulations defines as follows:

“Telemarketer” means any person who transmits any message, through telecommunications service, for the purpose of soliciting or promoting any commercial transaction in relation to goods, investments or services.

“unsolicited commercial communication” means any message, through telecommunications service, which is transmitted for the purpose of informing about, or soliciting or promoting any commercial transaction in relation to goods, investments or services which a subscriber opts not to receive, but does not include -:

• any message (other than promotional message) relating to a service or financial transaction under a specific contract between the parties to such contract; or

• any messages relating to charities, national campaigns or natural calamities transmitted on the directions of the Government or agencies authorized by it for the said purpose;

• any message transmitted, on the directions of the Government or any authority or agency authorized by it, in the interest of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality;

What are the rules applicable for Communicating through E-mails in India?

There are no specific laws or regulations in India on direct marketing by email. Also, there are no specific Conditions or Rules for direct marketing by e-mail to corporate subscribers.

Whether the data obtained is with the agreement of the user?

The data obtained from various sources plays a pivotal role. Whether it is collected with the acceptance of the user or not is the crucial test here. Section 72 of the IT Act 2000 specifies about the Penalty for breach of confidentiality and privacy.

“Save as otherwise provided in this Act or any other law for the time being in force, any person who, in pursuance of any of the powers conferred under this Act, rules or regulations made thereunder, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such electronic record, book, register, correspondence, information, document or other material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.”