Latest news with #AadyaMisra
Time of India
29-06-2025
- Business
- Time of India
Trai's new proposal may help check spam as it complements data protection laws
Mumbai: The telecom regulator's latest move to refresh its consent handling mechanism for checking spam messages and calls may have some overlaps with the country's new data protection law but isn't in conflict with it, officials said. Experts welcomed the move, saying harmonising the two sets of regulations is crucial to check spam as it will make it easier for stakeholders to implement the rules. Last week, the Telecom Regulatory Authority of India (Trai) opened a pilot for banks and telecom companies to test a solution for gathering and managing user consent. The approved solution after testing will allow telcos to verify consumer consent in real time before connecting or delivering commercial calls and messages. The move comes as the Telecom Commercial Communications Customer Preference Regulations ( TCCPR ), first introduced in 2018, has failed to deliver results in preventing spam – largely due to lack of coordination among telcos, price-wars, and non-seriousness among enterprises, according to experts. The country's new data protection law and its mandate on consent management may well be the much-needed impetus for enterprises to take anti-spam regulations seriously henceforth, they said. 'We have tried to devise a framework to validate the current operational, technical and regulatory aspects of consent registration, and lay the foundation for sector-wise scaling,' a senior Trai official told ET on condition of anonymity. 'Yes, there are overlaps between the two legislations. But those aren't conflicts,' he said. 'For instance, TRAI aims to curtail the practice of collecting mobile numbers through unauthorised data-sharing practice, which ultimately leads to marketing spam. This is also a basic principle of the data protection law.' He called on telcos to develop a solution which is both consumer- and business-friendly. Aadya Misra, partner at law firm Spice Route Legal, said without harmonisation, businesses will struggle with implementing two distinct consent regimes under these laws. 'Multiple frameworks increase the risk of consumer drop-off and consent fatigue among users. Combining these frameworks would lend legal clarity, operational efficiency, and better outcomes,' she said. Spice Route Legal specialises in data advisory. Misra said the original TCCCPR, which hinged on a robust consent mechanism that allows phone users to control what messages they wish to receive, failed because of a gap in enforcement and industry adoption. 'Most businesses lacked robust consent management frameworks or the technological capability to operationalise consent at scale. This has resulted in fragmented processes that are difficult to implement,' she said. 'If the new pilot can simplify integration, ensure interoperability, and provide a standardised infrastructure that businesses can easily plug into…it may just overcome the friction,' she added. However, businesses will face initial costs while adapting and upgrading their systems, Misra said. The Cellular Operators Authority of India (COAI), which represents all three private telcos, Reliance Jio , Bharti Airtel and Vodafone Idea , agreed that there have been challenges in adoption of existing consent framework and the latest directive empowers the consumers with a uniform consent revocation process. 'However, the adoption may differ from sector to sector, as each sector has its own unique way of functioning,' said SP Kochhar, director general of COAI. 'This initiative will serve as a test bed to assess the feasibility and effectiveness of the system, and it is expected to yield positive results.' Telecom companies also noted that the consent framework currently applies to only SMS and voice communications but will be incomplete until OTT platforms are brought under regulatory purview. 'This regulatory gap is increasingly exploited, with a growing share of scams and unsolicited promotions now originating on OTT apps,' Kochhar said.
Time of India
20-05-2025
- Business
- Time of India
ET Explainer: What OpenAI's local data residency means for India
ChatGPT-maker OpenAI earlier this month enabled local data residency in key Asian countries including India—its second largest market—and Japan, Singapore, and South Korea. This was in a bid to help organisations who want to leverage its ChatGPT Enterprise, ChatGPT Edu, and the OpenAI API (application programming interface) offerings, but also have data localisation requirements. ET explains what this move means for Indian businesses and whether data sovereignty is on the horizon. What does OpenAI's data residency policy mean for India? The feature allows 'data at rest' such as prompts, uploaded files, and chat interactions to be stored within India. But, models still reside in foreign servers and processing enterprise information at inference time (run-time) will need exchange outside India servers. Play Video Pause Skip Backward Skip Forward Unmute Current Time 0:00 / Duration 0:00 Loaded : 0% 0:00 Stream Type LIVE Seek to live, currently behind live LIVE Remaining Time - 0:00 1x Playback Rate Chapters Chapters Descriptions descriptions off , selected Captions captions settings , opens captions settings dialog captions off , selected Audio Track default , selected Picture-in-Picture Fullscreen This is a modal window. Beginning of dialog window. Escape will cancel and close the window. Text Color White Black Red Green Blue Yellow Magenta Cyan Opacity Opaque Semi-Transparent Text Background Color Black White Red Green Blue Yellow Magenta Cyan Opacity Opaque Semi-Transparent Transparent Caption Area Background Color Black White Red Green Blue Yellow Magenta Cyan Opacity Transparent Semi-Transparent Opaque Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Drop shadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps Reset restore all settings to the default values Done Close Modal Dialog End of dialog window. Data localisation has until now prevented OpenAI from gaining market share in India as BFSI customers opted to host open models like Meta's Llama and DeepSeek on-premise. According to Aadya Misra, Partner at Spice Route Legal, 'OpenAI's residency option could allow financial institutions to deploy AI for use cases like payment processing while remaining compliant with existing requirements that require payment data to be stored locally.' She explained that the Reserve Bank of India does permit transient cross-border processing under certain conditions, 'so if implemented thoughtfully, concerns about data in motion could also be addressed. This move could shift reliance on self-hosted open-source models to enterprise-grade and centrally managed AI solutions.' Discover the stories of your interest Blockchain 5 Stories Cyber-safety 7 Stories Fintech 9 Stories E-comm 9 Stories ML 8 Stories Edtech 6 Stories Does this spell data sovereignty for India? The move may at best be seen as a first step towards compliance-enablement that could help companies to bolster contracts with responsible data handling clauses. It has fallen short of complete data sovereignty, however, experts said. 'The architecture stores data 'at rest' locally, but not necessarily 'in transit' or during model inference. That data may still leave the country, exposing enterprises to regulatory scrutiny,' said Leslie Joseph, principal analyst at Forrester. Joseph noted that OpenAI has not announced local hosting of its GPT models or inference engines in India. 'There's no evidence of compute or model weights residing in-country. This is partial localisation at best, not sovereign AI,' Joseph added. He explained that although OpenAI has added AES-256 level encryption for data at rest and TLS 1.2+ for data in transit, without full model localisation, including inference compute, enterprises handling PII (personally identifiable information) will continue to face regulatory and data exposure concerns. '...There is no explicit indication that the underlying GPT models, including their inference engines, tokens, or trained weights, will themselves be hosted in India,' said Ankit Sahni, Partner at Ajay Sahni & Associates. What impact could the move have? Speculation remains that OpenAI may eventually bring full-stack model hosting to India, given its enterprise ambitions and steady competition from cost-effective open-weight models. For now, experts say companies must treat this as a 'compliance-forward gesture.' It could also mean opportunities for Indian data centre players. Although the company is likely to host local storage within its long-time exclusive partner Microsoft's data centres, sources told ET that OpenAI is hearing proposals from other colocation data centres in India as well. 'Given OpenAI's shift to a for-profit structure and changing dynamics with Microsoft, we are actively seizing this opportunity to commit to a long-term relationship with them,' the senior executive at a leading data centre company told ET. Annapurna Roy contributed to this story.
Economic Times
20-05-2025
- Business
- Economic Times
ET Explainer: What OpenAI's local data residency means for India
OpenAI has enabled local data residency in India and other Asian countries to attract organisations needing data localisation. This allows storage of data at rest within India, but model processing still occurs on foreign servers. ET explains what this means for Indian businesses and whether data sovereignty is on the horizon. Tired of too many ads? Remove Ads Tired of too many ads? Remove Ads Tired of too many ads? Remove Ads ChatGPT-maker OpenAI earlier this month enabled local data residency in key Asian countries including India—its second largest market—and Japan, Singapore, and South Korea. This was in a bid to help organisations who want to leverage its ChatGPT Enterprise, ChatGPT Edu, and the OpenAI API (application programming interface) offerings, but also have data localisation requirements. ET explains what this move means for Indian businesses and whether data sovereignty is on the feature allows 'data at rest' such as prompts, uploaded files, and chat interactions to be stored within India. But, models still reside in foreign servers and processing enterprise information at inference time (run-time) will need exchange outside India localisation has until now prevented OpenAI from gaining market share in India as BFSI customers opted to host open models like Meta's Llama and DeepSeek to Aadya Misra, Partner at Spice Route Legal, 'OpenAI's residency option could allow financial institutions to deploy AI for use cases like payment processing while remaining compliant with existing requirements that require payment data to be stored locally.'She explained that the Reserve Bank of India does permit transient cross-border processing under certain conditions, 'so if implemented thoughtfully, concerns about data in motion could also be addressed. This move could shift reliance on self-hosted open-source models to enterprise-grade and centrally managed AI solutions.'The move may at best be seen as a first step towards compliance-enablement that could help companies to bolster contracts with responsible data handling clauses. It has fallen short of complete data sovereignty, however, experts said.'The architecture stores data 'at rest' locally, but not necessarily 'in transit' or during model inference. That data may still leave the country, exposing enterprises to regulatory scrutiny,' said Leslie Joseph, principal analyst at noted that OpenAI has not announced local hosting of its GPT models or inference engines in India. 'There's no evidence of compute or model weights residing in-country. This is partial localisation at best, not sovereign AI,' Joseph explained that although OpenAI has added AES-256 level encryption for data at rest and TLS 1.2+ for data in transit, without full model localisation, including inference compute, enterprises handling PII (personally identifiable information) will continue to face regulatory and data exposure concerns.'...There is no explicit indication that the underlying GPT models, including their inference engines, tokens, or trained weights, will themselves be hosted in India,' said Ankit Sahni, Partner at Ajay Sahni & remains that OpenAI may eventually bring full-stack model hosting to India, given its enterprise ambitions and steady competition from cost-effective open-weight models. For now, experts say companies must treat this as a 'compliance-forward gesture.'It could also mean opportunities for Indian data centre the company is likely to host local storage within its long-time exclusive partner Microsoft's data centres, sources told ET that OpenAI is hearing proposals from other colocation data centres in India as well.'Given OpenAI's shift to a for-profit structure and changing dynamics with Microsoft, we are actively seizing this opportunity to commit to a long-term relationship with them,' the senior executive at a leading data centre company told Roy contributed to this story.
