The Internet and Mobile Association of India (IAMAI) said that TRAI recommendation on data privacy is premised on a voice and SMS regime.
The industry body said it is not meant for data-driven business, which the app companies are.
Incidentally, the Sri Krishna Committee under the Ministry of IT, as well as for handset manufacturers, is deep, looking into this issue of consent, IAMAI added.
IAMAI pointed out that the recommendations, in-principle, are around users' ownership of data, no use of metadata to identify individuals and 'privacy by design' principle coupled with data minimization should be made applicable to all the entities in the digital ecosystem.
Trai recommendation to formulate standards of anonymization and de-identification is "akin to putting the cart before the horse" and till such time the Sri Krishna committee is out and a notification or a law is passed, making these standards would be groping in the dark, the industry body asserted.
Rajan Mathews, Director General, Cellular Operators Association of India (COAI), seems happy with the TRAI's recommendations on Privacy, Security, and Ownership of Data
He said: "This would include all devices, operating systems, browsers, and applications and would be welcome stop-gap measure till rules and regulations of the telecom services providers are applicable to them. This will ensure, in prevailing circumstances, that the privacy of users is protected and maintained. National security and privacy issues are of paramount importance."
For those who are not aware TRAI came out with recommendations related to data privacy to identify the scope and definition of personal data, ownership, and control of data of users of telecom services.
As per the recommendations of all entities in the digital ecosystem, which control or process the data, should be restrained from using Meta-data to identify the individual users.
The regulator also said that the existing framework for protection of the personal information/ data of telecom consumers is not sufficient and to protect telecom consumers against the misuse of their personal data by the broad range of data controllers and processors in the digital ecosystem, all entities in the digital ecosystem, which control or process their personal data should be brought under a data protection framework.