Proposal for Calling Name Presentation (CNAP) by TRAI

On the Telecom Regulatory Authority of India’s Calling Name Presentation (CNAP) proposal, telecom operators have expressed concerns about user privacy.

Calling Name Presentation (CNAP)

  • Phones would be required to display the name of a caller by extracting the telecom subscriber’s name from their SIM registration data.
  • The feature would provide information about the calling party to the person being called (similar to ‘Truecaller’ and ‘Bharat Caller ID & Anti-Spam’).
  • The goal is to ensure that telephone subscribers can make informed decisions about incoming calls and to reduce harassment from unknown or spam callers.

Why is CNAP required?

  • Securing critical calls: Genuine calls should never go unanswered. As a result, a suitable system is sought.
  • Spammers are blocked because subscribers are not given the caller’s name or identity, and they may choose not to answer if they believe it is a commercial communication from an unregistered telemarketer.
  • Concerns about robocalls (automatic calls made using IT-enabled systems with a pre-recorded voice), spam calls, and fraudulent calls are on the rise.

What are the models that have been proposed?

  • TSPs operating CNAP databases: In the first model, each telecom service provider (TSP) creates and maintains a CNAP database of its subscribers. The caller’s TSP would have to extract the relevant data from its own database in this case.
  • Sharing a database: In the second model, the calling entity’s operator shares its CNAP database with the receiver’s operator. The difference here is that the calling operator would grant the receiver’s operator access to its database in order to retrieve the caller’s CNAP data.
  • Creating a Centralized Database: It is the receiver’s operator’s responsibility to search the centralised database for and present the caller’s data. This model is similar to a plan envisioned by the Department of Telecommunications (DoT) in 2018, which included the establishment of a central Digital Intelligence Unit.
  • TSP keeps a copy of a synchronised central database that is operated by a third party. It works like this: the call is routed as usual, and because the receiver’s operator has access to both the centralised and their own databases, the lookup is internal.

Issues involved

  • Latency: According to the regulator, latency in setting up the call must be ensured, and CNAP must be interoperable. When switching from a faster wireless network (4G or 5G) to a slower one (2G or 3G), responsiveness may suffer as well.
  • Concerns about privacy: It is unclear how the CNAP mechanism would balance the caller’s right to remain anonymous, which is an important component of the right to privacy. To put it into context, an individual may choose to remain anonymous for a variety of reasons, such as whistleblowers or harassed employees.
  • Gender impact: The proposal may disproportionately harm women. Whether or not a woman subscriber consents, the service will display her name and data to every calling party.
  • Data sharing without consent: We must consider it in conjunction with The Digital Personal Data Protection Bill (2022), which includes a clause on deemed consent in the absence of adequate safeguards, including data sharing with third parties.
  • Implementation flaws: Marketers have discovered new ways to work around the existing framework. Telemarketers were previously required to be registered as promotional numbers. They have now begun to deploy “at-home workers,” who are not necessarily part of the entity’s setup.

Way ahead

  • Innovative solution: TRAI must create a user-friendly interface and, as a result, an effective mechanism.
  • Spam identification: Active participation from subscribers would ensure that spammers are correctly identified and prevented from making additional calls.
  • Digital literacy: The government must also invest in digital literacy, teaching citizens how to navigate and use technology more effectively, ensuring they do not share their data indiscriminately, and informing them about potential threats such as financial fraud and spoofing.
And get notified everytime we publish a new blog post.