Indias telecom regulator has said the existing framework for protection of personal data by companies and service providers was insufficient and recommended stricter rules to tackle data breaches. The Telecom Regulatory Authority of India (TRAI) also said entities controlling and processing user data do not have primary rights over that data. The recommendations on privacy, security and ownership of data were provided to the federal governments Department of Telecommunications, which drafts the final policy. All entities in the digital eco-system, which control or process the data, should be restrained from using metadata to identify the individual users, said TRAI.
