Data is the digital gold!!. Hence to safeguard the biggest virtual asset is exceptionally crucial. The authorities are well aware of the prominence of data in present times and strive to protect it by any means feasible. The department of telecommunications plays a critical role in regulating the call logs and internet activity records, i.e., a significant portion of your data in cyberspace.
The recent amendments by the Department of Telecommunications (DoT) have called for the change in a time period of retaining CDR (call detail record), Exchange Detail Record (EDR), and IP Detail Record (IPDR), upgrading the existing security conditions mandating archival of records for one year to two years. The recent amendments by the DoT have been implemented after multiple requests by security agencies. The new changes require Internet service providers to retain ‘Internet telephony’ information and IP details for two years or until the time specified by the authorities for investigation.
The procedural order was executed after vital feedback by agencies claiming security checks require a longer duration for their completion, which requires data retention for a more extended period than just an year. The telecom department exercised its rights to modify the conditions of the license whenever deemed necessary in the public interest or to safeguard state security. The licenses amended by DoT include Unified licenses (UL), Unified Licenses (Virtual Network Operators), and Unified Access Service (UAS) License agreement. The changes have also mandated mobile companies to provide CDRs to the law enforcement authorities. Along with this, the licenses have to be presented in different courts on orders.
The amendments by DoT have brought many changes to address national security and other public interest issues. The amendments include:
- The revamped security conditions instruct the licensee to collate a minimum of two years of commercial records, IP Detail Record (IPDR), Exchange Detail Record (EDR), and Call Detail Record (CDR) to be scrutinized by the licensor on the grounds of national security.
- The updated security protocols mandate licensees to preserve CDR and IPDR for the internet along with internet telephony service for a minimum of two years, an upgrade from the previous mandate of maintaining records for just one year.
Lastly, the telecommunication department amended safety conditions to provide licensees to maintain all subscribers’ login and logout details of services offered, such as access to the internet, internet telephony, email, etc., for two years. The same has been extended on the grounds mentioned above
Reviewed – Mr. Hrishikesh Bedi, Consultant, CyberPeace Foundation