TRAI And Distributed Ledger Technology
Blockchain is an incredible
invention which has the potential to change the world in the way that it
functions now. Blockchain allows information to be used and distributed but not
copied. “The blockchain is an
incorruptible digital ledger of economic transactions that can be programmed to
record not just financial transactions but virtually everything of value.”[1].
Cryptocurrencies are just one of the ways in which this technology can be
utilized but it has an infinite number of applications in today’s world. It is
one of the very few technologies right now which are hacker proof which is one
of the very many advantages of this technology. Blockchain
technology is a revolution in systems of record. The key innovation in
blockchain technology is that it allows its participant to transfer assets
across the Internet without the need for a centralised third party.
The nature of blockchain technology
has got imaginations running wild, because the idea can now be applied to any
need for a trustworthy record. It is also putting the full power of
cryptography in the hands of individuals, stopping digital relationships
from requiring a transaction authority for what are considered ‘pull
transactions’.
Although Bitcoin, the first real
implementation of blockchain, is a decentralized currency and payment system,
the underlying constructs that form the basis of the system does not have to be
limited to payment transactions, accounts, balances or users. Instead,
blockchain technology in Bitcoin is nothing more than transactions secured and
executed by a scripting language using cryptographic methods. This means that
blockchain is a platform with a scripting language that can solve many use
cases other than just cryptocurrencies.
On May 29, 2018, the Telecom
Regulatory Authority of India (“TRAI”) released the draft Telecom Commercial
Communication Customer Preference Regulations, 2018 (“Regulations”), aimed to
curb the problem of unsolicited commercial communication, or spam, for telecom
subscribers. As mentioned in the press release, TRAI has chosen to adopt
Distributed Ledger Technology (“DLT”) as the ‘RegTech’[2]
for the Regulations. As per TRAI, this is the first instance of blockchain
technology being used at such scale in the telecom sector[3].
Introduction
On September 14, 2017, TRAI issued
a consultation paper on Unsolicited Commercial Communication inviting
stakeholders to send in their comments and assist TRAI in improving upon
Telecom Commercial Communication Customer Preference Regulations, 2010. Under
the said 2010 Regulations, TRAI had established a Do Not Disturb registry which
allowed subscribers to register themselves to record their preferences in order
to block calls and messages from telemarketers. This had failed to definitively
curb spam because certain telemarketers had started obtaining subscribers’
consent surreptitiously[4].
The present Regulations aim to address this problem by securing information
cryptographically and making it available only on a need-to-know basis[5].
In order to understand how DLT will operate as the “RegTech” for these
Regulations, it is important to understand how this technology works.
Distributed
Ledger Technology aka Blockchain
A distributed ledger is a type of
database that is shared and updated independently by each participant or node
in a large network[6].
The distributed ledger records transactions among network participants. Changes
to the ledger are made only when network participants agree to do so by
consensus, and every record has a timestamp and unique cryptographic signature
that enables accurate auditing[7].
Blockchain is essentially a kind of
distributed ledger that records transactions in a public or private
peer-to-peer network[8].
Information is added onto the ledger in cryptographic hash-link blocks[9],
with each new block linked to the previous block in a chain.
Thus far, DLT has been used for the
accounting of cryptocurrencies. Its use is now being piloted across sectors and
countries. A google search analysis shows that the interest in the term
blockchain has grown almost 250% between January 2017 and December 2017[10], coinciding
with the peaking value of bitcoin.
TRAI
and DLT
The draft Regulations require
access providers to record the consent and preferences of users on a consent
register and a preference register respectively, using DLT. The user is further
given the option to withdraw consent, if the consent is abused or is no longer
relevant. This is meant to independently and cryptographically secure the
user’s information to enable a consensus based bookkeeping of their consent and
preferences. Consensus is key to lowering the risk of fraudulent transactions,
because it ensures that all transactions are recorded with every participant’s
consent. Thus, for tampering to occur, it must be approved by all the
participants in the network at exactly the same time. This is enabled through
consensus algorithms[11].
Advantages
and Disadvantages of using DLT
Conjecturally, DLT is considered
secure for the following reasons:
- DLT
ensures robustness and transparency of the system since any changes require the
consensus of each participant in the network. Each transaction can be viewed,
albeit cryptographically by each node, keeping the system open. - Decentralization
leads to increased trust in the system since no single participant or group of
participants controls the entire system. Responsibility is devolved onto each
individual participant in the network, meaning that everyone is on an equal
footing. - Existence
of many distributed nodes may allow for efficiency and also reduce the chances
of fraudulent transactions being approved. The transactions are approved by
various nodes, and this distributes the workload. Further, blockchains are open
source ledgers, and it is easy to detect any fraud thereon. Thus, the various
nodes, that approve transactions cryptographically, ensure the integrity of the
system. In the case of TRAI’s customer preference registry, this will make
hacking and adding fraudulent records of consent and preferences much harder. - Changes
made to a ledger are recorded in real time using DLT. In the case of the TRAI’s
customer preference registry, this would mean that the preferences and consent
of the users may be recorded on the ledger in near real time, making the change
effective almost immediately.
Most, if not all of
these advantages however, are associated with public distributed ledgers.
Public distributed ledgers are open, accessible to anyone who wants to join and
do not place any restrictions on membership. Data on a public ledger can be
viewed by all participants, in cryptographic form.
In the case of the draft
Regulations, TRAI has mandated access providers to introduce “private” and
“permissioned”[12]
DLT networks. Here, only the entities participating in a particular transaction
will have knowledge of and access to the network. Private networks allow the
network operator to restrict access and create an environment of known and
trusted parties. On private networks, permission levels may also be tiered such
that different entities and individuals may have varying levels of authority to
transact and view data.
While this proposal does
provide a closed and trusted network of nodes, it poses the following problems:
- The
fundamental intent behind adopting DLT networks is to keep data
cryptographically secure with no centralized point of control. However, in a
private DLT network, the central authority (here, the access provider) acts as
a gatekeeper to the ledger itself, controlling who goes in and out of the
ledger and thus, who mans the ledger nodes. This undermines that very rationale
of adopting DLT in the first place. - In
private and permissioned networks, the authority determines who may run the
blockchain and who will act as a transaction validator. Since such networks are
likely to be composed of a select few users, chosen by the central authority
itself, the idea of consensus is significantly eroded. In the case of the
Regulations in question, there is no mechanism for choosing the third party
service providers. Thus, the authority may plant puppet nodes, that are manned
by yes-men, and approving any transaction will merely require their sanction.
This creates significant scope for misuse. - The
DLT architecture is new to the telecom sector, and stakeholders are not aware
of the technological vulnerabilities that may arise. Even the World Bank has
shied away at giving exact recommendations for its use.
Thus, the proposed DLT networks are not 100% secure. In the light of this, the proposed sandbox is a good way to test the technology’s scalability and viability.
Contributed by – Kulin Dave and Richa Singh
[1] Don & Alex Tapscott, authors Blockchain Revolution (2016)
[2] “RegTech” is the new word and refers to how clever, disruptive,
technology will service the regulatory sector
[3] http://www.trai.gov.in/sites/default/files/PRNo.5829052018.pdf
[4] Supra 3.
[5] Supra 3
[6] https://digitaltokens.io/what-is-a-distributed-ledger-technology-dlt/
[7] https://developer.ibm.com/tutorials/cl-blockchain-basics-intro-bluemix-trs/
[8] https://en.wikipedia.org/wiki/Blockchain
[9] https://blockgeeks.com/guides/what-is-hashing/
[10] https://www.coindesk.com/blockchains-big-year-competitive-job-market-grows-200
[11] Supra 3
[12] Telecom Commercial Communication Customer Preference Regulation, 2018
King Stubb & Kasiva,
Advocates & Attorneys
New Delhi | Mumbai | Bangalore | Chennai | Hyderabad | Kochi
Tel: +91 11 41032969 | Email: info@ksandk.com
By entering the email address you agree to our Privacy Policy.