TRAI And Distributed Ledger Technology

Blockchain is an incredible invention which has the potential to change the world in the way that it functions now. Blockchain allows information to be used and distributed but not copied. “The blockchain is an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value.”[1]. Cryptocurrencies are just one of the ways in which this technology can be utilized but it has an infinite number of applications in today’s world. It is one of the very few technologies right now which are hacker proof which is one of the very many advantages of this technology. Blockchain technology is a revolution in systems of record. The key innovation in blockchain technology is that it allows its participant to transfer assets across the Internet without the need for a centralised third party.

The nature of blockchain technology has got imaginations running wild, because the idea can now be applied to any need for a trustworthy record. It is also putting the full power of cryptography in the hands of individuals, stopping digital relationships from requiring a transaction authority for what are considered ‘pull transactions’.

Although Bitcoin, the first real implementation of blockchain, is a decentralized currency and payment system, the underlying constructs that form the basis of the system does not have to be limited to payment transactions, accounts, balances or users. Instead, blockchain technology in Bitcoin is nothing more than transactions secured and executed by a scripting language using cryptographic methods. This means that blockchain is a platform with a scripting language that can solve many use cases other than just cryptocurrencies.

On May 29, 2018, the Telecom Regulatory Authority of India (“TRAI”) released the draft Telecom Commercial Communication Customer Preference Regulations, 2018 (“Regulations”), aimed to curb the problem of unsolicited commercial communication, or spam, for telecom subscribers. As mentioned in the press release, TRAI has chosen to adopt Distributed Ledger Technology (“DLT”) as the ‘RegTech’[2] for the Regulations. As per TRAI, this is the first instance of blockchain technology being used at such scale in the telecom sector[3].

Introduction

On September 14, 2017, TRAI issued a consultation paper on Unsolicited Commercial Communication inviting stakeholders to send in their comments and assist TRAI in improving upon Telecom Commercial Communication Customer Preference Regulations, 2010. Under the said 2010 Regulations, TRAI had established a Do Not Disturb registry which allowed subscribers to register themselves to record their preferences in order to block calls and messages from telemarketers. This had failed to definitively curb spam because certain telemarketers had started obtaining subscribers’ consent surreptitiously[4]. The present Regulations aim to address this problem by securing information cryptographically and making it available only on a need-to-know basis[5]. In order to understand how DLT will operate as the “RegTech” for these Regulations, it is important to understand how this technology works.

Distributed Ledger Technology aka Blockchain

A distributed ledger is a type of database that is shared and updated independently by each participant or node in a large network[6]. The distributed ledger records transactions among network participants. Changes to the ledger are made only when network participants agree to do so by consensus, and every record has a timestamp and unique cryptographic signature that enables accurate auditing[7].

Blockchain is essentially a kind of distributed ledger that records transactions in a public or private peer-to-peer network[8]. Information is added onto the ledger in cryptographic hash-link blocks[9], with each new block linked to the previous block in a chain.

Thus far, DLT has been used for the accounting of cryptocurrencies. Its use is now being piloted across sectors and countries. A google search analysis shows that the interest in the term blockchain has grown almost 250% between January 2017 and December 2017[10], coinciding with the peaking value of bitcoin.

TRAI and DLT

The draft Regulations require access providers to record the consent and preferences of users on a consent register and a preference register respectively, using DLT. The user is further given the option to withdraw consent, if the consent is abused or is no longer relevant. This is meant to independently and cryptographically secure the user’s information to enable a consensus based bookkeeping of their consent and preferences. Consensus is key to lowering the risk of fraudulent transactions, because it ensures that all transactions are recorded with every participant’s consent. Thus, for tampering to occur, it must be approved by all the participants in the network at exactly the same time. This is enabled through consensus algorithms[11].

Advantages and Disadvantages of using DLT

Conjecturally, DLT is considered secure for the following reasons:

1. DLT ensures robustness and transparency of the system since any changes require the consensus of each participant in the network. Each transaction can be viewed, albeit cryptographically by each node, keeping the system open.
2. Decentralization leads to increased trust in the system since no single participant or group of participants controls the entire system. Responsibility is devolved onto each individual participant in the network, meaning that everyone is on an equal footing.
3. Existence of many distributed nodes may allow for efficiency and also reduce the chances of fraudulent transactions being approved. The transactions are approved by various nodes, and this distributes the workload. Further, blockchains are open source ledgers, and it is easy to detect any fraud thereon. Thus, the various nodes, that approve transactions cryptographically, ensure the integrity of the system. In the case of TRAI’s customer preference registry, this will make hacking and adding fraudulent records of consent and preferences much harder.
4. Changes made to a ledger are recorded in real time using DLT. In the case of the TRAI’s customer preference registry, this would mean that the preferences and consent of the users may be recorded on the ledger in near real time, making the change effective almost immediately.

Most, if not all of these advantages however, are associated with public distributed ledgers. Public distributed ledgers are open, accessible to anyone who wants to join and do not place any restrictions on membership. Data on a public ledger can be viewed by all participants, in cryptographic form.

In the case of the draft Regulations, TRAI has mandated access providers to introduce “private” and “permissioned”[12] DLT networks. Here, only the entities participating in a particular transaction will have knowledge of and access to the network. Private networks allow the network operator to restrict access and create an environment of known and trusted parties. On private networks, permission levels may also be tiered such that different entities and individuals may have varying levels of authority to transact and view data.

While this proposal does provide a closed and trusted network of nodes, it poses the following problems:

1. The fundamental intent behind adopting DLT networks is to keep data cryptographically secure with no centralized point of control. However, in a private DLT network, the central authority (here, the access provider) acts as a gatekeeper to the ledger itself, controlling who goes in and out of the ledger and thus, who mans the ledger nodes. This undermines that very rationale of adopting DLT in the first place.
2. In private and permissioned networks, the authority determines who may run the blockchain and who will act as a transaction validator. Since such networks are likely to be composed of a select few users, chosen by the central authority itself, the idea of consensus is significantly eroded. In the case of the Regulations in question, there is no mechanism for choosing the third party service providers. Thus, the authority may plant puppet nodes, that are manned by yes-men, and approving any transaction will merely require their sanction. This creates significant scope for misuse.
3. The DLT architecture is new to the telecom sector, and stakeholders are not aware of the technological vulnerabilities that may arise. Even the World Bank has shied away at giving exact recommendations for its use.

Thus, the proposed DLT networks are not 100% secure. In the light of this, the proposed sandbox is a good way to test the technology’s scalability and viability.

Contributed by - Kulin Dave and Richa Singh

[1] Don & Alex Tapscott, authors Blockchain Revolution (2016)

[2] “RegTech” is the new word and refers to how clever, disruptive, technology will service the regulatory sector

[3] http://www.trai.gov.in/sites/default/files/PRNo.5829052018.pdf

[4] Supra 3.

[5] Supra 3

[6] https://digitaltokens.io/what-is-a-distributed-ledger-technology-dlt/

[7] https://developer.ibm.com/tutorials/cl-blockchain-basics-intro-bluemix-trs/

[8] https://en.wikipedia.org/wiki/Blockchain

[9] https://blockgeeks.com/guides/what-is-hashing/

[10] https://www.coindesk.com/blockchains-big-year-competitive-job-market-grows-200

[11] Supra 3

[12] Telecom Commercial Communication Customer Preference Regulation, 2018

King Stubb & Kasiva,
Advocates & Attorneys

Click Here to Get in Touch

New Delhi | Mumbai | Bangalore | Chennai | Hyderabad | Kochi
Tel: +91 11 41032969 | Email: info@ksandk.com