Pakistan Telecommunication Authority (PTA) has directed all of the four cellular mobile operators (CMOs) operating in Pakistan to implement ‘Do Not Call Register (DNCR)’ in letter and spirit as provided in the Protection from Spam, Unsolicited, Fraudulent, and Obnoxious Communication Regulations, 2009.
A PTA panel, headed by Chairman PTA, Maj Gen. (R) Amir Azeem Bajwa, held a hearing into the issue of “Spamming, Unsolicited and Fraudulent Communication”.
The Authority noted that Jazz, Ufone, Telenor, and Zong did not come up with satisfactory replies. It warned them of legal action in case they repeat the same.
The CMOs have been directed to take all preventive measures with regard to non-disseminating messages through alphanumeric sender ID contrary to the applicable regulatory regime, messages to non-opt in subscribers, non-PTA’s approved content, and through non-PTA’s approved shortcode.
The licensees are required to comply with the provisions of prevailing regulatory laws comprising the Act, the Pakistan Telecommunication Rules, 2000 (the “Rules”), the Pakistan Telecommunication Authority (Functions & Powers) Regulations, 2006, the Numbering Allocation & Administration Regulations, 2018 (the “NAAR Regulations”), and the Protection from Spam, Unsolicited, Fraudulent & Obnoxious Communication Regulations 2009 (the “SPAM Regulations”) as amended from time to time and as per the terms and conditions of the license.
In accordance with license condition No. 7.8.1, the licensee is under obligation to take all reasonable steps to track and locate and prevent the source of harassing, unsolicited, offensive, fraudulent or unlawful communication. Moreover, under license condition No. 7.8.2, the licensee shall, on the directions of the PTA, terminate or suspend service to any customer that is the source of harassing, offensive, or illegal communication.
For transmission of any information through numbers allocated assigned under the NAAR Regulations, the licensee under sub-regulation (4) of regulation 14 of the NAAR Regulations is not allowed to translate, alter or delete the telephone number or other identification associated with its subscribers. Whereas, sub-regulation (5) of regulation 14 of the NAAR Regulations further provides that the licensee shall not translate, alter or delete the signaling or other data associated with all calls routed through its network.
As per sub-regulation (6) of regulation 14 of the NAAR Regulations, each party shall program the number series in their switches in accordance with the number series allocated by the Authority and National Numbering Plan issued by the Authority and shall comply with the numbering provisions. Furthermore, sub-regulation (7) of regulation 14 of the NAAR Regulations provides that the parties shall ensure that sufficient and correct numbering information is sent from one network to the other for the correct delivery of domestic and international calls.
Sub-regulation (8) of regulation 14 of the NAAR Regulations provides that the parties shall convey to each other, telephone numbers in the national and international formats as contained in National Numbering Plan issued by the Authority. Sub-regulation (9) of regulation 14 of the NAAR Regulations provides that the Parties shall adopt and comply with the numbering system and number format as specified in Authority’s National Numbering Plan and framework and guidelines on the usage, allocation, and assignment of numbers.
The matter pertaining to the protection of consumer interests has been provided in various regulations. For taking preventive measures as to avoid transmission of the voice or data through networks, the licensee under clause I of Annexure “A” of regulation 4 of SPAM Regulations required to develop an intelligent and robust anti-spam solution at each Operator’s end being regularly updated to cater for the changing spam content.
Further, clause I of Annexure “C” of regulation 10 of SPAM Regulations provides that lists of abusers should be maintained at each operator. Grey and Black lists should be prepared by each operator and submitted to the Authority as and when required by the Authority. A user should be placed in an appropriate category on the basis of its past record. A Grey list entry should have access to limited services as compared to a White list entry (meaning a list of all subscribers with a clear record and one that has full access to all permissible services) whereas connectivity for a Black list entry may be limited to receive only and making an emergency call.
In order to ensure compliance and enforcement of license conditions, the Authority time and again issued directions to the licensees for compliance. It also directed the licensees to discontinue the dissemination of:
- messages through alphanumeric sender ID,
- messages to non-opt-in subscribers,
- non-PTA’s approved content; and
- messages through non-PTA’s approved shortcode with immediate effect.
However, it has been noticed that despite clear directions, the licensees have miserably failed to comply with the same.
As a consequence of non-compliance on the part of the licensees, show-cause notices were issued. The licensees were required to resolve the contravention by discontinuing the discontinuation of dissemination of:
- messages through alphanumeric sender ID,
- messages to non-opt-in subscribers,
- non-PTA approved content and
- messages through non-PTA’s approved shortcode as well as provision of comments on the consultation paper
It is pertinent to mention here that the licensees had requested to withdraw directions on the ground that PTA had issued a consultation paper on October 31, 2019. They were of the view that they complied with all regulatory directions as and when issued by PTA like anti-spam filters, DNCR, blocking of numbers upon complaints of the customer from PTA, and blocking of number by dialing shortcode 420.
They said customers were given a shortcode, i.e., 9000 to control unsolicited communications and they were also given the facility of shortcode 3627. They underlined that immediate discontinuation of dissemination of messages through alphanumeric sender ID would result in severe disruption of important messages that were sent to a user base of millions. The current numbering regulations neither recognized the concept of alphanumeric numbering/ID nor empowered PTA to approve the same. The current regime, they opined, was sufficient to cater to the existing requirements of subscribers and further delineate the limitations and impracticality in implementing the proposed measures.
After careful examination of the record and hearing the parties in detail, findings of the Authority were as under:
Considering the nature of the case and allegations in the show-cause notices, findings of the Authority on contravention is given below:
- Messages through alphanumeric sender ID
At the very outset, it is clarified that an alphanumeric regime for any commercial activity is not allowed.
Considering the nature of the case with regard to receipt of unsolicited, obnoxious, or spam messages including messages through alphanumeric ID is a prime issue to take such steps in curbing this menace. The Authority has not issued any approval or regulations which allow licensees or any person to disseminate any communication messages through alphanumeric IDs.
The Authority is of the view that the licensees have also failed to adhere to meet the regulatory compliances in terms of the requirements provided in NAAR Regulations which prohibits the dissemination of messages through altering, modifying, and translating numbering as alphanumeric. Clause (b) of sub-regulation (l) of regulation 14 of NAAR Regulations further provides that the allocation shall be used for specified purposes in the manner as approved by the Authority.
- Messages to non-opt-in subscribers, non-approved contents, and non-approval of shortcodes
The current regulatory regime for the dissemination of messages is based upon the basis of “opt-in” and for “closed user groups”. No one is allowed to disseminate any messages to anyone without their explicit consent. It is imperative to point out that the licensee is under obligation to apply for shortcodes for various services.
All approval of shortcodes clearly spells out the mandatory requirement of “opt-in” and for “closed users group”. All categories of Application to Person (A2P) messages either “Push SMS” or “Pull SMS” are not allowed to be disseminated terminated without the consent of the subscribers.
In addition, the concept of DNCR was introduced in 2009. However, while examining the issue at hand, it has also been observed that the DNCR has not yet been implemented in true letter and spirit. Despite the promulgation of Spam Regulation in 2009, no concrete development with regard to the implementation of DNCR has so far been found effective.
Increasing trends of complaints and excessive dissemination of unsolicited obnoxious and spamming messages, through consultation paper, suggested the regime of Do-SMS-Register which is a list of opt-in subscribers.