TRAI Chairman RS Sharma has said that minimal data should be collected by apps just as UIDAI does to give 12-digit Aadhaar Identification to people.
Many apps are collecting more-than-required data are the users are unaware of what happens after that, he said.
"For Aadhar enrollment, we collect just four set of data - your name, date of birth and your communication address. Nothing more, nothing less. Similarly every app must collect as much data as is required," Sharma told a leading media house in an interview on Tuesday.
"Data minimisation should be one of the principles just as Unique Identification Authority of India (UIDAI) adopts to collect data of people," he said.
TRAI had noted that the existing algorithm of data protection for consumers is ‘not sufficient’ and that all companies in the digital ecosystem which uses personal data should be brought under a data protection framework.
Asked whether the DoT has powers to create rules proposed by TRAI, Sharma said it is for the government to decide.
Sharma said there is an imbalance as these entities are not following any law and till the government comes up with a safer framework.
"There are different rules for different sectors. For example in telecoms, the maximum encryption is proposed to be 40 bits. UIDAI has highest level of encryption where it is 2048 bits. So, what we are saying is that probably there is a need to have a general policy on encryption and we are not saying that we should apply same encryption standard," he said.