As per the security regulations prevalent in India, telecom operators were required to maintain the call data and internet usage records for a minimum of one year. Telecom companies may destroy the data stored thereafter if there is no direction from the DoT. Starting this month, they will be required to keep these records for a minimum of 2 years.
These changes to the unified licenses came into effect on 21st December and were extended to other forms of telecom permits on December 22nd.
“The licensee shall maintain all commercial records/call detail record/exchange detail record/IP detail record with record to the communications exchanged on the network. Such records shall be archived for at least two years for scrutiny by the licensor for security reasons…,”the DoT circular said.
As per the DoT notification, call detail records (CDRs), exchange detail records (EDR) and IP detail records (IPDR) of the communications carried out on a network must be preserved. ISPs have to keep the internet telephony as well as IPDR, while only the latter is currently stored. Until this amendment, Clause No.39.20 of the licence agreement between service providers and DoT mandated the preservation of CDRs and IPDRs for at least a year for security reasons, and the DoT might issue directions from time to time. As per protocol, the records will be provided to probe agencies, courts etc., upon specific requests.
A source from telecom service providers told Indian Express that, though the government mandate was 12 months, they keep this data for 18 months. They notify the state before clearing the data of the particular period. If requests were made through proper channels, required data would be kept after the mandated period, and the rest will be wiped off in 45 days. Storing the data for an extended period would not incur additional costs since its size would be very small and would not require much space to store since it is in text format.