Information technology and telecom firms have raised concerns over the recent recommendations given by the Telecom Regulatory Authority of India proposing that the government set up an industry body to regulate cloud service providers (CSPs). Around seven industry associations, including Nasscom, COAI, ITI and BSA, have written to the department of telecommunications (DoT) to consider their concerns before framing any policy for regulation of the CSPs by Trai.
The associations have said the proposal of creating an additional regulatory regime will be detrimental to attracting investment in the sector.
It has been highlighted that CSPs can’t be treated as part of the telecom sector as both are technologically different and when it comes to regulations, the ministry of electronics and IT (Meity) has already framed criteria for empanelment of CSPs for government purposes. Major CSPs in India are Amazon Web Services, Microsoft Azure, VMware, Google compute engine, Netmagic, Red Hat, Salesforce, Zoho, etc.
The Trai had in September recommended that DoT should initiate setting up of an industry-led body for CSPs that will regulate the sector. But the industry feels that the proposed industry framework is very far removed from the idea of a ‘light touch regulation’ or ‘self-regulation’. “…the most ambivalent and thereby problematic argument given in the recommendations under reference is how a registered industry body strikes the potentially appropriate balance between the extremes of having a statutory regulation and a completely free market driven mechanism,” the letter by the associations said, a copy of which has been seen by Financial Express.
It further said there are many features of the framework which show how it imposes a strict regulatory regime on CSPs. For instance, mandatory membership requirement, which will be enforced by preventing telecom service providers from providing any infrastructure or platform to non-members. Another feature is about appointing government officials as members of the ad-hoc body, which will frame code of conduct to be followed by CSPs. “All these requirements are antithetical to a light touch or self-regulatory approach,” the letter added.
Trai had cited the example of Telecommunications Standards Development Society of India (TSDSI) as an industry body formed by DoT and recommended the same for CSPs. However, the letter said TSDSI is a voluntary membership-driven organisation and no stakeholder is compulsorily required to become its member. “Moreover, the purpose, scope, mandate and working of TSDSI is entirely different from the kind of an industry body proposed in the recommendations,” it added.
It must be mentioned that Trai had issued a consultation paper on October 23, 2019, seeking comments from stakeholders regarding registration of an industry body for CSPs and what should be the terms and conditions for the same.
The consultation paper was issued after DoT sought recommendations for the same from Trai. Earlier, DoT in December 2012 had sought Trai recommendations on broad aspects of cloud computing. The regulator gave the proposals in August 2017 which included legal and regulatory framework for cloud services.
The associations have also highlighted there are existing laws that apply to CSPs, such as the Information Technology Act, 2000 (including its various rules), the Indian Contract Act 1872, the Consumer Protection Act, 2019 and the proposed Personal Data Protection Bill, (PDPB) 2019. “The PDPB 2019 will further strengthen the regulation on data processors which would apply to the CSPs. In sum, the applicable laws cover various issues highlighted in the recommendations, such as grievance redressal, portability/interoperability, billing-related issues and quality of service,” the letter said.
Help us to become independent in PANDEMIC COVID-19. Contribute to diligent Authors.