Connect with us


New-age technology to augur new-age regulations for the telecom industry in 2025

In July 2023, the Telecom Regulatory Authority of India (TRAI) issued a set of recommendations on Leveraging Artificial Intelligence and Big Data in Telecommunication Sector in India. The recommendations – based on significant consultation held by TRAI in previous years – were issued in recognition of the growing interest in stakeholders, to harness emerging technologies, such as artificial intelligence (AI) as well as Big Data (as required to train and deploy AI) for facilitating technological advancement in telecom services.

The active interest in development and use of new technology amongst Indian telcos – as demonstrable in the stakeholder consultations leading up to TRAI’s 2023 recommendations – has played a key part in driving innovation and transforming the conventions in the telecom industry in recent years. The focus on provision of software/internet-based communication solutions, in particular, has expanded the interplay between telecom and other industries (including IT and healthcare), dependent on the infrastructure and services offered by telcos. With rapid commercial deployment of 5G technology in 2024 and the (ongoing) bid to bring about a revolutionary 6G framework by 2030, the line between telecom and adjacent technological industries promises to further expand (and perhaps blur) in the coming year(s).

However, recent developments attest to the intent of the Indian government to regulate deployment of the key emerging technologies proposed to be leveraged by the telecom industry over the coming year, as elaborated below.

Notably, in its 2023 recommendations, TRAI had touched on several ethical considerations for suitable adoption of emerging technologies and highlighted the requirement for a proposed regulatory framework to govern use of both – AI and Big Data – in the telecom industry.

Digital Personal Data Protection Act, 2023
In the wake of TRAI’s recommendations, the Indian government notified (as of August 11, 2023) the Digital Personal Data Protection Act, 2023 (DPDPA), India’s first comprehensive data privacy legislation.

The DPDPA governs the processing of digital personal data of Indian individuals (data principals). It prescribes a unique set of compliances for data fiduciaries, i.e., entities which determine the process and means of processing of data – including in relation to data processors, which may be engaged by the data fiduciary to process digital personal data on its behalf. Interestingly, the DPDPA grants the Indian government the power to designate any data fiduciary (or class of data fiduciaries) as significant data fiduciaries, inter-alia, based upon volume and sensitivity of the data processed.

The telecom industry processes enormous amount of consumer data in India on a day-to-day basis. Telecom operators, as primary custodians of consumer data, qualify as data fiduciaries under the DPDPA (and possibly could be designated as significant data fiduciaries as well). Such entities are directly obligated to observe compliance under the DPDPA (once enforced) – and further obligated to ensure equivalent compliance at the end of any service provider engaged by them to process data (in the capacity of data processor).

Further, depending on the arrangement between telecom groups or entities, it can be possible for such entities to dually act (and statutorily qualify) as both the data fiduciaries and the data processors. In this respect, it is worthwhile to note that the DPDPA does not directly prescribe compliance for data processors. However, it is speculated that such compliance may be introduced under the forthcoming rules (to be notified under the DPDPA). While the rules are not yet in public domain, per media reports, these are anticipated to be released soon (in July 2024). The projected timeline for compliance with the legislation is expected to be formally announced by the government soon thereafter. Notably, government officials have previously stated that the timeline for compliance shall approximately be six months.

Telecommunications Act, 2023
The Telecommunications Act, 2023 (Telecom Act) aims to overhaul the existing laws and regulations in the telecom sector (once fully enforced) and to govern a broader scope of telecommunication services (as defined therein) – which (arguably) may also include non-traditional internet-based communication services. The Telecom Act prescribes an enhanced set of obligations for telecom entities, including certain requirements to safeguard and secure customer communications and to ensure the privacy of consumer information (which intersects with the DPDPA).

Several provisions of the TA – including provisions governing the aspects mentioned above – have come in effect from June 26, 2024. It is worthwhile to note that the TA also allots the Indian government the power to frame cyber security rules for telecommunication services (which may also be forthcoming).

Digital India Act
Taking cognizance of the rising availability of internet access to Indian consumers (particularly as a result of Jio’s 4G data rollout in 2016), the Indian government has previously endorsed the requirement to bring about new legislation – in keeping with modern day requirements – to suitably ensure the Indian internet is open, safe, and accountable. Towards this objective, the proposal for the Digital India Act (DIA) was introduced by the government in 2023. The DIA is intended to replace the existing Information Technology Act, 2000 (and rules framed thereunder). Among the aspects to be addressed under the DIA are safeguards for key emerging technologies (including AI/ML, Web 3.0, IoT/distributed ledger/blockchain, etc.). While the DIA is not yet in the public domain, it has been widely reported that the government intends to release the draft of the legislation for following after the conclusion of general elections in 2024.

In summary, the current year is likely to see the introduction of several key laws, which will dictate the deployment of emerging technologies within the telecom industry in future. The culmination of such laws on the industry would be felt strongly over the coming year (during which the implementation of the Telecom Act and the DPDPA will presumably be concluded, along-with public consultation on the DIA).

Given that telcos will be subject to observe compliance under both the DPDPA (as data fiduciaries and/or processors) and the DIA (in the capacity of online service providers /intermediaries) along with the Telecom Act (once aforementioned statutes are fully enforced) – it can be said that the coming year will require the telecom industry to strike a careful balance between the requirement for technological innovation and safeguarding of public interests (particularly concerning data privacy and security). In the meantime, it would serve telecom entities to act as a driving force in the development of the proposed framework of the DIA (inter-alia by engaging in stakeholder consultation) over the coming year – so as to bring about a pertinent and sustainable framework for the future.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

error: Content is protected !!