Why Modi government's proposed telecom cybersecurity rules are facing backlash
What's the story
India's leading digital and technology industry groups have strongly opposed the Indian government's proposed Telecom Cybersecurity rules. The stakeholders have called for a review of the proposed regulations by the Department of Telecommunications (DoT), saying they go beyond regulatory boundaries, impose heavy compliance burdens, and threaten user privacy. The Internet and Mobile Association of India (IAMAI), NASSCOM, Broadband India Forum (BIF), and CUTS International have all submitted detailed objections to these draft rules.
Concerns
Regulatory overreach and disruption fears
The industry bodies have argued that the proposed rules exceed the desired scope of the Telecom Act and blur lines between telecom and digital services regulation. They fear these rules could disrupt core digital business operations across sectors. A major point of contention is the debut of a new category of regulated entities called Telecommunication Identifier User Entities (TIUEs). It would include any business or platform using telecom identifiers such as mobile numbers for services or user authentication.
Industry backlash
Legal authority questioned
The broad definition of TIUEs has been criticized as regulatory overreach. IAMAI argued that the telecom regulator has no legal authority to regulate platforms that don't provide telecom services or infrastructure. NASSCOM added that many digital platforms falling under these new rules, rely on mobile numbers for essential services such as user onboarding and notifications, which could destabilize services used by millions.
Financial impact
Economic impact of MNV framework
The proposed Mobile Number Validation (MNV) framework has raised concerns over its pricing model. It requires digital services to validate the user mobile numbers through a centralized platform at a per-query cost of ₹1.5-3. IAMAI noted this was 30-60 times more than the current cost of OTP-based verification. For platforms processing millions of transactions/authentications monthly, especially start-ups and MSMEs, this could be economically unsustainable.
Doubts
Privacy concerns and potential loopholes
Several stakeholders have also questioned the effectiveness of the proposed cybersecurity measures in curbing telecom-related fraud. CUTS argued that fraudsters may still bypass MNV checks through SIM swapping or using any stolen credentials paired with valid telecom identifiers. Privacy concerns have also been raised as the draft rules give the government broad access to "data related to telecommunication identifiers" held by TIUEs, without clearly defining limits or safeguards.