Cloud service companies like Amazon Web Services, Google Cloud, Microsoft and IBM don’t want to have to register in an industry organisation created by the Department of Telecommunications, the Economic Times reported. TRAI had recommended to the DoT on September 14 that to regulate cloud service providers, there should be an industry body that works in tandem with the DoT and TRAI. Telecom operators, too, have opposed this move.
Why cloud companies oppose regulation
We reached out to the cloud companies that would be affected by these regulations for comment, but none have responded; Microsoft and Google declined to comment, while Amazon, VMware and IBM hadn’t responded at the time of publishing. However, their responses to the TRAI consultation that led to these recommendations — mostly through industry associations — offer some insight into why they oppose being required to join an industry organisation created by the DoT. Except Tata Teleservices, VMware and the Mumbai-based cloud-based payments company PayMate, cloud companies have generally opposed any additional regulation on their industry.
- Amazon Web Services: “[Cloud Service Providers] are already subject to various existing Indian laws and should not be governed by the TRAI or the DoT,” Amazon Web Services had said in its filing. AWS argued that neither TRAI nor DoT had jurisdiction over CSPs, as “Cloud computing is provided using the infrastructure of the telecom licensees as an information technology service, [but] it is an IT related service, and consequently, governance of CSPs in any form falls squarely within the jurisdiction of [the Ministry of Electronics and Information Technology].” AWS added that it is already regulated by several laws.
- Asia Internet Coalition: The AIC (which has Google and Amazon as members) additionally argued that cloud services are provided via telecom networks that are already regulated. “Customers use network connectivity provided exclusively by TSPs for accessing CSPs’ cloud services, while CSPs use telecom infrastructure for connecting their data centres. TSPs and the telecom services they provide are already heavily regulated.” As such, AIC added, “CSPs need not be licensed/regulated separately.”
- NASSCOM: NASSCOM, which counts AWS, Google, Microsoft, and IBM amongst its members, said, “This [proposal] only creates regulatory duplication which increases the burden for both the regulators and the CSPs and affects the ease of doing business.” The association reasoned that CSPs were already covered by laws like the IT Act and the Consumer Protection Act, 2019. It added that they would also be subject to the Personal Data Protection Bill, 2019, once it becomes law. Ashish Aggarwal, head of public policy at NASSCOM, told MediaNama that regulating an industry that is still evolving was “out of place”, especially when problems had not surfaced yet.
- Asia Cloud Computing Association: ACCA, which has similar membership to the above bodies, said that any regulation of CSPs should be based on “necessary and justified high-level regulatory requirements”, and added that for issues of standardisation of technology, regulation was not required: “While there may be certain issues where it might be appropriate for DoT/TRAI to impose such requirements, generally industry standardization organizations are industry led groups that are not under the control of, or excessively influenced by, government authorities,” ACCA said.
Telco body in opposition too
Telecom operators, who are both a medium to access cloud services and a buyer of cloud solutions, oppose the proposal too. In a statement to MediaNama, the Cellular Operators Association of India’s Director General Lt Gen. (Dr) S.P. Kochhar said, “To promote the continued growth of the nascent cloud services industry in India, we believe that it should be subjected to a ‘light touch’ regulatory approach.”
“A registered industry body, as proposed by TRAI, if adopted as a policy by the DoT, will negatively impact the growth of cloud services industry instead of promoting a ‘self-regulatory’ approach developed by industry members themselves. This potentially will be detrimental to attracting investment in this important industry sector as also undermine the Governments policy for facilitating policies for enabling Ease of Doing Business,” he added. Jio doesn’t seem to be on the same page as the COAI here, and recommended that cloud service providers should be required to be a part of at least one industry association.