“There is no justification regarding the exceptional reasons or circumstances for the [Telecom Regulatory Authority of India] stepping into the jurisdiction of MeitY,” multiple industry associations wrote to telecom secretary Anshu Prakash on October 9 in a joint letter opposing further regulation of the cloud services industry. MediaNama has viewed and verified the authenticity of the letter.

The Telecom Regulatory Authority of India recommended in September that cloud service companies such as Amazon Web Services, Google Cloud and IBM should be required to join an industry association created by the Department of Telecommunications. Industry associations and cloud companies pushed back, arguing that the recommendations were without precedent and overbearing.

The letter to Prakash was signed by the Cellular Operators Association of India, Nasscom, the Information Technology Industry Council (ITI), the Association of Competitive Telecom Operators, BSA: The Software Alliance, the Asia Cloud Computing Association, and the Asia Internet Coalition. All seven associations either have cloud service providers as members, or telecom operators who work with cloud service providers.

Cloud companies not under DoT remit

The letter, which reiterates arguments cloud providers (CSPs) and their associations have made before, argues that cloud companies don’t fall under the regulatory purview of the Department of Telecommunications. The Allocation of Business Rules of the government of India, which lay out which ministries and departments are tasked with what governance duties, give MEITY regulatory remit over cloud companies, the industry associations argued. “there is no justification regarding the exceptional reasons or circumstances for the regulator stepping into the jurisdiction of MeitY,” the letter argued.

  • CSPs are telcos’ customers, not telcos: “TSPs and CSPs are technologically different from one another. TSP networks are designed to provide telecom services as encapsulated in the License conditions. In contrast, CSPs are not telecom/ internet service providers. They are customers of TSPs/ ISPs who offer cloud services using their infrastructure. It would therefore be inappropriate to regulate them under the telecom laws,” the letter said. TRAI had said in its recommendations that growing convergence between telcos and cloud service providers would make it difficult to distinguish between them.
  • Other Service Providers not a good precedent: The letter argued that TRAI shouldn’t use regulations for Other Service Providers (companies like call centres who are subject to unusually strict DoT regulations) as a precedent to regulate cloud providers. “OSP regulations of the [DoT] have themselves been subject to criticism for having a vague definition of ‘application services’. Many stakeholders have sought the removal of the registration regime for OSPs. As OSPs, Information Technology Enabled Services (ITES)/ Business Process Management (BPM) industry is faced with onerous regulation which has led both TRAI and the DOT to examine the regime for simplification.” (citation added by us)
  • Forcing membership is not “light touch”: Citing the National Digital Communications Policy, 2018, which recommends light touch regulation for cloud providers, the letter argues that requiring membership in an organisation steered by government officials that would set a code of conduct for the cloud companies did not constitute “light touch” regulation. “This potentially will be detrimental to attracting investment in this important industry sector as also undermine the Governments policy for facilitating policies for enabling Ease of Doing Business,” the letter argued.
  • Laws already exist to govern CSPs: The letter also countered TRAI’s stand that “CSPs are not sufficiently regulated under existing
    laws”. The associations argued that “There are host of existing laws that apply to [CSPs], such as the Information Technology Act, 2000 (including its various rules), the Indian Contract Act, 1872, the Consumer Protection Act, 2019 and the proposed Personal Data Protection Bill, 2019.” (The laws cited either precede the cloud industry as we know it today, or haven’t been passed yet.) The PDP bill, the letter argued, would address “issues highlighted in the recommendations, such as grievance redressal, portability/
    interoperability, billing-related issues and quality of service.”

Read the letter here.

Also read