Gaps in telecom draft

Pavan Duggal

Cyber Law Expert

The Department of Telecommunications (DoT) has released the Draft Indian Telecommunication Bill, 2022, aimed at reforming the telecom regulatory infrastructure and addressing the shortcomings. It is a step forward in terms of updating the legal framework concerning telecommunication. However, there are some areas in which the proposed legislation has not put enough emphasis.

India doesn’t have a dedicated law on cyber security. Hence, it becomes even more essential to address the issues concerning cyber security in the telecom sector.

Telecommunication is playing an important role in accessing the Internet and cyberspace. None of the elements concerning the cyber ecosystem with reference to telecommunication have been effectively addressed. The Bill has been drafted keeping in mind the existence of telecommunications as a siloed island. However, that can’t happen as telecommunication is being directly impacted by newly emerging technologies like Artificial Intelligence (AI), the Internet of Things and Blockchains.

The Bill does not have appropriate provisions to factor in the impact of the newly emerging technologies and their relevance in the context of telecommunication. As India moves towards a converged telecom ecosystem, and as there is an increasing reliance on AI, the proposed law also needs to have futuristic, broad, generic provisions so that it can be relevant to the advent of new technologies.

Telecommunication as critical information infrastructure is an important element of Indian cyber sovereignty, but this area has not been given the appropriate attention. Given the repeated attacks on telecommunication networks, and the absence of dedicated legal provisions on Indian cyber sovereignty, it can be a good opportunity for specifying parameters to ensure the protection of Indian security, sovereignty and integrity in the context of telecommunications, and also for the preservation of cyber sovereignty.

The draft Bill has no provisions on cyber security of either telecommunications or related infrastructure. This assumes more significance given the fact that India does not have a dedicated law on cyber security. Hence, it becomes even more essential to address issues concerning cyber security in telecommunications.

No parameters have been stipulated for protection and preservation of security of telecommunication, its infrastructure, network and services. The liability of service providers in the context of breaches of cyber security has not been specifically addressed.

The relationship of telecommunications with national security is critical but more provisions are needed on how national security can be protected in the context of the telecommunication ecosystem.

Another major area of concern is that the proposed Bill has been given the status of special law and it supersedes anything inconsistent therewith contained in any other law in force. It could be in direct conflict with India’s mother legislation on electronic format being the Information Technology Act, 2000, and therefore, it is essential that before the proposed law gets finalised, efforts must be made to ensure that there is no such conflict.

Also, issues concerning due diligence in telecommunications have not been appropriately defined under the law.

On the protection of users by stipulating preparation and maintenance of ‘Do Not Disturb’ register, there are no adequate parameters stipulated for an effective implementation of the register. This assumes more significance, given the failure of the earlier ‘Do Not Call’ registry. Ticklish issues pertaining to the protection of users in the telecom ecosystem have not been appropriately addressed.

While the duty of users not to furnish false information while establishing identity for availing telecom services has been stipulated, the same has to be seen in the context of the offences under the IT Act and the IPC.

How to deal with the massive targeting of telecommunication infrastructure by state and non-state actors is one area that has not been appropriately kept in mind while drafting the Bill.

The majority of the offences, as stipulated in the proposed Bill, are bailable. By providing for compounding of offences, the focus is not on deterrence but on compounding.

While civil liability has been prescribed under Section 38, there is no clarity how the Centre has to prescribe the procedural aspects pertaining to the grant of civil liabilities, including what particular manner is to be followed and what are the legal processes that have to be followed. These need to be stipulated in the proposed legislation, rather than the secondary legislation in the form of rule-making power of the Centre.

There is a need to address the various concerns of the stakeholders, both public and private, in the telecommunication ecosystem in order to enable the legislation to be more effective, relevant and topical.

Though the provision on appeal has been stipulated under Section 10, the particulars of the appellate authority have not been stipulated. Also, users have been deprived of their basic rights to seek damages by way of compensation against errant stakeholders for injury caused to the interest of users.

The entire issue of consumer protection in the context of telecommunication has not been appropriately addressed. This assumes more significance as the existing consumer protection law does not provide effective remedies to users as stakeholders in the telecommunication ecosystem.

All said and done, the draft Bill represents an important step forward. However, there is a need for tweaking and addressing important issues that can enable us to make the law more robust in the coming times.