BIF Flags Issues with Draft Telecom Cybersecurity Rules
The Broadband India Forum (BIF) has raised strong objections to the government’s proposed changes in the Draft Telecom Cybersecurity Amendment Rules. The group has urged officials to reconsider several parts of the draft to protect innovation, user privacy, and ease of business in the digital space.
Overreach of Cyber Rules, Says BIF
BIF agrees with the aim of improving cybersecurity. BIF says that some parts of the draft exceed the original intent of the Telecommunication Act, 2023. The proposed changes could create confusion, increase compliance costs, and slow down digital growth.
Concerns Over Definition of TIUEs
One of the biggest concerns raised by BIF is the new term: Telecom Identifier Using Entities (TIUEs). This could include almost any digital platform—banks, online shops, gaming apps, fintech companies, and even physical stores giving digital receipts.
BIF argues that the government never meant to include these platforms under telecom laws. It also cites earlier statements by the Union Minister of Communications, who confirmed that the Telecom Act does not cover OTT platforms.
Network Responsibilities Should Not Fall on Non-Telecom Firms
BIF also said that TIUEs do not manage telecom networks or issue identifiers like mobile numbers. BIF believes regulators should not hold these entities responsible for network-level cybersecurity tasks meant for licensed telecom operators.
Duplicate Compliance and Legal Conflicts
The Forum warns that the draft rules duplicate existing laws under the IT Act and guidelines issued by RBI, SEBI, and IRDAI. This may cause overlapping rules, which would confuse companies and increase their compliance burden.
Privacy Risks in Proposed Mobile Number Verification (MNV) System
BIF raised serious privacy concerns about the Mobile Number Verification (MNV) platform proposed in the draft. BIF says the draft provides no clear guidelines about how the platform will operate, what data it will collect, or how it will protect that data.
The group warned that this system could lead to misuse of personal data and damage public trust. It also reminded the government of the Supreme Court’s judgment in the Puttaswamy case, which set strong privacy principles.
Device Makers May Face Unnecessary Burdens
The Forum also criticised new IMEI verification rules for mobile device makers. BIF believes these requirements could interfere with current systems, hurt supply chains, and scare off future investment.
BIF Suggests Changes to Make Rules More Balanced
To avoid problems, BIF made several key suggestions:
- Remove the TIUE definition and related rules
- Postpone the MNV system until there is legal clarity and data protection
- Drop extra rules for hardware makers that may slow down manufacturing and trade
Call for Stakeholder Consultations
Finally, BIF asked the government to work with industry groups before making any final decisions. It said future rules should follow India’s broader laws, protect user privacy, and support innovation and business efficiency in the telecom sector.
Also Read: NSE Settles Data Disclosure Case with SEBI for ₹40 Crore
