The Telecom Regulatory Authority of India (TRAI) had published a consultation paper on 12 November 2018 for the creation of a regulatory framework for over-the-top (OTT) communication services. OTT services are those services which are used or delivered over the Internet. Basically, if you need Internet for something, then it is an over-the-top service. On 07 January 2019, we submitted our comments to TRAI. On 21 January 2019, we submitted our counter comments. Our counter comments are available below.
These counter-comments may be viewed as our submission against similar recommendations made by others that have not been named in this document. Our counter comments have been written according to separate issues raised in the comments received by TRAI:
Broadcasting services: Dish TV1, GTPL Hathway2, Multicast Communication and Distribution Limited3 and a few others have recommended that broadcasting services should be brought within the realm of same-service same-rules. The present paper deals with OTT communication services. OTT broadcasting services are required to comply with the same laws in India as any other service that operates over the Internet. They must, for example, comply with the Information Technology Act, 2000 and the Rules made thereunder. Any recommendation under the present paper must not relate to broadcasting services as such services do not provide any form of intentional bi-directional targeted communication between pre-selected parties.
Compliance with TRAI Act: Bharti Airtel4 has suggested that OTT services should comply with the TRAI Act and directions issued thereunder. As stated in our original comments, regulation of OTT services does not lie within TRAI’s domain and powers.
Data localization: Some comments submitted to TRAI have asked for data localization in one form or another. Data localization would only result in fragmentation of the Internet affecting innovation and business. Foreign start-ups would not be able to provide their services in India and Indian start-ups would face the same issue in other countries that follow India in implementing such a requirement.
Decryption of data: Reliance Jio5 has recommended that OTT services should give full data access including decryption keys to law enforcement agencies. PayTM6 has stated their belief that Indian authorities must have absolute and unrestricted access to Indian data. In certain situations, owing to technical realities, it is not possible for an OTT service to provide the keys to law enforcement agencies as they themselves might not have access to the keys. Additionally, India already has lawful access to data and decryption requirements under the Information Technology Act, 2000. Extending this to all data would be a violation of the Right to Privacy, as held by the nine-judge bench in Justice K.S. Puttaswamy (Retd) & Anr. v. Union of India & Ors.7
Lawful interception: Bharti Airtel has stated their belief that OTT service providers should be responsible for establishing technical infrastructure required in India for lawful interception. Any such requirement would gravely harm the economy of our country. Use of OTT services is based on trust. Without such a trust, OTT services cannot be relied upon for secure transmission of sensitive information such as the communication between a doctor and her patient, between a lawyer and her client, and financial transactions that occur over OTT services. Our economy is heading towards a digital future. Without the proper security measures in place, the entire infrastructure will be vulnerable to interception and attacks from bad actors and foreign states.
Registration in India: GTPL Hathway has recommended that all OTT apps desirous of providing their services in India and all operating systems (Android, iOS, Windows, etc.) should be mandatorily registered in India and should be easily accessible by the government. Operating systems and apps come in varied forms, and with various tweaks and updates for various devices. Keeping track of all operating systems and apps would be a futile exercise, especially as open source apps and operating systems can be modified and re-deployed by anyone. Their mandatory registration in India would slow down innovation and thereby harm the economy of our country. Security updates would be provided faster to other parts of the world, while every device in India would be known to be vulnerable to security threats. Mandatory requirements for backdoors, as advocated in this recommendation by GTPL Hathway, would break trust of the international community in any service that is available in India. The central database of vulnerabilities would be a honeypot that every known and unknown, state and non-state actor in the InfoSec field would want to get their hands on.
Revenue for TSPs from OTT services: J. Sagar Associates8 has recommended that TSPs should derive some sort of benefit from OTT services that use their networks, by charging money for different elements of OTT services (voice, text) that use their networks. Confederation of Indian Industry9 recommended allowing TSPs to offer OTT packs. Such revenue models have already been dealt with by TRAI under earlier Net Neutrality consultations. Any such revenue model would run afoul of Net Neutrality principles that have been established in India.
Subscriber verification: Bharti Airtel asks for subscriber verification in the form of a KYC by OTT communication services and asks for them to be responsible for collecting and storing authentic identification of all users. This ignores the fact that not all communication services fill the same gap. Different services cater to different needs in the market. Some services provide anonymous communication between their users. Other services allow any user to change their name to any arbitrary text at any time. Such platforms do not rely on a real identity of a user. In fact, the purpose of such apps is often to allow users to communicate without revealing their real identity to others. Any form of subscriber verification / de-duplication would be against the entire purpose of such services. There is no need for each communication service to have the real identification information of each user. An IP address can sufficiently be used to trace the origin of a message or transmission. Requiring each OTT service to maintain identifying information would pose as a huge security and privacy nightmare in a world where we are constantly facing endless data privacy violations and breaches, and where users consistently find themselves under-equipped to protect themselves.
Substitutability: Bharti Airtel has written in its comments that substitutability of services should be treated as the primary criterion for comparison of regulatory and licensing framework between TSPs and OTT service providers. The justification provided by Bharti Airtel is that historically only TSPs provided voice/video calling and messaging services, and that for end consumers, any voice/video call or message exchange done via the TSP’s network or through an OTT application serves the same purpose. However, as we explained in our comments, TSPs get their ability to provide these services through the use of a limited natural resource, i.e. through their use of the telecom spectrum. Since this is a natural resource, there is limited competition for TSPs as the use of the spectrum is limited by laws of physics. OTT services are limited by the availability of Internet, bandwidth and latency. Modern technologies such as 4G and 5G provide for the transmission of calls and text over TSP networks to take place over the Internet. While bandwidth and latency affect calls and messages over TSP networks, calls and text messages sent through the networks of TSPs are prioritized over other data packets. This, along with limited competition, are advantages that TSPs have over OTT services. Calls and messaging over a TSP network are always available to a user, while calls and messaging over OTT services are only available when a user has an Internet connection. Additionally, OTT services provide a richer experience that is absent in TSP services, such as sending documents. Most TSPs now have tariff plans that offer unlimited voice calls and text messages. Therefore, this is a moot point. TSPs do not suffer from any competition from OTT services. The primary service provided by a TSP now is access to the Internet. This is a sphere that OTT services cannot compete in. TSPs are the gatekeeper to the Internet. The secondary service provided by a TSP is communication. Here, too, TSPs have a distinct advantage as: (a) their service is always available even in the absence of Internet (by falling back to older technologies); and (b) their services are prioritized over other data packets.
1 Dish TV’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/DishTVIndiaLtd09012019.pdf.
2 GPTL Hathway’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/GTPLHathway08012019.pdf.
3 Multicast Communication and Distribution Limited’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/MulticastLimited08012019.pdf.
4 Bharti Airtel’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/BhartiAirtel10012019.pdf.
5 Reliance Jio’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/RJIL09012019.pdf.
6 PayTM’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/Paytm08012019.pdf.
7 W.P.(C). No. 494/2012.
8 J Sagar Associates’ comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/JSagarAssociatesadvocatessolicitors08012019.pdf.
9 Confederation of Indian Industry’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/ConfederationofIndianIndustry08012019.pdf.