Logo

Defender of your Digital Freedom

All Posts | Jun 13,2019

TRAI Consultation on OTT Regulation – Follow-up Submission on Surveillance Reform

On 20 May 2019, during TRAI’s 'Open House Discussion' in Delhi on OTT communication services, certain arguments were raised regarding national security concerns surrounding encrypted communication services, including those services that have end-to-end encryption. The prime factor in these arguments was that terrorists could use end-to-end encrypted communication services to securely communicate among themselves, and such communication cannot be intercepted in time to gather intelligence and act swiftly. It was stated that if all communication could be intercepted in real-time, then terrorist activities could be prevented.

If one places themselves in the shoes of a sovereign that has the responsibility to protect the country from external threats, the prospect of legally requiring an app or a service to hand over all data or information is alluring. After all, this has been done for more than a century with letters, telegram and telephone. Letters could be opened, and telephone and telegram networks could be tapped. Why then, one might wonder, should digital services be treated any differently?

By way of a follow-up submission to TRAI on its public consultation on a regulatory framework for OTT communication platforms, we have addressed the technical and legal concerns around mass monitoring of online communication and the need for reforming surveillance law in India.

Our submission to TRAI can be downloaded below. Our comments and counter comments to TRAI's public consultation on OTT communication services can be downloaded from - here and here, respectively.

All Posts | Jan 26,2019

Our Counter Comments to TRAI’s Consultation Paper on Regulatory Framework for Over-The-Top (OTT) Communication Services

The Telecom Regulatory Authority of India (TRAI) had published a consultation paper on 12 November 2018 for the creation of a regulatory framework for over-the-top (OTT) communication services. OTT services are those services which are used or delivered over the Internet. Basically, if you need Internet for something, then it is an over-the-top service. On 07 January 2019, we submitted our comments to TRAI. On 21 January 2019, we submitted our counter comments. Our counter comments are available below.

Links:

------------

These counter-comments may be viewed as our submission against similar recommendations made by others that have not been named in this document. Our counter comments have been written according to separate issues raised in the comments received by TRAI:

  • Broadcasting services: Dish TV1, GTPL Hathway2, Multicast Communication and Distribution Limited3 and a few others have recommended that broadcasting services should be brought within the realm of same-service same-rules. The present paper deals with OTT communication services. OTT broadcasting services are required to comply with the same laws in India as any other service that operates over the Internet. They must, for example, comply with the Information Technology Act, 2000 and the Rules made thereunder. Any recommendation under the present paper must not relate to broadcasting services as such services do not provide any form of intentional bi-directional targeted communication between pre-selected parties.

  • Compliance with TRAI Act: Bharti Airtel4 has suggested that OTT services should comply with the TRAI Act and directions issued thereunder. As stated in our original comments, regulation of OTT services does not lie within TRAI’s domain and powers.

  • Data localization: Some comments submitted to TRAI have asked for data localization in one form or another. Data localization would only result in fragmentation of the Internet affecting innovation and business. Foreign start-ups would not be able to provide their services in India and Indian start-ups would face the same issue in other countries that follow India in implementing such a requirement.

  • Decryption of data: Reliance Jio5 has recommended that OTT services should give full data access including decryption keys to law enforcement agencies. PayTM6 has stated their belief that Indian authorities must have absolute and unrestricted access to Indian data. In certain situations, owing to technical realities, it is not possible for an OTT service to provide the keys to law enforcement agencies as they themselves might not have access to the keys. Additionally, India already has lawful access to data and decryption requirements under the Information Technology Act, 2000. Extending this to all data would be a violation of the Right to Privacy, as held by the nine-judge bench in Justice K.S. Puttaswamy (Retd) & Anr. v. Union of India & Ors.7

  • Lawful interception: Bharti Airtel has stated their belief that OTT service providers should be responsible for establishing technical infrastructure required in India for lawful interception. Any such requirement would gravely harm the economy of our country. Use of OTT services is based on trust. Without such a trust, OTT services cannot be relied upon for secure transmission of sensitive information such as the communication between a doctor and her patient, between a lawyer and her client, and financial transactions that occur over OTT services. Our economy is heading towards a digital future. Without the proper security measures in place, the entire infrastructure will be vulnerable to interception and attacks from bad actors and foreign states.

  • Registration in India: GTPL Hathway has recommended that all OTT apps desirous of providing their services in India and all operating systems (Android, iOS, Windows, etc.) should be mandatorily registered in India and should be easily accessible by the government. Operating systems and apps come in varied forms, and with various tweaks and updates for various devices. Keeping track of all operating systems and apps would be a futile exercise, especially as open source apps and operating systems can be modified and re-deployed by anyone. Their mandatory registration in India would slow down innovation and thereby harm the economy of our country. Security updates would be provided faster to other parts of the world, while every device in India would be known to be vulnerable to security threats. Mandatory requirements for backdoors, as advocated in this recommendation by GTPL Hathway, would break trust of the international community in any service that is available in India. The central database of vulnerabilities would be a honeypot that every known and unknown, state and non-state actor in the InfoSec field would want to get their hands on.

  • Revenue for TSPs from OTT services: J. Sagar Associates8 has recommended that TSPs should derive some sort of benefit from OTT services that use their networks, by charging money for different elements of OTT services (voice, text) that use their networks. Confederation of Indian Industry9 recommended allowing TSPs to offer OTT packs. Such revenue models have already been dealt with by TRAI under earlier Net Neutrality consultations. Any such revenue model would run afoul of Net Neutrality principles that have been established in India.

  • Subscriber verification: Bharti Airtel asks for subscriber verification in the form of a KYC by OTT communication services and asks for them to be responsible for collecting and storing authentic identification of all users. This ignores the fact that not all communication services fill the same gap. Different services cater to different needs in the market. Some services provide anonymous communication between their users. Other services allow any user to change their name to any arbitrary text at any time. Such platforms do not rely on a real identity of a user. In fact, the purpose of such apps is often to allow users to communicate without revealing their real identity to others. Any form of subscriber verification / de-duplication would be against the entire purpose of such services. There is no need for each communication service to have the real identification information of each user. An IP address can sufficiently be used to trace the origin of a message or transmission. Requiring each OTT service to maintain identifying information would pose as a huge security and privacy nightmare in a world where we are constantly facing endless data privacy violations and breaches, and where users consistently find themselves under-equipped to protect themselves.

  • Substitutability: Bharti Airtel has written in its comments that substitutability of services should be treated as the primary criterion for comparison of regulatory and licensing framework between TSPs and OTT service providers. The justification provided by Bharti Airtel is that historically only TSPs provided voice/video calling and messaging services, and that for end consumers, any voice/video call or message exchange done via the TSP’s network or through an OTT application serves the same purpose. However, as we explained in our comments, TSPs get their ability to provide these services through the use of a limited natural resource, i.e. through their use of the telecom spectrum. Since this is a natural resource, there is limited competition for TSPs as the use of the spectrum is limited by laws of physics. OTT services are limited by the availability of Internet, bandwidth and latency. Modern technologies such as 4G and 5G provide for the transmission of calls and text over TSP networks to take place over the Internet. While bandwidth and latency affect calls and messages over TSP networks, calls and text messages sent through the networks of TSPs are prioritized over other data packets. This, along with limited competition, are advantages that TSPs have over OTT services. Calls and messaging over a TSP network are always available to a user, while calls and messaging over OTT services are only available when a user has an Internet connection. Additionally, OTT services provide a richer experience that is absent in TSP services, such as sending documents. Most TSPs now have tariff plans that offer unlimited voice calls and text messages. Therefore, this is a moot point. TSPs do not suffer from any competition from OTT services. The primary service provided by a TSP now is access to the Internet. This is a sphere that OTT services cannot compete in. TSPs are the gatekeeper to the Internet. The secondary service provided by a TSP is communication. Here, too, TSPs have a distinct advantage as: (a) their service is always available even in the absence of Internet (by falling back to older technologies); and (b) their services are prioritized over other data packets.

 

1 Dish TV’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/DishTVIndiaLtd09012019.pdf.

2 GPTL Hathway’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/GTPLHathway08012019.pdf.

3 Multicast Communication and Distribution Limited’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/MulticastLimited08012019.pdf.

4 Bharti Airtel’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/BhartiAirtel10012019.pdf.

5 Reliance Jio’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/RJIL09012019.pdf.

6 PayTM’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/Paytm08012019.pdf.

7 W.P.(C). No. 494/2012.

8 J Sagar Associates’ comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/JSagarAssociatesadvocatessolicitors08012019.pdf.

9 Confederation of Indian Industry’s comments on the Consultation Paper, available at https://main.trai.gov.in/sites/default/files/ConfederationofIndianIndustry08012019.pdf.

All Posts | Jan 08,2019

Our Comments to TRAI’s Consultation Paper on Regulatory Framework for Over-The-Top (OTT) Communication Services

The Telecom Regulatory Authority of India (TRAI) had published a consultation paper on 12 November 2018 for the creation of a regulatory framework for over-the-top (OTT) communication services. OTT services are those services which are used or delivered over the Internet. Basically, if you need Internet for something, then it is an over-the-top service. Yesterday, on 07 January 2019, we submitted our comments to TRAI. Our comments are available below. Counter comments will be accepted by TRAI until 21 January 2019.

Links:

Executive Summary

Telecom Service Providers provide multiple services, however, all of those services are based on a limited natural resource that the TSPs have acquired from the Government by paying a licensing fee and signing a contract. We hope that the responses submitted to the earlier consultation paper on Regulatory Framework for Over-the-top (OTT) services will also be considered while analysing the responses to the current consultation paper, as the issues dealt with are largely similar.

TSPs are given a license to use a limited natural resource. Natural resources belong to the State and the public at large. Any use of a natural resource has to be done for the benefit of the public. When it comes to the allocation of spectrum to TSPs, this is done for two reasons: (a) procurement of money by the Government for the allocation of the natural resource; and (b) benefits to the public in terms of the availability of that natural resource to the public at large.

The use of any portion of that natural resource by one TSP cannot overlap with the use of the same portion of that natural resource by another TSP. Therefore, bandwidth has to be allocated to different TSPs based on certain criteria such as their competence and capability to make the best use of the wavelengths that have been allocated to them. Their primary task is to make that natural resource useable to the rest of the society. In effect, they perform the task of a pipeline. TSPs are public utility providers. Ineffective use of a license by a TSP is contrary to the public interest as the wavelengths to be allocated for use by a TSP are limited, the barriers to entry are higher and there cannot be an unlimited number of TSPs competing in the market since the resource to be divided amongst them is limited. If a TSP does not use a license effectively, the public at large would suffer, development would slow down due to a lack of the availability of the natural resource and people’s ability to exercise their rights and freedoms would be curtailed.

Telecom Service Providers operate in the form of an oligopoly – there are few players in the market that provide the same services as a result of the limited natural resource that they are dealing with. With changing times, the services being provided by TSPs had to evolve. If they did not, they would die out. In earlier days, the primary task of a TSP was to provide a telegraph service. This then evolved into providing a telephone and telefax connection to businesses and homes. With 2G mobile phones and mobile networks came the SMS and mobile data. With evolving networks, mobile data became faster and more readily available. In the meantime, broadband access to home had also become cheaper and faster. Now, there are two modes of accessing the same, open and fast internet – broadband and mobile data. The services being offered by TSPs and the tariff plans that they offer have shifted in tandem with the changing technologies, but the primary task that a TSP has to perform remains the same – make the best and the most efficient use of the limited natural resource over which they have an oligopoly. Today, the primary task of a TSP is to provide access to the internet. They are the gatekeepers of the internet, holding the keys to the digital world in their hands, with the ability to charge money for a service that no OTT will ever be able to. The onus of generating profits for TSPs is on the TSPs; it is not on the Regulator, the public and OTT services to create an environment in which TSPs can flourish with their control over the limited resources. The criteria to be used by them for bidding on spectrum, allocating resources for development of their networks, staffs and other costs need to be kept in mind while creating their tariff structures. If TSPs are unable to create a tariff structure in which they can generate profits from their ability to provide access to a limited natural resource, then there is an inability or unwillingness among the TSPs to foresee their costs and create appropriate tariffs and bids.

This situation cannot be resolved by imposing similar costs onto OTT services. OTT services exist as a polypoly. The reason that the OTT ecosystem has flourished is that it is not bound by the same restrictions and limitations as the TSPs. On the other hand, OTT service providers cannot sell access. They can only make their services available to those that already have access to the Internet. Innovations from the OTT ecosystem have led to increased efficiency in use of resources by the TSPs. The TSPs now have VoIP thanks to technologies developed for use over the internet. This has led to a decrease in costs and increase in efficiency of voice calls. OTT services operate with lower barriers to entry than TSPs. OTTs can operate in a free market without any limitations on the competition, so if a particular app does not provide sufficient QoS, then users are free to switch to any competitor. However, QoS of TSPs needs to be regulated because of the existence of an oligopoly over a limited natural resource. If the QoS of a TSP is below par, there are only a few options available to the users.

Unlike what TSPs would have us believe, the primary task of a TSP is not to make the largest profits; the primary task of a TSP is to make the best possible use of the wavelengths that they have exclusive access to. TSPs and OTT services cannot be seen to be competing with each other and do not require to be brought to the same playing field under the same restrictions and regulations, as the domains in which they are operating are not the same. We must not forget that TSPs are the sole gatekeepers of the Internet, with an ability to charge appropriately for that privilege.

OTT service providers are already regulated under the Information Technology Act, 2000 along with the Rules laid down under the said Act. TRAI has no power to regulate OTT services. The current laws permit for their regulation under the Information Technology Act, 2000 and the Rules made thereunder. Our country is already in the process of formulating a data protection law as well as undergoing a consultation process for the amendment of the Information Technology (Intermediaries Guidelines) Rules, 2011 under Section 87(2)(zg) read with Section 79(2) of the Information Technology Act, 2000. If further regulation is considered necessary, it would have to be done under a new law.
 

Q.1 Which service(s) when provided by the OTT service provider(s) should be regarded as the same or similar to service(s) being provided by the TSPs. Please list all such OTT services with descriptions comparing it with services being provided by TSPs.

TSPs have the exclusive rights to commercialize a limited natural resource – spectrum. This cannot be done by anyone else without paying the appropriate charges and acquiring the appropriate rights from the Government. The task in front of TSPs is to make the best, most efficient and competitive use of the spectrum allocated to them in order to generate revenues necessary for sustenance and development of their networks. Under the latest technologies, TSPs are dedicating the entire spectrum towards a data pipeline with individual services such as voice calls travelling over the said data pipeline.

Due to their exclusive rights over the spectrum, TSPs are the gatekeepers to the Internet. They perform the task of a utility provider that provides the infrastructure over which transfer of information takes place. Earlier, that information took the form of transmission of text over the telegraph network using morse code. With an evolution of technologies, this changed into transmission of voice over landline phones. The next evolution in the telecommunications networks was the introduction of data over wired and wireless networks. Throughout the evolution of technologies, the core task of TSPs has remained the same, i.e. transmission of information, while the evolution of technologies has resulted in newer forms of information being transmitted by TSPs, going from morse code to voice to the Internet.

The only similar services between TSPs and OTT service providers are written and oral communications. Here, too, we need to be careful as this description in itself is too broad as it covers communication that is ancillary to the purpose of a service, such as comments within collaborative document editing, comments on a webpage or communication within a video game. EU’s draft Electronic Communications Code has taken a positive step in disregarding services where communication is an ancillary function. Our view of OTT services as covered under the present discussion paper, therefore, is limited to only those OTT services where written and/or oral communication is the primary objective of the service.

TSP networks and OTT service providers have diverged in the services that they provide. On one hand, OTT services have evolved from basic written and oral communication to include stickers, video calls and other forms of communication. On the other hand, the technologies in use by TSPs have now evolved beyond such services and gone into the realm of providing a pipeline for the Internet. Instead of OTT service providers offering services that are the same or similar to services being offered by TSPs, it is now the TSPs that are offering services that are the same or similar to services being offered by OTT service providers such as voice calls, written communication and video content over the Internet. These OTT services provided by TSPs are regulated under the Information Technology Act, 2000. They must adhere to the Information Technology (Intermediaries Guidelines) Rules, 2011 under Section 87(2)(zg) read with Section 79(2) of the Information Technology Act, 2000 in the same manner that any other OTT service must abide by the Act and these Rules.

While voice calls over the internet were possible on 3G networks, the latency and bandwidth available were insufficient for a reliable voice call. 4G (LTE) brought a large enough jump in both bandwidth and latency to make it possible for voice calls to take place over the mobile data network with latency below 0.1 second almost 99 percent of the time.1 Research by Ofcom in UK showed an average latency of 53.1 milliseconds in 4G networks.2 5G networks aim to lower this latency even further, with URLLC (Ultra-Reliable Low-Latency Communications) networks targeting a latency as low as 1 millisecond.3

Spectrum allocated to TSPs is now no longer being used to transmit voice or written communication. It is being used to maintain an Internet connection with each device connected to the network, and to transmit data to and from such devices over the Internet. Since the basic service being offered by TSPs is now an active Internet connection with voice and text riding over the Internet, most TSPs now offer tariffs with unlimited voice communication since the primary service now is the Internet, and not voice calls or text messages. In this regard, OTT service providers are incapable of competing with TSPs.
 

Q.2 Should substitutability be treated as the primary criterion for comparison of regulatory or licensing norms applicable to TSPs and OTT service providers? Please suggest factors or aspects, with justification, which should be considered to identify and discover the extent of substitutability.

No, substitutability should not be treated as the primary criterion for comparison of regulatory and licensing norms applicable to TSPs and OTT service providers. The realm in which they operate is not the same. TSPs are allocated a limited spectrum, with a requirement to maintain sufficient quality of service for the services being provided using that spectrum. The intention here being that the spectrum must be utilized optimally. Sub-par utilization of the spectrum would be detrimental to the growth of the economy and the exercise of the rights of the people of our country as the spectrum is a limited natural resource. Two different TSPs cannot make use of the same spectrum at the same time. Therefore, it is essential to regulate and maintain quality of service in terms of making the spectrum useful to the public by the TSPs.

OTT service providers, on the other hand, provide services that require transmission of data over the Internet. OTT service providers do not have any control over how the infrastructure is developed or controlled. TSPs own, control and provide such infrastructure in the form of a pipeline to the Internet using the spectrum that has been allocated to them. This gives TSPs a distinct edge over OTT service providers. All information transmitted by TSPs over the latest technologies takes place in the form of transmission of packets of data, however, voice traffic packets in VoLTE have priority over data packets. Hence, even in situations of instability or high latency in voice calls through OTT services, voice calls are stable with low latency when placing a call through the TSP.

Therefore, even though the act of transmitting voice or text might have similar outcomes whether it is done through a TSP or an OTT service provider, the outcomes vary significantly. In addition, the task of a TSP is to make optimum use of the spectrum allocated to them in order to make that spectrum useable by the public. Today, this means making that spectrum available in the form of an open Internet. This ability rests solely in the hands of TSPs without any possibility of any competition from OTT service providers when it comes to making the spectrum available for use.

The need of the hour is for TSPs to further refine tariffs and for regulation of TSPs to be reduced; it is not to increase regulation of OTT service providers.
 

Q.3 Whether regulatory or licensing imbalance is impacting infusion of investments in the telecom networks especially required from time to time for network capacity expansions and technology upgradations? If yes, how OTT service providers may participate in infusing investment in the telecom networks? Please justify your answer with reasons.

Telecom networks are based on the use of a limited natural resource (spectrum) that is allocated to service providers. No two entities can use the same spectrum at the same time. This spectrum is now used for the provision of voice, text and Internet connections to the people. Due to the limited number of entities that have the rights to use the spectrum, TSPs have an oligopoly on the use of the spectrum. Without their use of the spectrum, mobile Internet would not exist.

As observed by Professor Tim Wu, Professor of Law at Columbia University in his seminal paper on net neutrality, the argument for a neutral Internet must be understood as the concrete expression of a system of belief about innovation, whose adherents view the innovation process as a survival-of-the-fittest competition among developers of new technologies. Models of development must not vest control in any initial prospect-holder, private or public, who is expected to direct the optimal path of innovation, minimizing the excess of innovative competition.4 OTT service providers cannot be blamed for any perceived or actual lack of investments in telecom networks. The core services being provided by TSPs and OTT service providers are not the same as the former exploits a limited natural resource, while the very existence of the latter makes the former’s services more useful and necessary for the public.

If TSPs are unable to generate sufficient investments and profits, then they need to revise their tariff plans in order to generate increased profits from their data traffic.
 

Q.4 Would inter-operability among OTT services and also inter-operability of their services with TSPs services promote competition and benefit the users? What measures may be taken, if any, to promote such competition? Please justify your answer with reasons.

Yes, inter-operability among OTT services would promote competition and benefit the users as it would lower the barriers for entry. Before the Internet was walled off into closed ecosystems, communication over the Internet was based on open standards such as Newsgroups,5 Internet Relay Chat (IRC),6 Extensible Messaging and Presence Protocol (XMPP)7 and email. Being based on open standards, they promote competition among different service providers as the barriers to entry into these ecosystems are low. Users of these standards are not locked into a single client as they can easily switch to another service provider that can connect them to the same userbase over the same technological standard. Some of the most popular modern closed chatting software originated as XMPP clients with their dedicated servers, and then evolved into a closed environment with user lock-in once they had a large base. Advancements made in these closed software were not propagated back to the open standard, thus raising the barriers for entry for new developers as they now had to compete with established software with their locked-in large userbase.

Conversion back to open standards cannot be forced, as that would mean depriving society of the advances that have been made in technologies. Instead, we need to focus on developing and promoting the adoption of open standards to avoid vendor lock-in, innovation and collective advancement. Government sponsored development of open standards and educational campaigns regarding their benefits are required to drive mass adoption of open standards before any action can be taken to prevent further vendor lock-in in the sphere of online communication.
 

Q.5 Are there issues related to lawful interception of OTT communication that are required to be resolved in the interest of national security or any other safeguards that need to be instituted? Should the responsibilities of OTT service providers and TSPs be separated? Please provide suggestions with justifications.

Although it cannot be denied that there are differences between the surveillance and law enforcement requirements imposed on TSPs and OTT service providers, most of these differences fall away when one takes a closer look at the current as well as the developing legal scenario in India and the world at large.

India currently has correctly placed obligations upon TSPs and OTT service providers under different laws. While the former has a duty to make spectrum useable by the public in the form of communications services, the latter is a part of a free market ecosystem that exists on top of the Internet. Without the former, the latter cannot exist, however, the reverse is not true.

While TRAI can regulate the use of the spectrum by TSPs, TRAI has no power to regulate or even make recommendations to the Department of Telecommunications regarding OTT service providers. Their regulation can and does happen through a separate law – the Information Technology Act, 2000 along with certain sections in the Indian Penal Code, Criminal Procedure Code, and sectoral laws, amongst others. Intermediaries such as OTT service providers, including TSPs in their provision of OTT services, are required to abide by the Information Technology (Intermediaries Guidelines) Rules, 2011 under Section 87(2)(zg) read with Section 79(2) of the Information Technology Act, 2000. The Ministry of Electronics and Information Technology (MeitY) is currently undertaking a public consultation in order to amend these Rules. The amendment aims to further regulate intermediaries such as OTT service providers. TRAI has no power to regulate OTT services. Instead, the power under the current laws rests with MeitY. If action is required beyond the scope of what is permissible under the Information Technology Act, 2000, then a new law would be needed for this purpose.

Surveillance of Internet networks is provisioned by Sections 69 and 69B of the Information Technology Act, 2000 read with the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009 as well as the Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic Data or Information) Rules, 2009. These, along with Section 5 of the Indian Telegraph Act, 1885 read with Rule 419A of the Indian Telegraph Rules, 1951, lay down the substantive and procedural frameworks under which Law Enforcement Agencies may collect communications data and meta-data from communications service providers. In the case of TSPs, their respective service licenses contain clauses that further outline certain security conditions in support of the broader legislative framework.

The telecommunication interception law in our country (Sections 5 and 26 of the Telegraph Act) is outdated as it was framed during the British era for foreigners to rule over an indigenous population. It was made before the Constitution of India was framed, in a time before fundamental rights had been granted to the population of India. The lawful interception requirements under the License Agreements were made with the same assumptions regarding privacy and security as were prevalent in during the British rule. In 2017, a nine-judge bench of the Supreme Court of India has recognized that the Right to Privacy is protected as an intrinsic part of Right to Life and Personal Liberty under Article 21 of the Constitution and other freedoms guaranteed under Part III of the Constitution.8 Instead of requiring backdoors, weakening of encryption or increased surveillance on OTT platforms, we need to revisit and review the surveillance and interception provisions under the Telegraph Act, the Rules framed thereunder and the lawful interception requirements under the License Agreements for compliance with the Right to Privacy as per the Supreme Court’s judgment.

Today, doctors and lawyers are conducting confidential communications with their clients over end-to-end encrypted communication platforms such as WhatsApp. Journalists are using these platforms to communicate with their sources. Members of police and armed forces are sharing information internally through these platforms. Financial information is also shared by people over these platforms. If these platforms are required to impose any form of surveillance or interception, then the right to privacy and freedom of speech and expression along with the entire digital economy of the country would be at high risk. Encryption now forms the backbone of the digital economy. A large part of a sustainable digital economy is based on trust. If a country requires weakening of encryption or any form of backdoors, then the encryption and security products originating from or taking place in that country cannot be trusted for undertaking any task that involves personal data. Platforms that are required to implement such requirements would be faced with a choice to stop conducting business in India, weaken the security for their users across the globe, or to split their user base into (a) a global community except India with high security and (b) an isolated group of users in India that face high risk with weakened security. In such a situation, no OTT communication service originating in India would be trusted by the rest of the world. We recommend against any surveillance or interception measures on any OTT platform.

While Section 43 of the Information Technology Act, 2000 read with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 protect only sensitive personal data or information, India is currently in the process of formulating a new data protection law. This law would impose restrictions and requirements upon OTT platforms for the collection, use, storage, transmission, sale and other activities related to personal data. It would be prudent for TRAI to take a wait-and-watch approach towards further developments in this area instead of attempting or recommending any regulation of OTT platforms at this juncture. Instead, it would be prudent to revisit the existing surveillance and interception requirements in light of the Supreme Court’s judgment of the Right to Privacy.

On the question of compliance where the TSP or a content provider is based outside India, the Information Technology Act has broad territorial jurisdiction that extends to computer networks outside the country as well. Under Section 75 of the Act, this jurisdiction can apply to an offence or contravention (say that of sensitive data protection rules) as long as it involves a computer, computer system or computer network located in India. While MLATs have proven to be a slow method for getting access to data, the proper way of approaching the situation would be to participate in multi-national agreements for faster access to data across borders for law enforcement purposes. Any approach that is based on requirements to store data or a copy of the data within India would hamper innovation and the use of the latest technologies in the country by increasing the cost for compliance and raising barriers for entry. This would impact all industries and all sectors as every sector is now dependant upon digital communication, storage, transfer and processing of data.
 

Q.6 Should there be provisions for emergency services to be made accessible via OTT platforms at par with the requirements prescribed for telecom service providers? Please provide suggestions with justification.

Emergency services, if made accessible via OTT platforms, will have to take one of three forms:

  1. Require every emergency service control room to be present and active on every popular OTT platform. This option is infeasible as it would require additional equipment and personnel in emergency service control rooms.

  2. Connect from OTT platform to emergency service control rooms – this would require inter-operability with TSPs as asked under question 4 above. There are multiple reasons for not recommending this approach. It would increase the barriers for entry for new players in the OTT communications market without any significant direct advantage to end users. The communication would pass through the OTT platform. The reliability of the communication would depend upon the presence or absence of a reliable data connection with low latency and low load on the network. Selective data streams cannot easily be prioritized over other data streams without violating fundamental principles of Network Neutrality. Even in the best of situations, contacting emergency service control rooms via OTT applications would be less reliable than contacting emergency services without going through the OTT platform.

  3. Alternatively, a much simpler route could be taken – whenever a user attempts to contact emergency services, the default dialler app on the user’s device could be automatically opened to place an emergency call through the TSP’s network. This does not require any new infrastructure to be developed, maintained or monitored. It would also not require any additional Quality of Service checks. OTT platforms would need to develop the capability to route calls to emergency numbers through the device’s default dialler app. In case a user is accessing an OTT platform through a device that does not have the capability of making a phone call, the user can be provided directions for calling emergency services.

Because of the above, especially due to higher reliability and priority of calls placed through a TSP’s network, we recommend that any provision for OTT platforms to mandatorily make emergency services accessible through their platforms should take the form of transmitting such communication through a TSP’s network instead of the OTT platform.
 

Q.7 Is there an issue of non-level playing field between OTT providers and TSPs providing same or similar services? In case the answer is yes, should any regulatory or licensing norms be made applicable to OTT service providers to make it a level playing field? List all such regulation(s) and license(s), with justifications.

OTT providers and TSPs that provide same or similar services (written and oral communication) exist and operate in entirely different realms. While the objective achieved through the use of these two might be the same – communication in written or oral form – TSPs and OTT providers are not in direct competition with each other. One of them has an oligopoly over the use of a limited natural resource in the form of spectrum, while the other faces unlimited competition.

TSPs have multiple distinct advantages over OTT services:

  • TSPs have an oligopoly over the use of radio wave spectrum. They have exclusive rights to make this spectrum useful by providing access to this spectrum to the public at large. OTT providers cannot enter this space.

  • Communication through TSP’s network can reach any other user of any TSP, so a user can call or write messages to any user of any TSP’s network. However, communication through most OTT services is limited to users of that particular OTT service. Users of any popular instant messaging service, for example, can only reach other users of that instant messages services. In order to overcome this limitation, some OTT messaging services have incorporated an ability to send SMS through that OTT app in case the intended recipient of the message is not a user of that app.

  • Voice calls made through TSP networks are prioritized over voice calls made through OTT platforms. Packets of data containing TSP’s VoIP are prioritized over other data packets, while packets of data containing OTT VoIP compete with all other data packets. OTT services rely on the quality, stability and load of a data connection at any moment. If a data connection is under high load, then a voice communication over that connection is likely to suffer from dropped packets or high latency, while voice communication through the TSPs network would not suffer the same fate due to prioritization of these packets.

Additionally, OTT service providers are required to comply with the Information Technology Act, 2000, including the requirements mentioned under our comments to Question 5 above.

There is no non-level playing field between TSPs and OTT service providers as the two are not playing in the same field. OTT service providers can never run a TSP out of business, as an OTT service cannot exist without a TSP. Unfair regulation of a TSP is a concern that needs to be examined separately.

 

Q.8 In case, any regulation or licensing condition is suggested to be made applicable to OTT service providers in response to Q.7 then whether such regulations or licensing conditions are required to be reviewed or redefined in context of OTT services or these may be applicable in the present form itself? If review or redefinition is suggested then propose or suggest the changes needed with justifications.

N/A.
 

Q.9 Are there any other issues that you would like to bring to the attention of the Authority?

As mentioned in our comments to Questions 5 and 7 above, OTT service providers are already regulated under the Information Technology Act, 2000 along with the Rules laid down under the said Act. TRAI has no power to regulate OTT services. The current laws permit for their regulation under the Information Technology Act, 2000 and the Rules made thereunder. Our country is already in the process of formulating a data protection law as well as undergoing a consultation process for the amendment of the Information Technology (Intermediaries Guidelines) Rules, 2011 under Section 87(2)(zg) read with Section 79(2) of the Information Technology Act, 2000. The correct body for undertaking such an exercise is the Ministry of Electronics and Information Technology. If regulation is considered necessary beyond what is permissible under the Information Technology Act, 2000, it would have to be done under a new law.

1 The Difference Between 3G and 4G VOIP Calls, Idtexpress. Available at https://www.idtexpress.com/blog/2018/02/05/difference-3g-4g-voip-calls/, last seen on 30 November 2018.

2 Ofcom research shows 4G significantly outperforms 3G networks, Ofcom. Available at https://www.ofcom.org.uk/about-ofcom/latest/media/media-releases/2015/4g-outperforms-3g, last seen on 06 January 2018.

3 Ultra-Reliable and Low-Latency Wireless Communications: Tail, Risk and Scale, Mehdi Bennis, Merouane Debbah and H. Vincent Poor. Available at https://arxiv.org/pdf/1801.01270.pdf, last accessed on 07 January 2018.

4 Network Neutrality, Broadband Discrimination, Tim Wu, Journal on Telecom and High Tech Law. Available at http://adam.curry.com/enc/20140501152806_timwu2003netndoc.pdf, last accessed on 30 November 2018.

5 RFC 1036 – standard for interchange of USENET messages

6 RFC 1459 - Internet Relay Chat Protocol

7 https://xmpp.org/

8 K.S. Puttaswamy and Ors. v. Union of India and Ors [W.P.(C). No. 494/2012]

All Posts | Apr 17,2017

SFLC.in’s comments on TRAI’s consultation paper on net neutrality

In January 2017, the Telecom Regulatory Authority of India published what is expected to be the last in a series of Consultation Papers on net neutrality in India, and invited public comments on several questions related to the issue. Much of the focus of this consultation was on defining the scope of traffic management practices adopted by Internet and Telecom Service Providers, better understanding net neutrality in an Indian context, and gathering input on some key operational aspects of legal/policy frameworks around net neutrality. We submitted detailed comments on the Consultation Paper, highlighting among others the need for a robust regulatory framework on net neutrality in India, what the framework should contain, and the ways in which such a framework may be established. The full text of our comments is given below:

Introduction

Before we address the questions in detail, we would urge the regulator to think about the current economy of the net. The Internet has turned into a behavior collection system and its made of things that are called telecommunications network. For Telecom Service Providers (TSPs), it now makes sense to carry people’s packets for them in order to conduct social behavior collection – to perfect the social graphs and to engage in advertising, profiling of people. There is a whole range of activities that are possible that justify the cost of paying for people’s telecommunications and so we are engaged in a great international conversation about the extent to which people’s behavior should be collected on the basis of payments for their telecommunications services. Moreover, there have been troubling developments globally that make it ever easier for TSPs to engage in this social behavior collection. The recent repeal1 of the United States Federal Communications Commission’s broadband privacy rules2, which would have banned Internet providers from collecting, storing, sharing and selling certain types of customer information without user consent, serves as an example.

World over, those who control the network engage with regulators such as TRAI within the context of concepts like Network Neutrality that don’t have behavior collection as as an essential ingredient. For statutory reasons or otherwise, these conversations seem out of the jurisdictional or domain expertise bounds for telecom regulators, but it creates a blind-spot. Such a blind spot ignores that the Internet, which is the highway for new economy, is being converted into a one-way traffic medium, where with vertical integration of various businesses, content is being used as bait to bring people to a network that collects behavior. Your next consultation should contain a series of questions about TSPs becoming the new frontiers of behavior collection, ask about their processes and how that fits into the larger question of creating prosumers. Sound policy making can no longer approach these intertwined issues severally or independently because increasing access must mean creation of empowered prosumers.

Responses to the issues for consultation

Q.1: What could be the principles for ensuring nondiscriminatory access to content on the Internet, in the Indian context?

In the Indian context, we recommend that a neutral and non-discriminatory Internet be guided by the following principles:

  1. No Application Based Discrimination: TSPs should not discriminate Internet traffic based on content, any applications or classes of applications or services

  2. No Paid Prioritization: TSPs should not be allowed to favor some content or traffic over another for any consideration, no “fast lanes” should be allowed.

  3. No Throttling or blocking: All content should be treated equally and TSPs should not intentionally slow down the speed of some content or speed up others based on the type or TSP’s preference.

  4. Transparency in traffic management: The traffic management principles adopted by the TSPs should be transparent and application-agnostic and should primarily be used to achieve a legitimate traffic management purpose and not a discriminatory commercial purpose. Any traffic management practice adopted to comply with legal requirements or restrictions imposed by law enforcement agencies or the government must be subject to review by a committee.

  5. No Deep Packet Inspection: No DPI should be allowed unless for specified reasons mandated by law and that should be made transparent.

Any rules that are adopted must ensure that user choice is preserved, and that TSPs do not discriminate on the basis of kind of applications, do not restrict freedom of speech and expression, keep the entry barriers low and promote innovation. Moreover, the regulator should prohibit application-specific discrimination, but allow application-agnostic discrimination i.e. one that does not discriminate amongst applications or classes of applications. The Internet’s original architecture was based on the layering principle and on the broad version of the end-to-end arguments.3As a consequence of that design, the Internet was application-blind – it was unable to distinguish among the applications on the network – and, as a result, it was unable to make distinctions among data packets based on this information. The Internet’s application-blindness is one of the factors that have fostered innovation in the past and made the Internet more valuable for users and for society. Any NN framework must therefore be mindful of the Internet’s application-blindness, and ensure that the only permitted form of discrimination is application-agnostic.

 

Q.2: How should “Internet traffic” and providers of “Internet services” be understood in the NN context?

  1. Should certain types of specialised services, enterprise solutions, Internet of Things, etc be excluded from its scope? How should such terms be defined?

  2. How should services provided by content delivery networks and direct interconnection arrangements be treated?

Please provide reasons.

Internet Services should be understood to include all services that use the Network of Networks, commonly known as the Internet. As a rule, all Internet services, should follow the core principles of Net Neutrality, as explained in the DOT Committee Report on Net Neutrality. The objective or the function of the Internet service may be a criterion to provide exemption from the Net Neutrality principles only in limited cases like Emergency services. Such services which can be exempted should be decided by the Regulator or the Government and should not be left to the discretion of the providers.

  1. Specialized services could affect other services of subscribers and hence should not be given any exemption from the core Net neutrality Principles. In the findings from BEREC’s and the European Commission’s joint investigation4it was found that “About one third of the fixed operators indicate in their responses that specialized services are affecting, to some extent, the Internet best-effort service of customers using the same access network”. Thus, there should not be any exemption for specialized services or Internet of Things. Such exemptions could leave loopholes for the operators to push their services and business-models which could affect the interest of users accessing the “best-effort” Internet.

  2. With the emergent media technologies, we are already seeing a merger of traditional business models with the new ones, especially in the delivery of video content. CDN are being deployed for robustness of delivery and better end user experience. This has caused a sharp increase in the number of CDN Providers and deployment of own CDN by ISPs. With the increase in availability and demand of bandwidth intensive video content, traditional arrangements of transiting or peering will not hold and disputes about compensation are bound to occur. Various disputes between Comcast and Netflix in the United States are available as evidence.

    In order to have more competition at the last kilometer and ensure creation of more services that may be bandwidth intensive, the regulator must ensure that , “toll-charges” are not extracted by ISP from the content provider and the CDN provider in addition to the payments made by consumers that subscribe to the ISPs services.

    The regulator must also ensure that CDNs deployed by ISPs cannot just be restricted to the delivery of content to support the ISP’s own ‘walled garden’ services or be subject to arbitrary demands of compensation. The regulator must endeavor to control the effort on part of the ISPs to provide, ‘better than best efforts” , creating fast and slow lanes on payment of higher fee while intentionally degrading the standard service.

 

Q.3: In the Indian context, which of the following regulatory approaches would be preferable:

  1. Defining what constitutes reasonable TMPs (the broad approach), or

  2. Identifying a negative list of non-reasonable TMPs (the narrow approach)

We believe the broad regulatory approach to TMPs would be ideal in the Indian context. A narrow approach that identifies and prohibits a list of non-reasonable TMPs would not be sustainable in the long run, as such a list is likely to be made obsolete relatively quickly. Considering the pace of technological progress, it would only be a matter of time before fresh non-reasonable TMPs come to be deployed in place of the prohibited ones. Also considering the practical challenges involved in identifying and listing all non-reasonable TMPs in exhaustive detail, we recommend adopting a broad regulatory approach to TMPs, under which reasonable traffic management is recognized as an exception to the principle of NN, and the scope of reasonable TMPs is outlined in sufficient detail.

 

Q.4: If a broad regulatory approach, as suggested in Q2, is to be followed:

  1. What should be regarded as reasonable TMPs?

  2. Whether and how should different categories of traffic be objectively defined from a technical point of view for this purpose?

  3. Should application-specific discrimination within a category of traffic be viewed more strictly than discrimination between categories?

  4. How should preferential treatment of particular content, activated by a user’s choice and without any arrangement between a TSP and content provider, be treated?

  5. TMPs can simplistically be termed as technical methods deployed by TSPs, by which Internet data packets are caused to be transmitted other than on a best-effort basis. As the term suggests, the primary intent of TMPs is to manage congested networks – more specifically, to mitigate derogation of QoS on congested networks. TMPs are also deployed at times for such other reasons as ensuring smooth flow of latency-sensitive data and ensuring network integrity. The “technical methods” deployed for these purposes may refer to a number of things, including methods such as Diffserv (Differentiated Service Label), ECN (Explicit Congestion Notification), RED (Random Early Drops), flow-based routing, traffic smoothing/packet grooming etc., as well as more invasive methods such as DPI (Deep Packet Inspection) and TCP reset injections.5While the principle of NN demands that all Internet data be treated equally, reasonable traffic management is considered an exception to this rule as it is a necessary technical component of network management. However, due to the risk of exploitative uses of TMPs, it is also necessary to clearly outline the scope of reasonable TMPs. When determining the reasonableness of any TMP, we recommend that the following be considered as key parameters:

    • Motive: All TMPs must perform strictly technical functions that are designed to meet specific technical requirements, be it management of network congestion, accommodating latency-sensitive traffic, ensuring network integrity, or others. Compliance with legal requirements, and accommodation emergency services may also be treated as permissible grounds for TMPs. On the other hand, no TMP must be deployed on the basis of commercial considerations such as promoting the content/services of particular providers over others, or demoting particular content/services. If commercially motivated TMPs were to be permitted, this would result in anti-competitive behavior that causes content/services from smaller providers to be shunned in favor of those from bigger players with vast financial reserves.

    • Proportionality: Any TMP considered for deployment must be proportionate to the motive it seeks to fulfill. TMPs that impact more classes of Internet traffic than necessary, in more regions than necessary, and unduly invasive TMPs such as DPI that also infringe upon the users’ rights to privacy and freedom of speech must be considered non-permissible.

    • Duration: All TMPs must be limited in time i.e. they must be deployed on temporary basis. As traffic management primarily serves a strictly technical function of easing network congestion, TMPs must be deployed for only as long as the network congestion lasts, and must not continue once the congestion eases and they are no longer needed. As other grounds for reasonable TMPs such as ensuring network integrity, complying with legal requirements, and accommodating emergency services, are all non-permanent in nature, TMPs deployed for these reasons must also not continue beyond the duration of the reasons themselves.

    • Transparency: TMPs must be deployed in a transparent manner, with adequate disclosures as to the nature of TMP deployed, the reason for which it is deployed, kind of content/services affected, and duration for which it lasts. Transparency is vital in traffic management, as it allows stakeholders to stay abreast of the ways in which TMPs are being undertaken, monitor such practices for NN violations, and make informed choices on the basis of this information.

  1. For the purpose of implementing TMP regulations, it is necessary to outline various categories of Internet traffic based on the nature of content being carried. This will allow for the objective identification of high-bandwidth traffic that needs to be managed to prevent overburdening networks, and also provide a basis for accurate disclosures as to the kind of TMPs adopted. The following could be some of the broad classifications of Internet traffic: browsing; peer-to-peer; email; instant messaging; VoIP; music streaming; video streaming; music downloads; video downloads; gaming; software updates.

  1. Any discrimination practiced while employing TMP should be application agnostic and should not differentiate between various applications in a category of service. Between categories of service, transparent methods may be used to achieve traffic management when strictly necessary. Discriminating amongst applications within the same category is unjustifiable under any circumstance, but discriminating amongst broad categories of traffic for technical reasons may be permitted so long as the established mandates of applicable regulations are strictly observed. Discriminating amongst categories of applications when there is no demonstrable technical or legal reasons to do so should be treated at par with application-specific discrimination.

 

Q.5: If a narrow approach, as suggested in Q3, is to be followed what should be regarded as non reasonable TMPs?

N/A

 

Q.6: Should the following be treated as exceptions to any regulation on TMPs?

  1. Emergency situations and services;

  2. Restrictions on unlawful content;

  3. Maintaining security and integrity of the network;

  4. Services that may be notified in public interest by the Government/ Authority, based on certain criteria; or

  5. Any other services.

Please elaborate.

In context of a broad regulation on TMPs, where traffic management constitutes an exception to the principle of NN and the scope of reasonable TMPs is clearly outlined, the above i.e. emergency situations and services, restrictions on unlawful content, maintaining security and integrity of networks, and services notified in public interest may be treated as grounds for reasonable TMPs. In emergency situations, such as in the aftermath of a natural disaster, where other communication channels may be unavailable, Internet-based communication platforms could act as an alternate means to co-ordinate rescue and relief operations. Under such circumstances, prompt and reliable delivery of content would assume paramount significance, and could mean the difference between life and death as far as victims are concerned. As regards blocking access to unlawful content, regulatory mandates applicable to TMPs may be exempted because selective blocking of content in such cases would be done in furtherance of express legal directives. As service providers are bound to ensure compliance with legal obligations, blocking of particular content must not become grounds for presuming violations of applicable TMP regulations. A similar reasoning may be imported into discriminatory treatment of content and services that are notified in public interest by the regulators, so long as such notifications follow objective and clearly defined criteria to identify content and services deserving of differential treatment.

Therefore, in the above cases, departures from the best-effort delivery of Internet data may be permitted rather than considered violations of NN.

 

Q.7: How should the following practices be defined and what are the tests, thresholds and technical tools that can be adopted to detect their deployment: [See Chapter 4]

  1. Blocking;

  2. Throttling (for example, how can it be established that a particular application is being throttled?); and

  3. Preferential treatment (for example, how can it be established that preferential treatment is being provided to a particular application?).

  4. Blocking may be defined as “the practice of actively preventing users from accessing particular content and/or services available on the Internet, which they would otherwise have access to”.

  5. Throttling may be defined as “the practice of intentionally degrading quality of service when accessing particular content and/or services available on the Internet”.

  6. Preferential treatment may be defined as “the practice of transmitting particular content and/or services available on the Internet at a higher priority than others”.

As regards tests, thresholds and technical tools available to detect the deployment of blocking, throttling and preferential treatment, we would like to draw the Authority’s attention to Measurement Lab (M-Lab) – a joint initiative by New America’s Open Technology Institute, Google Open Source Research, Princeton University’s PlanetLab, and other supporting partners.6M-Lab is an open source Internet measurement effort that provides a suite of performance tests to help consumers develop an accurate picture of their Internet services. The data collected during tests is also collected and released to the public for use by policy makers, researchers and others who are interested in Internet issues. The performance tests hosted by M-Lab notably includes a Network Diagnostic Test that tests connection speed and provides a detailed diagnosis of problems limiting speed, Neubot which performs periodic tests to measure network performance and traffic throttling, OONI Probe which measures specific use cases of network interference, and Glasnost which tests for application-specific blocking or throttling.

Each test hosted by M-Lab is independently developed by researchers, and each researcher-developed test is allocated dedicated resources on the M-Lab platform to facilitate accurate measurements. Server-side tools are openly licensed and operated, allowing third parties to develop their own client-side measurement software.

 

Q.8: Which of the following models of transparency would be preferred in the Indian context:

  1. Disclosures provided directly by a TSP to its consumers;

  2. Disclosures to the regulator;

  3. Disclosures to the general public; or

  4. A combination of the above.

Please provide reasons. What should be the mode, trigger and frequency to publish such information?

We believe option (d) i.e. a combination of all stated models of transparency would be ideal in the Indian context. Whereas disclosures of pricing information and commercial terms, performance characteristics, TMPs, and specialized services to existing consumers and the regulator must be seen as a mandatory, essential component of the NN framework under all circumstances, we believe disclosures to the general public would also be valuable as this will enable potential consumers to make informed decisions as to their choice of TSP after weighing all available options in an exhaustive manner. As the end-users’ expectations from Internet services will see wide variance from person to person depending on their individual use-cases, having easy access to all relevant information as mentioned above would prove greatly beneficial to the general public.

Disclosures to existing consumers and the general public must be made in formats prescribed by Information Disclosure Templates issued by the regulator, such as that included in Chapter V of this consultation paper. These should be prominently displayed at all points-of-sale as well as on the websites of all TSPs in an easily accessible manner. As the regulator would require a higher-standard of disclosure with granular detail on all practices adopted by the TSP, a more detailed format for disclosures to the regulator may be stipulated. In addition, we also recommend that the regulator publishes a layman-friendly guide to enable end-users without technical knowledge to easily grasp relevant details from the information disclosures made by TSPs. The UK’s Office of Communications has published a layman’s guide to traffic management7,which could serve as a point-of-reference for such an effort.

 

Q.9: Please provide comments or suggestions on the Information Disclosure Template at Table 5.1? Should this vary for each category of stakeholders identified above? Please provide reasons for any suggested changes.

With respect to the Information Disclosure Template, we would recommend that the section soliciting information on application specific traffic management be omitted, since all permissible TMPs must necessarily be application agnostic as discussed previously. Perpetual blocking and/or prioritization of particular services, content, applications, or products, other than in compliance with legal obligations, would constitute unreasonable TMPs that must be prohibited under relevant regulations. Solicitation of information on these counts would therefore be unnecessary, and may accordingly be removed. In addition, if fields under “Application specific traffic management” are removed, the head “Application agnostic traffic management” may be renamed to “General traffic management” so as to better distinguish it from “User triggered traffic management”.

We would also recommend that under the head of “Application agnostic traffic management”, or “General traffic management” as applicable, the field that currently reads “Specify type of traffic (e.g. audio streaming, video streaming, P2P downloads etc.)” be expanded to individually account for all categories of traffic outlined in response to Q.4(b) i.e. browsing, P2P, email, IM, VoIP, music streaming, video streaming, music downloads, video downloads, online gaming, and software updates. In other words, TSPs may be asked to specifically state whether any such traffic categories are actively managed during peak hours, and if yes, to what extent and in what manner. This will ensure that subscribers and the general public are provided a more detailed insight into the TMPs deployed by TSPs, and it will also impose an additional layer of accountability on TSPs on account of their unambiguous declarations as to the nature of TMPs deployed as against specific traffic categories.

 

Q.10: What would be the most effective legal/policy instrument for implementing a NN framework in India?

  1. Which body should be responsible for monitoring and supervision?

  2. What actions should such body be empowered to take in case of any detected violation?

  3. If the Authority opts for QoS regulation on this subject, what should be the scope of such regulations?

We submit that the ideal instrument for implementing a NN framework in India would be an exhaustive Regulation issued by TRAI in exercise of powers conferred under Sections 36 and 11 of the Telecom Regulatory Authority of India Act, 1997. In addition, the Authority may also recommend amending the service licenses granted by the Department of Telecommunications to TSPs, so as to incorporate the core principles of NN into said licenses. A legislation enacted by the Parliament is yet another option to implement a NN framework in India, but in light of the significant delays involved in enacting such a legislation and updating it to keep up with evolving technologies, we consider a Regulation by TRAI coupled with amendments to TSP licenses to be the ideal instrument in the Indian context. Moreover, TRAI has the added advantage of having engaged in an extensive public consultation process specifically on NN, and is therefore most well-placed to implement a NN framework that addresses all stakeholder concerns.

While we do have an existing regulation on discriminatory tariffs, the said regulation addresses only one of the several issues pertaining to the Paid Prioritization or preferential treatment while leaving a host of other issues such as blocking and throttling unaddressed. Moreover, under the power given to the authority under the TRAI Act, another regulation on discriminatory QoS can also be put in place. But none of them will provide for a single window solution to all the problems emanating out of the violations of the core NN principles. Advancement in technology or a detection of a new anti-NN practice shall result in amendment in not just one but a multitude of places. Therefore, the most appropriate approach to this problem would be to put in place an umbrella regulation on NN, with bright line rules on blocking, throttling or preferential treatment, covering all the aspects of NN, incorporating in it the existing regulations on discriminatory tariff, provisions relating to QoS standards and the transparency measures to be undertaken.

  1. The ultimate body responsible for monitoring and supervision should be TRAI. As NN violations require a very close and robust monitoring mechanism, this function can be delegated to a specialized cell within TRAI, established specifically for this purpose. Such a body shall look closely into the NN violations, identify the tests and tools that need to be adopted to detect such violations and in case of detection of any such violation, take necessary actions to address the same.

  2. Taking appropriate action in the event of detection of any NN violation is the most pertinent step towards ensuring compliance to the NN regulations. Imposition of penalties is one of the most effective tools which facilitate efficient enforcement of the rules. It serves as a deterrent and a dissuasive action. Thus, the regulatory authority should be empowered to impose heavy penalty or fines on the ISPs in order to deter them from indulging in such violative practices. Moreover, in cases of severe and repeated violations, stringent measures such as suspension of the ISP license for a limited time period or final cancellation thereof can be undertaken.

  3. The ultimate aim of these regulations is to promote and protect consumer interests and to encourage competition among the service providers. Though we do not recommend laying down separate QoS regulations on this matter, if opted for by the authority, such regulations should provide for the minimum QoS standards to be met by the ISPs to implement NN frameworks. For the purposes of ensuring NN, it should include bright line rules to prevent blocking, throttling or preferential treatment. It should further provide for the reporting and publication procedures to ensure transparency and an effective enforcement mechanism.

 

Q.11: What could be the challenges in monitoring for violations of any NN framework? Please comment on the following or any other suggested mechanisms that may be used for such monitoring:

  1. Disclosures and information from TSPs;

  2. Collection of information from users (complaints, user-experience apps, surveys, questionnaires); or

  3. Collection of information from third parties and public domain (research studies, news articles, consumer advocacy reports).

One of the biggest challenges in monitoring for violations of a NN framework could be detecting anti-NN practices deployed without public knowledge. For instance, if a TSP and a content provider were to enter into a discreet commercial arrangement, according to which the latter’s content is prioritized over competing content from others, it would be very difficult, and in some cases, impossible, for third-parties including regulators, competitors, and the general public to recognize the deployment of such an arrangement without express declarations from either the TSP or the content provider in question. Anti-NN practices like throttling and paid prioritization would be particularly susceptible to going undetected when compared to those like blocking of content, as any deteriorations or improvements in QoS may easily be attributed to routine network fluctuations rather than deliberate actions.

Whereas a robust framework of legally mandated information disclosures by TSPs and proactive review by the regulator of information sourced from users, third parties and the public domain would certainly disincentivize TSPs and affiliates from violating any applicable NN frameworks, we recommend that TRAI also conduct periodic audits of TMPs adopted by TSPs. TMPs that are actively deployed may be evaluated against disclosures made by TSPs to regulators, users, and other stakeholders, and those found to use undisclosed TMPs or disclosed TMPs in ways that exceed their stated scope may then be heavily penalized. Similar audits are already being conducted by the Authority with respect to QoS, where external agencies are contracted to audit TSPs for compliance with QoS mandates as laid out in various Regulations on the matter.8A comparable model of external audits may be adopted by TRAI with respect to NN.

 

Q.12: Can we consider adopting a collaborative mechanism, with representation from TSPs, content providers, consumer groups and other stakeholders, for managing the operational aspects of any NN framework?

  1. What should be its design and functions?

  2. What role should the Authority play in its functioning?

A collaborative approach for managing operational aspects of the net neutrality framework would be of immense benefit to its effective implementation. Inputs from various stakeholder groups such as Government, industry, civil society, academia, technical community, and end-users will not only provide a detailed insight into the operational aspects of the framework, but also help formulate effective solutions to any problems that may arise.

  1. The collaborative mechanism may be set up in the form of an NN Steering Group with multi-stakeholder participation. Representatives from the stakeholder communities mentioned above may be selected based on their merits and contributions in the field of law and technology. This Steering Group should be responsible for reviewing compliance with NN requirements, addressing technical difficulties in their implementation, facilitating exchange of information about reasonable TMPs, promoting innovation, and identifying current and emerging issues related to implementation of the NN framework. It should also be able to provide assistance to the authorities, suo moto or on request, on matters within its competence.

  2. The authority should only play an advisory role in its functioning. Its main function in the Steering Group should be to assimilate the information and recommendations so obtained and further process it towards effective policy implementation. The Steering Group should be able to provide a quick, non-Government driven platform which offers scope for open and meaningful discussions and solution-based approaches to the problems surrounding the NN framework.

 

Q.13: What mechanisms could be deployed so that the NN policy/regulatory framework may be updated on account of evolution of technology and use cases?

On account of the rapid rate of technological progress, it is crucial that laws and policies governing the use of technology keep pace with the technologies they seek to regulate. Failure to do so may result in the imposition of undue restrictions that in turn may hamper innovation and limit growth in the industry.

Implementing applicable laws and policies in a manner that is amenable to relatively frequent updates is an important first step in ensuring sufficient regulatory flexibility. Enforcing the NN regulatory framework as a Regulation by the Authority rather than an Act of the Indian Parliament would help keep procedural hurdles to a minimum when it comes to amendments. As neither the initial enactment nor subsequent updates would need to follow Parliamentary procedure involving assent from Lok Sabha, Rajya Sabha, and the President, this would significantly reduce the amount of time required to translate regulatory changes from ideation to implementation, so that the very purpose of effecting said changes are not rendered moot by the time they are actually implemented.

The Authority may also rely on the multi-stakeholder community to be made aware of the need for regulatory reform. A NN Steering Group as discussed in response to Q.12 could play an integral role in collecting stakeholder feedback and conveying them to the Authority in a timely manner. The Steering Group would be well-placed to hold periodic meetings to go over current and emerging issues surrounding the NN framework, and it would also have the benefit of being informed by a direct multi-stakeholder consultation process. The Authority’s own active involvement in such a Steering Group would further enhance its utility as a means to rapidly implement necessary regulatory changes when necessary.

In addition, the Authority may consider providing other platforms for public feedback on both conceptual and operational aspects of the NN framework. An open forum where the general public may submit their views on any aspect of the NN framework would allow the Authority to get a sense of the most common concerns and recommendations related to NN, which could then be used to initiate reviews of the NN framework based on a more detailed public consultation process such as the present Consultation Paper. Periodic in-person meetings with representatives from each stakeholder group i.e. Government, industry, civil society, academia, and the technical community is yet another way in which the Authority could keep abreast of the need for regulatory reform.

 

Q.14: The quality of Internet experienced by a user may also be impacted by factors such as the type of device, browser, operating system being used. How should these aspects be considered in the NN context? Please explain with reasons

Device, browser, and Operating System (OS) deployed at the user-end can all impact the quality of Internet services. With user-end devices for instance, type of processor, hard disk, network and graphics cards, available RAM, all impact the speed at which the computer processes Internet data. Similarly, corrupted or poorly configured browsers may slow down Internet speeds, and multiple add-ons to the browser can also negatively affect Internet speeds. Corrupted and outdated OS, and the presence of multiple applications running on the device without the user’s notice are yet other factors that tend to slow down Internet speeds. However, these aspects are unconnected to Net neutrality as these affect only the performance on the device and is not related to the network accessed by the user.

1 Brian Fung, Trump has signed repeal of the FCC privacy rules. Here’s what happens next, The Washington Post, April 4, 2017, available at: https://www.washingtonpost.com/news/the-switch/wp/2017/04/04/trump-has-signed-repeal-of-the-fcc-privacy-rules-heres-what-happens-next/?utm_term=.6d2f5977251a

See the FCC Report and Order dated November 2, 2016, available at: https://apps.fcc.gov/edocs_public/attachmatch/FCC-16-148A1_Rcd.pdf

David D. Clark, The Design Philosophy of DARPA Internet Protocols, COMPUTER COMM.REV., Aug 1988, p. 106

A view of traffic management and other practices resulting in restrictions to the open Internet in Europe is available at http://ec.europa.eu/newsroom/dae/document.cfm?doc_id=2039

5 Campaign for Democratic Media, Initial Comments on Review of the Internet Traffic Management Practices of Internet Service Providers, February 23, 2009, available at: http://www.globalmediapolicy.net/sites/default/files/Argument_-_CRTC-PN2008-19_-_FINAL_-_23Feb2009.pdf

See https://www.measurementlab.net

7 Ofcom, A Guide to Internet Traffic Management, September 2013, available at: https://www.ofcom.org.uk/__data/assets/pdf_file/0012/6042/traffic.pdf

Financial Times, BSNL to Rope in Independent Agency for QoS Audit, January 26, 2004, available at: http://www.financialexpress.com/archive/bsnl-to-rope-in-independent-agency-for-qos-audit/98259/

All Posts | Jan 14,2017

TRAI Open House Discussion: Proliferation of Broadband through Public Wi-Fi Networks

On January 9, 2017, the Telecom Regulatory Authority of India held an Open House Discussion (OHD) on its September 2016 consultation paper titled “Proliferation of Broadband through Public Wi-Fi Networks”. The discussion was held from 11:00 AM – 1:30 PM at the India Habitat Centre, New Delhi, and was attended by over 100 stakeholders from the Government, industry, civil society, academia, and technical communities. R S Sharma (Chairman, TRAI), Anil Kaushal (Member, TRAI), and Arvind Kumar (Advisor, Broadband & Policy Anaysis, TRAI) were also present at the discussion.

The consultation paper had invited comments on a set of thirteen questions covering such issues as policy/regulatory challenges, measures to encourage interoperability, technical challenges (login and authentication, payments etc.), and preferred models for large-scale deployment of public Wi-Fi services in a bid to provide easy and affordable broadband access to the general public. At the OHD, oral comments were invited from attending stakeholders on all thirteen questions in three batches.

Over the course of the discussion, a number of submissions were made regarding the core issues raised by TRAI. Whereas some stakeholders proposed that providers of public Wi-Fi services be brought under a licensing framework similar to that currently governing telecom services, others were of the view that a license regime would impose overly burdensome compliance requirements on licensees, effectively excluding smaller players from the market. Other related suggestions included bringing public Wi-Fi providers under a simplified licensing regime (class licenses for instance), having them register as Other Service Providers, and having them register with a licensed aggregator rather than obtaining individual licenses.

Network backhaul was highlighted as another key area of concern by industry stakeholders. Though the Department of Telecommunications had introduced the much anticipated Right of Way Rules in November 2016, it was submitted by some that the approval process under the new Rules is still too cumbersome, and that the Rules lacked clarity on certain aspects such as installation of street infrastructure. It was also suggested that currently applicable artificial restrictions such as the cap on EIRP (Equivalent Isotropically Radiated Power) and height of mast be relaxed, and that additional spectrum bandwidths (5.1 – 5.3 GHz, TV white-spaces) be delicensed to ease backhaul extension.

Regarding login and authentication issues, it was said by some stakeholders that current KYC (Know Your Customer) requirements are too stringent to permit smooth functioning of public Wi-Fi services and need to be simplified. It was also pointed out that tourists and outstation users are often prevented from accessing public Wi-Fi services due to these requirements. Making visa databases accessible to service providers and allowing this information to form the basis for e-KYC processes was suggested as a potential solution to this challenge.

After hearing the stakeholder comments on the consultation paper, TRAI officials said an official set of recommendations on public Wi-Fi would be published within 20 – 25 days. These recommendations would take into account all submissions, written and oral, and attempt to lay out a balanced road-map for maximizing broadband access through the use of public Wi-Fi services.

All Posts | Jul 14,2016

Counter Comments to the Consultation Paper on Free Data

Following our initial comments on the Consultation Paper on Free Data, below are our set of counter comments that serve as responses to the comments made by TSPs and TSP associations. Though a number of substantive proposals have been made in response to the Consultation Paper, owing to the large volume of comments, we have identified some common themes found across the submissions made by major TSPs and TSP associations and presented our responses accordingly.

Return to the differential pricing debate

While proposing potential models for provision of free data, several TSPs and TSP associations have highlighted differentially priced models including zero rated models as being best suited for the purpose. TSPs including Bharti Airtel, while arguing in favor of zero rated models, have even suggested that any anti-competitive concerns can be addressed by mandating TSPs to clearly disclose rate cards for sponsoring data on their respective platforms as well as by enforcing a framework to protect edge providers from denial-of-service by any TSP. A number of TSPs have even portrayed through their responses that zero-rated models are necessary for digital inclusion, and should be promoted rather than prohibited.

The TRAI has notified the Prohibition Of Discriminatory Tariffs For Data Services Regulations, 2016 after considering the opinions of all stakeholders. The TSPs are trying to re-agitate the issue which has already been decided. This consultation on free-data should be limited to that and cannot be used as a means to reopen the discussion on discriminatory tariffs. The Discriminatory Tariffs Regulations not only prohibit such kind of practices but also safeguard the neutral nature of the Internet. We would like to reiterate that research has shown that access to Internet provides individuals and firms a vital resource that facilitates innovation, learning and efficiency, all of which lead to greater productivity and thus, greater economic growth.

This is the reason that even our Government has recognized the importance of Internet and started the Digital India Initiative that seeks to digitally empower our Indian society. But any kind of positive impacts associated with the Internet would not reach our citizens if we are unable to maintain the neutral character of the internet. Zero-rated models, other such service arrangements and differentially priced models though aim at proliferating access are in reality detrimental to the Internet itself.

Various TSPs and TSP Associations in their responses, have also disapproved the need to have a TSP agnostic platform. They have given various reasons in support of their argument such as TSP agnostic platform gives more rights to private party than a licensed party1 and would mean indirect licensing and lead to content providers becoming passive telecom service providers.2 Other reasons given include that there is no guarantee that a TSP agnostic platform will not act as Gatekeeper, as the owner of the website who has commercial interest will be the only interested party to promote his website.3

This perception seems to stem from the fear that a TSP agnostic platform will mean that the TSPs’ own commercial interests will suffer at the hand of OTT players that are “unregulated” and have thus, suggested various models by which OTT Players are either more “regulated” or revenue sharing happens with the TSPs, so that the they may also get their piece of the pie. Some such models include Bharti Airtel’s “Technical Aggregator Model” where TSPs will participate on “FRAND” terms or VAS model wherein the OTT players, like VAS providers will integrate their system with TSPs and work on a revenue share model or Vodafone’s “two-way charging models” under which operators and content providers implement bilateral agreements that’ll govern what benefits are provided to the customers.

However without going into the merits and demerits of specific models, we would like to submit that the various models that are being mooted for in different responses by TSPs and TSP Associations are a rehash of the “Sender Pays” Principle mooted by the European Telecommunication Network Operators Association (ETNO) which was rejected by even by the European Governments at the World Conference on International Telecommunications held at Dubai in December 2012. Such a proposal was even rejected by the Industry representatives from India. However, these models discussed in the consultation paper will in effect result in the sender paying for the data consumed by the user while accessing the website of the sender. Such an approach will change the open nature of the Internet and the permissionless innovation ecosystem that resulted in the growth of the new digital economy. ‘Sender pays principle’ will only help the incumbents and the TSPs and will adversely affect the interests of the startups as well as the users.

 

Regulation of OTT services

It is also submitted that OTT players are not the same as VAS providers and other players cited in the various submissions and they do not need to be regulated further or in the same way as TSPs. The comparison made in various submissions between OTT players and VAS providers comes from an over simplified and superficial view that OTT players and VAS providers function in similar ways. But the fact is that VAS providers were giving out a bunch of services tightly coupled with the core services provided by the TSPs. However, their functionality and access was dependent on a particular TSP, which is not the case with the OTT players as they can be accessed from any TSP or ISP for that matter, which increases their availability. Moreover, in terms of technology there is not much in common between the VAS providers and OTT players, with the former becoming more or less obsolete.

Similarly OTT players are different from TSPs because communication services offered by OTTs and TSPs differ in terms of functionality, in that the former’s reliance on existing networks for content delivery enables them to bundle additional services such as multimedia file transfer, location based services and so on with their primary service offerings. In light of the functional and architectural differences that exist between communication services provided by OTTs and TSPs, efforts at introducing additional regulatory frameworks aimed at leveling the regulatory playing field with respect to fundamentally different business entities would prove to be counter-productive and serve only to stifle innovation and healthy competition in a free market environment.

Moreover, OTT communication service providers are already regulated by a number of general and specific legislations that prescribe numerous general, technical, financial and security related conditions that OTTs must necessarily comply with. Some of the existing legislations that apply to OTTs are:

  • Information Technology Act, 2000

  • Consumer Protection Act, 1986

  • Payment and Settlement Systems Act, 2007

  • Indian Copyright Act, 1957

  • Income Tax Act, 1961

  • Customs Act, 1962

  • Central Excise Act, 1944

  • Foreign Exchange Managements Act, 1999

  • Prevention of Money Laundering Act, 2002

As OTTs are already regulated under the above legislations, we submit that additional regulatory frameworks would be excessive and would hinder the growth of the OTT service industry. We feel the purpose of ensuring comprehensive regulation of OTTs would be better served by a review of how the existing regulations apply to OTTs and making necessary amendments based on the findings, rather than establishing a dedicated regulatory framework from scratch.

Regulations and laws prevailing over telecommunication services such as entry fees, spectrum allocation and charges, tariff regulations etc. cannot be imposed on OTT services for the reason that regulation of websites and applications provided on the Internet would have a direct impact on start-up companies and new entrants who will be forced to comply with regulatory costs notwithstanding the cost of setting up the website in the first place which is very low or even negligible.

The Internet provides an opportunity to everyone, be it college students who are constantly coming up with great, innovative business ideas and even people in rural areas who are able to sell their products on the internet. Over-regulation would mean a loss of all such opportunities and a sudden hindrance to innovation.

Conclusion

To conclude, we reiterate that it does not matter whether the platform used to provide free data services is TSP-agnostic or not. In fact, the premise for the idea of a TSP agnostic platform seems to be that such a platform cannot result in greater control for the TSP and will prevent the TSP acting as a gatekeeper. However, the free data models suggested will result in the bigger players controlling access. In such a scenario, instead of the TSP acting as a gate-keeper, various platforms offering free data will act as gate-keepers.

The Internet is a great leveler and gives options for any service or startup to compete with an established player. But if the bigger players are allowed to control the access of users and user behavior by any means, whether through a rewards platform or through a zero rating service this will result in changing the nature of the Internet. Such approaches will destroy the permission-less innovation feature of the Internet that has resulted in startups like Google and Facebook succeeding.

As per Professor Tim Wu, known among others for his coinage of the term “network neutrality”, models of development must not vest control in any initial prospect-holder, private or public, who is expected to direct the optimal path of innovation, minimizing the excess of innovative competition.4 The argument for net neutrality therefore, is anchored in the protection of certain core characteristics of the Internet that have played central roles in making it a quintessential tool for information exchange in the 21st century, and any understanding of net neutrality that attempts to shift focus from this fact must be seen as subversive.

Thus, any model, irrespective of it being TSP agnostic or not, as long as it is in harmony with the basic tenets of net neutrality and complies with the Prohibition of Discriminatory Tariffs for Data Services Regulations, 2016, by not differentiating on the basis of content and providing complete open access to the the full Internet and not parts of it will work in this context.

All Posts | Jul 05,2016

SFLC.in’s Comments on the TRAI Pre-Consultation Paper on Net Neutrality

The Telecom Regulatory Authority of India (TRAI) on May 30, 2016 published a Pre-Consultation Paper on Net Neutrality, inviting stakeholder comments on 6 broad questions including the core principles of net neutrality, permissible traffic management techniques that may be adopted by Internet service providers, the ideal regulatory approach to net neutrality, and relevant privacy and national security considerations to be borne in mind while speaking of net neutrality from a regulatory standpoint. The core issues involved were largely similar to those from TRAI’s previous consultation paper on regulation of Over-the-Top service providers. SFLC.in submitted its set of responses to the Pre-Consultation Paper along with a concept not in support of the submission. The full text of our responses can be accessed here, and the concept note can be viewed here.

All Posts | Jul 01,2016

SFLC.in’s Comments on the TRAI Consultation Paper on Free Data

On 19 May, 2016 the Telecom Regulatory Authority of India floated a Consultation Paper on Free Data, inviting stakeholder comments on the need for a Telecom Service Provider agnostic platform to provide free Internet to the under-privileged, the need to regulate such platforms, and whether free data needs to be provided over fixed-line broadband in addition to mobile Internet services. Below is the full text of our comments submitted before TRAI:

Question 1: Is there a need to have TSP agnostic platform to provide free data or suitable reimbursement to users, without violating the principles of Differential Pricing for Data laid down in TRAI Regulation? Please suggest the most suitable model to achieve the objective.

The United Nations Special Rapporteur on the promotion of the right to freedom of opinion and Expression, Frank La Rue in his 2011 report has stated that “Given that the Internet has become an indispensable tool for realizing a range of human rights, combating inequality, and accelerating development and human progress, ensuring universal access to the Internet should be a priority for all States. Each State should thus develop a concrete and effective policy, in consultation with individuals from all sections of society, including the private sector and relevant Government ministries, to make the Internet widely available, accessible and affordable to all segments of population”.1 Thus, we as a nation have to take steps to ensure greater Internet access to the entire population.

Research shows that access to Internet provides individuals and firms a vital resource that facilitates innovation, learning and efficiency, all of which lead to greater productivity and thus, greater economic growth. The positive impacts associated with the Internet are possible because of the neutral nature of the Internet. According to Tim Wu, “the argument for net neutrality must be understood as the concrete expression of a system of belief about innovation, whose adherents view the innovation process as a survival-of-the-fittest competition among developers of new technologies”.2

We believe that improving access is important, however the method adopted for it should be in tune with the principles of Net Neutrality and should make available the entire Open Internet to the users and not a select bouquet of services. So long as the entire Internet is made available and there is no discrimination of services or websites on the basis of content, it does not matter whether the platform used to provide free data services is TSP agnostic or not. In fact, the premise for the idea of a TSP agnostic platform seems to be that such a platform cannot result in greater control for the TSP and will prevent the TSP acting as a gatekeeper. However, the free data models suggested in the paper will result in the bigger players controlling access. In such a scenario, instead of the TSP acting as a gate-keeper, various platforms offering free data will act as gate-keepers.

The Internet is a great leveler and gives options for any service or startup to compete with an established player. However, if the bigger players are allowed to control the access of users and user behaviour by any means, whether through a rewards platform or through a zero rating service this will result in changing the nature of the Internet. Such approaches will destroy the permissionless innovation feature of the Internet that has resulted in startups like Google and Facebook succeeding.

As per Tim Wu, models of development must not vest control in any initial prospect-holder, private or public, who is expected to direct the optimal path of innovation, minimizing the excess of innovative competition.3 This innovation theory is embodied in the end-to-end network design argument, which in essence suggests that networks should be neutral as among applications.4 The design of the Internet Protocol follows this end-to-end principle and this has ensured the success of the Internet.

The Prohibition of Discriminatory Tariffs for Data Services Regulations, 2016 embodies the principles of net neutrality in this context that it “mandates that no service provider shall offer or charge discriminatory tariffs for data services on the basis of content, and also no service provider shall enter into any arrangement, agreement or contract, by whatever name called, with any person, natural or legal, that has the effect of discriminatory tariffs for data services being offered or charged to the consumer on the basis of content.”5

Thus, any model, irrespective of it being TSP agnostic or not, as long as it complies with the above regulation, by not differentiating on the basis of content & providing complete open access to the the full Internet and not parts of it will work in this context. Zero rating models do not contribute much to access. Research done by the Alliance for Affordable Internet shows that “88% of people using zero-rating responded that they had used the Internet before using the zero-rated plan. This means that only 12% of zero-rating users surveyed started using the Internet with their zero-rated service.” The study also reveals that “when asked what condition would be most acceptable to get “free data” or zero-rated data, a majority (82%) of users prefer to have the “free plan” valid for a short time or with a data cap, with no restriction on the websites and applications that can be accessed”.6 Thus, compared to free data plans that give restricted access or benefits for accessing parts of the Internet, a free plan that provides access to the Internet is more beneficial.

For the purpose of answering the question we have done an analysis of the suggested models, if they are compliant with the current regulation, their pros & cons and other alternative models that may be used.

1. Reward based model

The reward based model will result in allowing the bigger players to control user behaviour by rewarding users for accessing their websites and services. This will be used as a method to subvert the restriction preventing discrimination of websites and services enshrined in the Prohibition of Discriminatory Tariffs for Data Services Regulations, 2016. Thus, the harm that the Regulations tried to prevent will manifest in another form. In this model, the users will be forced to use the websites and services that provide them rewards or data recharges. This will be to the detriment of other competing websites and services. In this model, the end result is the content provider paying for the data consumed by the end user. Instead of a direct transfer in the case of a TSP owned platform, the money gets routed to the TSP through another platform.

2. Don’t Charge or Toll-free API Model

This model is a Zero Rating model where the players with deep pockets will make their sites available for free. By adding an entity in between the TSP and the content provider does not change the nature of this tie-up and has the same effect as the content provider entering into a tie-up with the TSP. This is clearly in violation of the Prohibition of Discriminatory Tariffs for Data Services Regulations, 2016. In this model also, the payment gets routed from the content provider to the TSP.

3. Direct Money Transfer

This approach can be used only if the Direct Money transfer is controlled by the Government as a means for providing data to the less privileged sections. However, this should not be an option for private players to reimburse users for accessing their websites. If private players are allowed to reimburse users, then it will again be a case of content based discrimination, where a few sites, mainly the bigger players will get to control user access and user behaviour. Moreover, identifying users for the purpose of direct money transfer will also result in the violation of privacy rights of users.

The illustrations given below shows that the suggested models in the consultation paper are in effect the zero rating model which was sought to be prevented by the Differential Pricing Regulation.

Zero Rating Flow ChartToll Free Flowchart

Reward based FlowchartDBT Flowchart

The above models are a rehash of the "Sender Pays" Principle mooted by the European Telecommunication Network Operators Association (ETNO) which was rejected by even by the European Governments at the World Conference on International Telecommunications held in Dubai in December 2012. Such a proposal was even rejected by the Industry representatives from India. However, these models discussed in the consultation paper will in effect result in the sender paying for the data consumed by the user while accessing the website of the sender.

Suggestions

We believe that any approach for providing free data should make available the entire open Internet to the user and should also not tamper with the principles of net neutrality that allow for competition and prevents discrimination.

FREE PACKS WITH A CAP ON VOLUME OF DATA

This is one of the versions of “equal rating” system rooted by Mozilla Foundation’s chairwoman Mitchell Baker.7 Each user gets a free pack each month for their internet usage, independent & on top of their own existing internet packs that they may or may not have. The free pack has a cap on the volume of data, like 500 MB per month. Similar model8 has already received success, wherein Mozilla has partnered with Orange in African and Middle Eastern countries where users purchasing a $40 (USD) Klif phone (which runs on the Firefox operating system) receive unlimited talk, text, and 500 MB a month for 6 months.

ADVERTISEMENT SUPPORTED DATA PACKS

This is another version of “equal rating” system. This model supports the creation of revenue for the TSPs through advertisements. Users are given certain data credits for watching them while browsing the internet. Mozilla has seen quite a success in Bangladesh wherein “the foundation has been working with Grameenphone (a Telenor-owned company) in Bangladesh where users can receive 20MB of unrestricted data per day after watching a short ad in the phone’s marketplace.”9

FREE PACKS USING 2G NETWORKS

This model provides the entire internet, with no restriction on volume or content, but operates on a 2G network. Thus, effectively this model makes the 2G Network a generic low-speed zero rated mobile network.10 This model is better for ISP bandwidth usage and easy on infrastructural demands.

FREE WI-FI HOTSPOSTS, COMMUNITY CENTRES, IN-TRANSIT MODEL

This method would enable people to access the Internet in public places by creating Wi-Fi hotspots from a single connection. Government, TSPs and Other Companies can jointly collaborate with certain venues like libraries, schools, gram-panchayat offices, railway stations, airports, public transportation systems & cabs to provide Wi-Fi connectivity & free internet to the public. Along with providing free Wi-FI, some of these venues can even act like community centres aimed at being a forum for digital literacy. Companies/TSPs paying for the data can get a 'brought to you by' attribution like the free pack or equal rating model & it can even be counted towards its CSR initiative.

 

Question 2: Whether such platforms need to be regulated by the TRAI or market be allowed to develop these platforms?

We think that a “mixed economy” approach will be better suited for such kind of platforms. Allowing market to develop such platforms can lead to innovative models. However, lack of regulatory oversight and complete reliance on market forces will lead to collapse of such models, lead to anti-competitive effects and will result in violation of the principles of net neutrality. Thus, a mixed economy approach that focuses on both innovation & net neutrality should be the way forward. As mentioned in our answer to the previous question any free data model should provide the entire open internet and should not be limited to a select bouquet of sites.

 

Question 3: Whether free data or suitable reimbursement to users should be limited to mobile data users only or could it be extended through technical means to subscribers of fixed line broadband or leased line?

Broadband is defined, as per Notification No. S.O. No. 4-4/2009-Policy-I dated July 18, 2013 issued by the Department of Telecommunications, as a data connection that is able to support interactive services including Internet access and has the capability of the minimum download speed of 512 kbps to an individual subscriber from the point of presence (POP) of the service provider intending to provide Broadband service.

As indicated by TRAI's Indian Telecom Services Performance Indicators report for the quarter October – December 2015, out of the 331.66 million Internet subscribers in India, 311.69 million subscribe to mobile Internet services, while a mere 19.98 million subscribe to fixed-line Internet services.11 In other words, roughly 94% of Indian Internet users access the Internet through their mobile devices, leaving around 6% as fixed-line Internet users, indicating a clear preference for mobile Internet services over fixed-line amongst Indian Internet users.

Moreover, the access and billing patterns of mobile and fixed-line Internet see wide variance between each other. Whereas the owners of all Internet-capable phones will have on-demand Internet access built into their subscription plans by default, fixed-line Internet requires prospective customers to approach service providers and purchase dedicated data plans along with the requisite customer-premise equipment such as modems and/or routers. In the absence of volume-based data plans, mobile Internet charges are levied on the basis of data consumed in given billing cycles.

Fixed-line Internet subscriptions on the other hand, follow multiple billing systems, where subscribers are able to choose from both data-capped and uncapped plans. Subscribers of the former category are generally allotted monthly quotas of high-speed data, upon the exhaustion of which additional charges are levied according to the subscribers’ data use. Data-uncapped plans allot subscribers fixed quotas of high-speed data, upon whose exhaustion Internet speeds are restricted to baseline broadband levels albeit with no additional costs relative to data consumption. There are substantial costs to be borne by the customer in procuring a fixed-line Internet connection including equipment costs, installation charges, monthly rentals and the data charges themselves. As a result, any customer who is in a position to procure a fixed-line Internet connection to begin with will derive little to no value from free-data and reimbursement initiatives, where the amount of Internet use enabled by such initiatives will inevitably be significantly lesser than their paid counterparts.

For the above reasons, it is our submission that any initiative aimed at bringing Internet access to those unable to afford the relatively high cost of data should focus on the mobile Internet rather than fixed-line Internet services. However, it must also be borne in mind that any future regulation concerning free-data or reimbursement initiatives must make no distinction between Internet access via mobile as opposed to fixed-line services. The Internet is the Internet irrespective of the mode of access, and there must be no differences in its regulatory treatment in this regard. Regulations are necessary for both mobile and fixed-line Internet services to avoid gamesmanship designed to avoid the Regulations against differential pricing promulgated by TRAI, and the regulator must consider if practices that invariably harm the open Internet work similarly on mobile or fixed-line services.

 

Question 4: Any other issue related to the matter of consultation.

In the Prohibition of Discriminatory Tariffs for Data Services Regulations, 2016, the proviso to Section 3(2) exempts data services provided over “closed electronic communications networks” (CECNs) from the general prohibition on differentially priced data services. While the proviso does make it clear that the prohibition would still apply if CECNs are leveraged in such a manner as to circumvent it, some industry players and consortia have been observed attempting to obfuscate this understanding by claiming a lack of clarity as regards the ambit and application of the proviso.

We wish to submit that the Regulations in general and the proviso to Section 3(2) in particular are both well-grounded in reason, and leave no room for ambiguities in their interpretation. As per the Regulations, differentially priced data services offered over the open Internet stand prohibited at all times, whereas such pricing arbitrages in internal CECNs that are separate and distinct from the open Internet will be allowed and will attract no financial disincentives from the regulator. Attempts at circumventing this regulatory premise are easily identifiable as such – offering content from particular content providers at discounted rates over a CECN to the subscriber base of a TSP for instance, is a clear circumvention of the prohibition on differential pricing.

That being said, we submit that it would nevertheless be beneficial in the interest of precluding further efforts at obfuscation and compromise to clearly outline the scope of exemption under Section 3(2) by way of illustrative examples of both permitted and prohibited uses of CECNs as a means of data delivery at differential tariffs.

We reiterate that TRAI is the apposite sectoral regulator for the telecommunications industry, and having already laid down a model Regulation against differentially priced data services, the focus going forward must be on ensuring its sound implementation rather than entertaining unfounded exhortations for its reconsideration.

 

Footnotes

1The report is available at http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_en.pdf

2Tim Wu, Network Neutrality, Broadband Discrimination, Journal on Telecom and High Tech Law, available at:

http://www.jthtl.org/content/articles/V2I1/JTHTLv2i1_Wu.PDF

3Ibid.

4J H Saltzer et al., End-to-End Arguments in System Design, available at:

http://web.mit.edu/Saltzer/www/publications/endtoend/endtoend.pdf

5 Regulation 3, Chapter II of The Prohibition of Discriminatory Tariffs for Data Services Regulations, 2016

6 The report is available at http://a4ai.org/is-zero-rating-really-bringing-people-online/

7Mozilla’s Mitchell Baker offers alternatives to zero-rating for Internet services -

http://www.medianama.com/2015/05/223-mozillas-mitchell-baker-offers-alternatives-to-zero-…

8https://blog.mozilla.org/blog/2015/03/01/firefox-os-proves-flexibility-of-web-ecosystem/

9Supra 10

10https://manypossibilities.net/2014/11/a-better-approach-to-zero-rating/

11Telecom Regulatory Authority of India, Indian Telecom Services Performance Indicator Report for the Quarter ended December, 2015, May 18, 2016, p. ii, available at: http://www.trai.gov.in/Content/PerformanceIndicatorsReports/1_1_PerformanceIndicatorsReports.aspx, last accessed on June 30, 2016

All Posts | Jan 20,2016

Free Basics Investigation

So while all of us were busy turning the consultation paper on differential pricing of data services put out by TRAI into a battle ground for Net Neutrality in India, on the sidelines, we decided to checkout Free Basics in action. So we got hold of a Reliance SIM card and a dying smart phone to take the free* ride.

Dear TRAI, Free Basics is Still Around

Reliance is defying TRAI's order to shut down Free Basics

We started off with the possible vanity of the attempt since TRAI had already asked Reliance Communications to put the Free Basics program on hold, and Reliance said it has complied. However, we were greeted with the welcome message and then the confirmation button to accept Facebook's terms, Data policy, cookies policy and privacy policy.

Welcome to Free Basics

Turns out, Reliance chose to carry on providing Free Basics on its network, openly violating the regulator's order to temporarily shut down the service. Neither is Reliance or Facebook informing its users about the order.

Websites on Free Basics

There are about 135 websites registered with Free Basics. A curated, most likely hand-picked list of 45 services is provided as soon as the app opens, and the rest of them are hidden under 'More Services'.

Primarily, these are information oriented websites like news, encyclopedia, guides and tips. Further, there are services like classifieds, blood donation etc.

To see the full list of services available on Free Basics, browse through the below gallery of screenshots.

For First-time Internet Users

There is one site that introduces users about the basics of Internet on a site that isn't particularly branded. Based on traffic analysis, we determined that the site is served from an IP on Reliance's network. There is a disclaimer in the footer denying responsibility for the accuracy of information on the site.

Wikipedia on Free Basics

The only website in Free Basics currently that allows users to become content creators is Wikipedia, except sending comments on news articles. Although we weren't able to get the comment submission form load up on TOI's articles.

The Wikipedia editing experience seems to be the same as editing it over a regular 3G network. Interestingly, Free Basics doesn't use Wikipedia Zero, the project from Wikimedia Foundation to provide free-of-cost access to Wikipedia. WMF has taken a stand on Net Neutrality different from that of its usual friends and allies in support of this project and its aims. Free Basics seems to be using the regular method of accessing Wikipedia based on (a) the URLs being requested and (b) the absence of the usual banner on top of Wiki articles which notify its users about free data usage.

Music and Video

There are no video sites like Youtube available through Free Basics. We were however able to use a music streaming service from Hungama.com which had exactly 4 songs available for free. Unlike the dynamic nature of their service on the 'full' website, the list on the free basic version seems to be a static one, which has the same 4 songs available for a few days that we have been observing.Any of the other links that offer more music, pop up a message notifying the user about going out of Free Basics and applicable charges for further usage.

This is an example of how Free Basics users could be subjected to inferior quality services. The warning about data charges being applicable for accessing anything beyond the meagerly available content, makes the user give a second thought before proceeding.

Free Basics Hungama Music Free Basics Hungama Exit

Personal Blogs

Some of the sites listed in Free Basics appear to be personal blogs of individuals. Here's a direct link to one such blog which appear as is on Free Basics.

Technical Details

The Proxy Server

We tried to understand how Free Basics handles the proxy setup to relay connections from partnering websites to the users.This is the proxy server which acts as the gateway to the Facebook's version of 'free and basic' Internet. This server

After clicking on the service from the list, the app sends a request to the proxy server over HTTP with the target website's URL and the further communication happens over SSL which we haven't been able to inspect so far. Watch out for more updates about this.

Free Basics Proxy Requests

Here's an example of how the proxy request is structured. These requests are sent to the proxy for every single resource required on a web page, like images, CSS styles, Javascript code etc.

Free Basics Proxy Requests

 

Data Usage

We used Free Basics for almost an hour exploring the content on its partner websites. We also streamed all the 4 'basic bollywood' songs from Hungama's website to account for some significant data usage. We checked the available data balance before and after the one hour period. The balance report from Reliance confirms that the data usage through Free Basics has been zero rated by Reliance. The data usage accounted by the phone towards Free Basics app was about 40MB during that period, while Reliance reported only a consumption of about 1MB (used by other apps on the phone during that period).

Data Usage Report from Reliance

Data Usage Report on Phone

Lifetime "Free" Facebook

Of course, when we were away, there were these promotional text messages once in a while from Reliance, informing us about zero-rated Facebook for lifetime.

Welcome to Free Basics

Watch out for more updates on this post, as we continue to find out more about Free Basics. Tweet to us @SFLC.in about what else you want to know.