Concerns with TRAI’s new WiFi Hotspot consultation

This week, the TRAI put out a consultation note (PDF) on “interoperable and scalable public WiFi networks”. Essentially, they want to vastly increase the number of WiFi hotspots in India, and this is something they have been working on since July. That month, they released their first consultation paper on this, asking the public for suggestions on how to get more hotspots rolled out in the country.

In this week’s consultation, the telecom regulator is proposing a complex payment-cum-verification system that requires all hotspot providers to register with the government, and allows users to access the hotspot only after they pay using a service that is tied to their Aadhaar number.

This model has worrying implications for privacy, and will also not make it easier for hotspot providers to operate freely.

Digital India goals should further online privacy

In India, hotspot providers are burdened by unnecessary, bureaucratic rules.

Such rules that prevent them from operating freely and economically. Even the underlying need such rules fulfill makes little sense. For example, every hotspot provider is required to authenticate the identity of a user before giving them internet access.

This system of verification only makes things harder for entrepreneurs to set up hotspots, and for people to access them. It is impossible for broadband to proliferate in any significant way if TRAI insists on applying ineffective and cumbersome regulations on those who wish to setup their own hotspot.

These rules also come at the cost of anonymity. The current KYC (Know Your Customer) regime essentially requires all users to verify their identity. This prohibition on anonymous communication is a violation of Indians’ freedom of expression. The UN Special Rapporteur on freedom of expression has also upheld the right to be anonymous while online.

Additionally, KYC measures are ineffective in preventing crime and terrorism, as tools like VPNs, TOR, and proxies can easily mask the identity of an Internet user.

Burdensome rules preventing growth

The KYC regime right now also requires specialized hardware and SMS costs, which only incumbent telecom operators can handle. No wonder, then, that these telecom operators suggested few changes, if any, in the existing system. In our counter-comment filing to the TRAI’s first consultation paper, we pointed out that India has lakhs of entrepreneurs who could invest in and benefit from a simplified WiFi hotspot regime.

We all recognise that pay-phones in the 20th century provided extra income to hundreds of thousands of businesses in India, and made the miracle of telephony available to the masses. Similarly, WiFi hotspots have the potential to truly unleash the benefits of the information age to everybody; not just those who can afford a broadband connection.

Reworking the WiFi hotspot regulations

In our filing, we recommended that KYC norms should be dropped, because they expensively and intrusively force users to authenticate their identity. We also suggested that the bureaucratic licensing regime surrounding WiFi hotspots should be relaxed.

This week’s consultation concerns us because it suggests that a burdensome and invasive authentication system is still being considered.

This not only brings concerns of costs and exclusion but also privacy given the constitutionality of the Aadhaar project, and its government-mandated use, is presently pending adjudication in the Supreme Court.

We hope that TRAI reconsiders their view on identity verification. We will advocate this to them in our response to the consultation note, and hope that they arrive at a decision that fosters innovation and protects the privacy of Indian citizens.

Internet Freedom Foundation online:

Twitter: @internetfreedom
LinkedIn: Internet Freedom Foundation

Share this post via: