We must prevent cloud cartels.

The TRAI invited comments on a consultation paper that suggested a framework for the registration of industry bodies for cloud services. We make our submission with concerns of jurisdiction, cartelisation and self-regulation.

06 December, 2019
2 min read

Tl;dr

The Telecommunications Authority of India (TRAI) invited comments up until December 4, 2019 on a consultation paper that suggested a framework for the registration of industry bodies for cloud services providers. IFF sent our submission which primarily questioned the mandate of the TRAI in creating such a framework; it then points out the concern of cloud cartelisation that would result out of regulation suggested and finally, the broader issue of self-regulation that appears to coat the essence of the paper.

The TRAI has no Jurisdication,

Cloud service providers ('CSPs') provide information technology services which are largely supervised by the Ministry of Electronics and Information Technology under the Information Technology Act, 2000. As these services use the telecom infrastructure which is regulated by the Indian Telegraph Act, 1885 and the Indian Telegraph Rules, 1951, the TRAI appears to use this to draw within its ambit the regulation of cloud services as well. However, our submissions emphasize on the distinction between the two and clearly state that any regulation should fall with the authority of MEITY to which the TRAI should not be able to frame binding directions.

Should not be allowed to create Cloud Cartels,

Having set out the authority, we looked closely at the suggestions put forth by the consultation paper; it indicates that cloud service providers should be regulated through not-for-profit industry bodies. This is a cause of concern as it involves registration requirements and even numerous conditions of which one specifies that only cloud service providers above a certain threshold are permitted to become a member. There is even a suggestion that the creation of industry bodies be based on the categories of cloud service providers.

Why is this a bad thing? The entire process of the creation of industry bodies for cloud service providers effectively brings to the fore the real possibility of cartelisation and its resulting anti-competitive effects. Our submission points out that the inclusion of entry and recurring fees which may be based on financial turnover will not only make it far more easier for large service providers to obtain better control over the market but will automatically exclude smaller providers from the same industry circles (especially those that financially constrained).

If you observe further, the paper also tends to only cater to industry bodies and the CSPs it includes, without considering its impact on the Indian consumer.

Or self-regulate

The established industry bodies have been recommended to curate a Code of Conduct that will aid in laying down mandatory standards and guidelines that CSPs will be required to adhere to. The essence of this code of conduct looks a lot like a self-regulatory mechanism. Irrespective of industry sector, our thoughts on self-regulation remain consistent; there is lack of legal form that binds any requirements put forth and the additional lack of formal oversight continues to be one of the major drawbacks.

While these major initial submissions were made, we informed that aspects such as data, cyber-security and consumer safeguards continue to remain concerns that require regulation by legal frameworks and cannot be goverened through self-regulation.

Important Documents

  1. Comments on the TRAI's Consultation Paper on Cloud Services (link)

Subscribe to our newsletter, and don't miss out on our latest updates.

Similar Posts

1
No place for tech: How digital interventions in NREGA are undermining rural social security

Mandatory digital ‘solutions’ introduced in the NREGA scheme by union and state governments, like Aadhaar-based payments, mobile monitoring apps, facial authentication and surveillance tools, are impinging on workers’ statutory rights and poking holes in the rural social security net.

8 min read

2
Into IT Standing Committee’s review of action taken by MeitY following its recommendations on citizen data security and privacy

This post breaks down the 55th report of the Standing Committee on Communications and IT, in which the Committee assesses the extent to which its recommendations on citizen data security and privacy were accepted and acted upon by the Ministry of Electronics and IT.

11 min read

3
Statement: Reportedly, IT Ministry looks to block Proton Mail on request of Tamil Nadu

Reportedly, the E2EE email service Proton Mail has received communication from MeitY regarding a potential block under S.69-A IT Act, at the request of the TN police over a hoax bomb threat sent to private schools in Chennai. 

1 min read

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!