TRAI mandate and statutory compliance for MSOs and ISPs

December 19, 2020 1:31 pm Published by

As more and more private service providers made an entry into the Telecommunication industry, the market felt that there was an immediate need for an independent regulatory body. In 1997, the Central Government in India felt that the responsibilities of regulating Telecom services which till then was under their supervision would be best managed by an independent regulatory body. Thus, came into being TRAI or Telecom Regulatory Authority of India, established with effect from 20th February, 1997 after an Act of Parliament was passed in the name of Telecom Regulatory Authority of India Act, 1997. The directives and statutes issued by TRAI largely addresses regulatory needs, tariffs, connectivity, service Quality and Governance of authority. The TRAI Act was however amended by an ordinance which was effective from 24 January 2000 which saw the establishment of a Telecommunication Dispute Settlement and Appellate Tribunal or TDSAT. This tribunal relieved TRAI of its responsibilities to handle disputes and took over TRAI’s adjudicatory functions.


The telecommunication sector in India has exhibited excellent signs of growth, which have been propelled by a never-seen-before demand from the consumer end and supportive and progressive policies from the Government supported by TRAI’s regulatory efforts. One of the major area where TRAI has focused their regulatory effort is to ensure that fair competition prevails among service providers. TRAI through this effort have been able to create a regulatory infrastructure that has ensured for consumers that they can avail telecommunication services at an affordable price. The growth is also dependent on the fact that TRAI along with the help of the government has made sustainable efforts towards the manufacturing of telecom equipment. The flow of funds have been steady as well as the deregulation of Foreign Direct Investment has contributed directly in the increment of FDI in the telecommunication sector. The telecommunications industry have been witness to exponential growth over the last few years and the growth has been achievable through affordable tariffs, wider availability, roll out of Mobile Number Portability (MNP), expanding 3G and 4G coverage, evolving consumption patterns and supportive policy and regulatory environment. India, at the moment is the second-largest telecommunications market in the world operating with a subscriber base that consist of 1.18 billion users. The growing mobile economy of India includes about 98% of all telephone subscriptions. As per a GSMA report, about 6.5% of India’s GDP is contributed by the telecommunications industry. The interesting part to note is that the percentage figure takes into account the economic activity that are being directly generated by mobile operators and an effect on the rest of the economy which is indirect in nature as a result of increased use of mobile technology by individuals and firms. The telecommunication industry is expected to contribute 8.2% to the GDP by 2020. Government policies heavily aided by TRAI’s regulatory efforts have seen the growth of Internet broadband connectivity in the country. Inclusive methods are being undertaken so that excellent connectivity in every Indian household enables access to exclusive public services.

Regulation on Cable Operators

At the beginning of the year TRAI amended provisions of their regulatory setup which were to come into effect from 1st March, 2020. One of the significant changes TRAI has brought about is that they have let consumers access a greater number of channels at the same network capacity fee or NCF. TRAI has also changed policy regarding NCF on secondary cable connections. A directive has been sent to operators that they are allowed a cap of maximum 40% charge to levy on secondary connections of the original NCF. Consumers who enjoyed the benefit of discounts on long term packs were affected by the amendments in the framework made by TRAI. TRAI in its latest directive has allowed cable TV providers to offer discounts on long term subscriptions that are for six months or more. TRAI has also directed cable tv providers to not change their base price of RS. 160.

TRAI’s efforts in Vulnerability Testing

In recent times, increased security threats have forced TRAI to put in special focus on Vulnerability Testing or Vulnerability Assessment. Vulnerability Assessment is a process of evaluation where security risks are checked in software systems to significantly decrease the probability of threat. TRAI have prioritized the security of systems over the years and so have set clear goals and objectives for a Vulnerability Assessment and Penetration Testing or a VAPT testing to take place. TRAI has also taken to clearly define the scope of assessment for better results along with gathering information and analysing it and planning accordingly. TRAI has the basic purpose of reducing the possibility of hackers getting unwarranted access to systems in mind while encouraging VAPT testing.

It is safe to say that TRAI’s regulatory efforts are encouraging growth in telecommunication sector and pushing India towards a sustainable environment in the telecommunication sector.

TRAI’s Directive on Minimum Baseline Security standard

TRAI has mandated through its’ various Circulars, Minimum Baseline Security standard are to be maintained by the ISP/Telecom providers.

 Salient Extracts of the above mandate is indicated below:

The Security objectives and the requisite controls to meet defined security objectives for Organizational setup, roles and responsibilities, Guidelines, Control, Training and Documentation

  • Information Security policy

  • Security architecture of Telecom network

  • Security Risk Management

  • Periodic evaluation of the Information security performance and effectiveness of the security management

  • Periodic auditing of Network (including VAPT) from security point of view

  • Business Continuity and Disaster Recovery

  • Data Protection along with Backup, retention and destruction policies

  • Incident Management

  • Periodic training, awareness program

  • Inventory Management and classification of information assets and their handling

More details on DOT Compliance on Cyber Security for the ISPs can be referred here.

Tags: , , , , , , , , , , , , , , , , , , , , , ,

Categorised in: , ,

This post was written by Prime Research Team

Comments are closed here.

WhatsApp WhatsApp us