There is still one major issue remaining from the Net Neutrality consultation paper which was issued on March 27th 2015: that of licensing and/or regulating online applications and services, and in its recent recommendation on Differential Access (Net Neutrality) yesterday, the TRAI has said that it will proceed with that next. The other ruling, on Differential Pricing(Net Neutrality) was released on Feb 8th 2017.

What’s notable in the recommendation yesterday is this statement, and keep in mind that OTT refers to Over The Top, and means the Internet. It’s a telecom phrase which refers to apps and sites accessed over telecom networks.

“While issuing these recommendations, the Authority has also decided to initiate a separate consultation process on questions relating to regulation of OTT service providers, including OTT communication services. This work will build on the information collected by the Authority in the prior consultations and include an investigation into questions relating to the potential market failures in that segment, the appropriate tools to address those failures and the costs and benefits of any possible regulatory interventions. Keeping in view the fast evolving nature of the sector and the changes that have taken place in the regulatory and policy framework since March, 2015, the Authority finds that it would be useful to have a separate consultation process on these issues. However, the inputs that have already been received in response to the March 2015 consultation paper will also be considered while examining these issues.” [Section 1.13, Page 6, “Recommendations on Net Neutrality“]

Our Take

This, effectively, is about the regulation of the Internet. There is no need for regulation of online services, and no need for a framework for regulation either. Online services are already governed by the IT Act. In addition to this, messaging and VoIP are integral to online services, and are integrated into several apps and services. Regulating them separately would force apps to break up, and lose the utility that exists with bundling. A separation of VoIP or messaging apps and treating them differently from either a pricing or a QoS perspective would violate the two TRAI Net Neutrality rulings, on Differential Pricing and Differential Access respectively.

A few things to keep in mind

1. The focus is likely to be on communication apps: While the TRAI has said that the consultation will focus on regulation on OTT service providers including OTT communications services, it’s likely that the push-back from the telecom operators will be on messaging and VoIP apps, which they believe are eating into their revenue. In fact, even among communication apps, the focus is more likely to be on VoIP.

2. Reliance Jio wanted registration of Internet messaging and VoIP services: It proposed a nominal entry fee and a minimal license fee, but no licensing.

3. Reliance Jio wanted a regulatory framework for the Internet:

“…it would be a fallacious assumption that low internet penetrations and speeds warrant that the OTT services should be kept out of the regulatory framework just to facilitate their growth.”

“Other OTTs (who strictly do not offer any communication services) need not adhere to such security requirements, however there may be certain sector specific requirements that may be relevant for these OTTs and therefore it is only fair that there is a clear and transparent regulatory framework mechanism that addresses these requirements.”

“All types of OTT services should be brought under minimal and simplistic regulatory framework…”

4. Reliance Jio wanted VoIP services to adhere to the same set of security standards as telecom operators, which include:

Hosting services from within India.

Setting up Lawful Interception and Monitoring (LIM) systems.

Verification and authentication of consumers of telecom services.

of telecom services. Providing necessary facilities for continuous monitoring of the system, not employing any bulk encryption equipment and taking prior evaluation and approval of Licensor for any encryption equipment for specific requirements

Providing decryption keys to the Government.

Restriction on switching of domestic calls/ messaging from outside the country.

Maintaining call detail record/ Internet protocol detail record (IPDR) for Internet including Internet Telephony Service for a minimum period of one year.

Maintaining Parameters of IPDR as per the directions/instructions issued by the Licensor from time to time

Responsibility for ensuring protection of privacy of communication and confidentiality of subscriber information.

Measures against Caller Line Identification (CLI) masking

3. The issues that TRAI could look into, based on the March 2015 paper: Lets go back to the original paper (a summary here). It referenced a few interesting things:

That telecom has regulatory obligations but the Internet does not, even though they’re capable of providing the same service to customers

That Internet companies bypass local regulations: at that time, TRAI had referenced Uber and Ola bypassing taxi regulations, saying there’s a non level playing field for apps that needs to be addressed to ensure the public safety and security of users.

That ecommerce has issues of protection of consumer information, and to participate in online commerce, individuals have to submit personal data online, which can be of great value to criminal elements.

Cloud services expose users to risks since they don’t have physical control of their data. Cloud services can be offered by people in another country and this raises sovereignty issues.

That users can access entertainment, information and commerce which is not subject to regulation.

That Internet companies are not mandated to Quality of Service obligations.

Lowering of government revenues due to OTT services leads to lowering of telecom revenues.

OTT services don’t give access for surveillance, and apps like Snapchat have disappearing messages, and hence pose a new security challenge.

Internet players in the rest of the world may not be sensitive to the diverse cultural spread of India, and there’s possibility o deliberate misuse of messaging and calling apps.

Apps that track location can be used for crime.

Health apps are not subject to a regulatory framework

Challenges of social engineering using sites like Facebook.

(My favorite quote from that TRAI paper:) “ Yet another potentially problematic area is that users of the social media websites express opinions freely without the usual social restraint.”

Questions related to Internet/OTT regulation from the March 2015 consultation paper Question 1: Is it too early to establish a regulatory framework for Internet/OTT services, since internet penetration is still evolving, access speeds are generally low and there is limited coverage of high-speed broadband in the country? Or, should some beginning be made now with a regulatory framework that could be adapted to changes in the future? Please comment with justifications. Question 2: Should the Internet/OTT players offering communication services (voice, messaging and video call services through applications (resident either in the country or outside) be brought under the licensing regime? Please comment with justifications. Question 3: Is the growth of Internet/OTT impacting the traditional revenue stream of Telecom operators/Telecom operators? If so, is the increase in data revenues of the Telecom Operators sufficient to compensate for this impact? Please comment with reasons. Question 4: Should the Internet/OTT players pay for use of the Telecom Operators network over and above data charges paid by consumers? If yes, what pricing options can be adopted? Could such options include prices based on bandwidth consumption? Can prices be used as a means of product/service differentiation? Please comment with justifications. Question 5: Do you agree that imbalances exist in the regulatory environment in the operation of Internet/OTT players? If so, what should be the framework to address these issues? How can the prevailing laws and regulations be applied to Internet/OTT players (who operate in the virtual world) and compliance enforced? What could be the impact on the economy? Please comment with justifications. Question 6: How should the security concerns be addressed with regard to Internet/OTT players providing communication services? What security conditions such as maintaining data records, logs etc. need to be mandated for such Internet/OTT players? And, how can compliance with these conditions be ensured if the applications of such Internet/OTT players reside outside the country? Please comment with justifications. Question 7: How should the Internet/OTT players offering app services ensure security, safety and privacy of the consumer? How should they ensure protection of consumer interest? Please comment with justifications

4. Not likely to be as bad as the March 2015 paper: Of course, this is a different TRAI, with a Chairman who understands technology. This is also a TRAI which has taken a largely progressive stand on regulations and recommendations, when it comes to the Internet, and has been careful not to hurt Internet users or the startup ecosystem.

5. There is some precedence now. In its ruling a month ago on allowing VoIP from Telecom Operators, TRAI said a few interesting things:

VoIP is independent of access service: “Public internet is a very general term and narrow interpretation taken by some of the TSP does not represent the correct position.” “So, the Authority is of the view that as per the present licensing framework, Internet Telephony service can be provided independent of the Internet access Service. In other words, the Internet Telephony service is un-tethered from the underlying access network.”

“The separation of network and service layers of telecom service offerings is the natural progression of the technological changes in this domain.” “It is now possible to separate provision of service contents, configuration and modification of service attributes regardless of the network catering to such service.”

“Public internet is a very general term and narrow interpretation taken by some of the TSP does not represent the correct position.” GPS as a solution for security issues: “As far as the location of nomadic Internet Telephony subscribers is concerned, it is possible to capture the location details in case GPS service is enabled in GPS enabled Smartphone.” Also that “interception and monitoring related requirements as specified in the” UL(access services) license or VNO license, as applicable”. Additionally, “So, the Authority is of the view the Public IP address used for originating/terminating Internet Telephony calls should be made a mandatory part of CDR in case of Internet Telephony. The location details in form of latitude and longitude should also be provided wherever it is feasible.”

“As far as the location of nomadic Internet Telephony subscribers is concerned, it is possible to capture the location details in case GPS service is enabled in GPS enabled Smartphone.” Also that “interception and monitoring related requirements as specified in the” UL(access services) license or VNO license, as applicable”. Additionally, “So, the Authority is of the view the Public IP address used for originating/terminating Internet Telephony calls should be made a mandatory part of CDR in case of Internet Telephony. The location details in form of latitude and longitude should also be provided wherever it is feasible.” On the revenue loss argument: “the Internet use is growing at an unprecedented high rate and existing providers will generate revenue from data services which will be required by a subscriber to make even an Internet Telephony call.””increasing revenue realizations from data services due to increasing Internet traffic will not only compensate for the loss of conventional voice traffic but will also increase the revenue potential of the last mile access networks.”

“the Internet use is growing at an unprecedented high rate and existing providers will generate revenue from data services which will be required by a subscriber to make even an Internet Telephony call.””increasing revenue realizations from data services due to increasing Internet traffic will not only compensate for the loss of conventional voice traffic but will also increase the revenue potential of the last mile access networks.” Quality of service for VoIP: was left to market forces.

6. Likely to be a recommendation, and not a regulation: The TRAI has no jurisdiction over regulating the Internet, and can only regulate carriage, and not online content and services.

*

Disclosure: I’m the co-founder of the SaveTheInternet.in campaign for Net Neutrality in India, and MediaNama has editorially taken a pro-Net Neutrality position.