TRAI releases recommendations on cloud services in India

Key Highlights

• TRAI released recommendations on the back of growing cloud services.
• DoT wrote to TRAI seeking said recommendations five years ago. 
• A Cloud Service Advisory Group (CSAG) to be created to function as oversight body.

Telecom Regulatory Authority of India (TRAI) on Wednesday issued its recommendations on Cloud Services.

Cloud services in India have been growing in the past decade with other IT companies eyeing Indian customer base. “From 2012 to 2015, demand of cloud computing accounted for 70% growth of related IT market,” TRAI sai.

This move comes in response to Department of Telecom (DoT)’s vide letter dated December 31, 2012, which sought recommendations from TRAI on Cloud Services on broad eight categories.

The categories as listed by TRAI were as follows – regulatory framework, security over the cloud, cost benefit analysis, quality of service, inter-operability, incentivisation, legal framework, implementation strategies of cloud services in government.

“DoT subsequently clarified on 22.06.2015 that recommendations on Cloud Services need not be too specific on Implementation Strategies of Cloud Services in Government,” TRAI said.

Some of the main features of recommendations by TRAI are mentioned below:

1. Light touch regulatory approach has been adopted to regulate cloud services.

2. DoT shall prescribe a framework for registration of cloud service providers (CPs) industry bod(y)(ies), which are not for profit.  All CSPs above the threshold to be notified by the government have to become member of one of such industry body.

3. Industry body will prescribe Code of Conduct (CoC) for its functioning which have to be followed by their members. In addition to CoC, there will be a governance  structure of the industry body aimed to support effective and transparent implementation, management and evolution of the CoC. Industry body, not for profit may charge fee from its members, which is fair reasonable and non-discriminatory.

4. Industry body will also have a disclosure mechanism to promote transparency regarding inter-operability, billing, data security and other related matters.

5. A Cloud Service Advisory Group (CSAG) to be created to function as oversight body to periodically review the progress of cloud services and suggest actions, if any, to the government.

6. Telecommunication Standard Development Society of India (TSDSI) has been tasked to develop standards for ensuring interoperability for cloud services.

7. Government may consider enacting an overarching and comprehensive data protection law covering all sectors.

8. Government shall draw a robust Mutual Legal Assistance Treaty (MLAT) to address the jurisdictional issues and amend existing MLATs to include lawful interception of access to data on the cloud.

9. Government shall continue its policy to promote cloud services through cloud infrastructure projects. Ministry of MSME may also continue to promote adoption of ICT in the sector including providing subsidies as being done at present.

“Adoption of these recommendations will unleash the Potential of cloud computing in India to a next level by boosting cloud adoption and strengthening the trust in the cloud,” TRAI said.