Mumbai: The Broadband India Forum (BIF), a telecom industry body, has urged the Department of Telecommunications to reconsider the recently introduced cybersecurity amendment rules and SIM-binding directive, stating that the new regulatory framework contains legal and operational uncertainties that could extend beyond the provisions of the Telecommunications Act, 2023 and impose additional obligations on digital platforms.
What Is the SIM-Binding Directive?
The appeal comes as the SIM-binding directive is scheduled to take effect from March 1. Under the mandate, messaging applications such as WhatsApp and Signal will function only when the registered SIM card is physically present and active in the device. Industry stakeholders argue that such a requirement could alter the operational architecture of digital communication services and may also affect user convenience.
FCRF Launches Flagship Certified Fraud Investigator (CFI) Program
Expanding Regulatory Scope: The TIUE Debate
Based on legal opinion obtained by the forum, the directive introduces a new category called Telecommunication Identifier User Entities (TIUEs). This category could potentially include businesses that use identifiers such as mobile numbers, IP addresses, or IMEI numbers for user identification or service delivery. The scope could therefore extend from banking and fintech platforms to communication applications.
Legal and Compliance Uncertainty
The industry body argues that bringing digital platform companies under regulatory obligations similar to licensed telecom operators could be legally contentious. Under the Telecommunications Act, licensed operators are granted specific rights and responsibilities, while application service providers do not fall within the same regulatory framework. BIF maintains that the mere use of a phone number within an application cannot be interpreted as telecom service usage.
The forum further stated that implementing the rules in their current form could create divergent compliance requirements across sectors. This may increase administrative and operational costs for digital companies while also raising concerns about the potential impact on technological innovation. Experts believe that lack of regulatory clarity could generate legal uncertainty for businesses operating in the digital ecosystem.
BIF also emphasized that while a strong framework to curb cyber fraud is necessary, it should be developed through a collaborative approach involving the government, industry stakeholders, and technology experts. The body suggested that identity-based security mechanisms must balance data protection, user privacy, and service continuity considerations.
Operational Challenges for Digital Platforms
Under the cybersecurity amendment rules, TIUEs are required to block fraudulent identifiers when directed by authorities, comply with data protection standards, participate in Mobile Number Verification (MNV) systems, and cooperate with law enforcement agencies. Industry representatives said that implementing these responsibilities would require clear technical architecture and operational guidelines.
Analysts associated with the digital sector noted that India’s rapidly growing internet user base and mobile communication ecosystem make it a significant global technology market. They stressed that any new policy should undergo extensive stakeholder consultation to evaluate its practical implications before enforcement.
Balancing Security With Innovation
In its memorandum, BIF highlighted the importance of maintaining transparency and legal stability in the rule-making process. The forum urged the government to work with the digital platform industry to develop an anti-fraud framework that is technically effective while also strengthening business confidence and public trust.
Awaiting Government Response
As of now, there has been no official response from the telecom department regarding the industry’s request. The business community is closely watching whether the government initiates any review or amendment process to the new cybersecurity framework. The policy is being viewed as a potentially significant regulatory step amid the continued expansion of India’s digital economy.
