TRAI recommends self-governing body for cloud service providers

The Telecom Regulatory Authority of India (TRAI) has suggested that a self-governing body be set up for cloud service providers (CSP) to take charge of disclosure and audit, monitor the code of conduct and determine transparency requirements in the industry.

The regulatory authority first made its recommendations to the government in August 2017 and issued a consultation paper, inviting inputs from industry bodies. In February 2020, it held discussions with stakeholders in Delhi.

It seeks to set up a “light touch regulatory framework” by forming the industry body in a three-step process -- enrollment of CSPs operating in India; followed by formation of an ad-hoc body to frame broad rules, organisational structure and election procedure; and finally the election of office bearers to take over its functioning as a regular industry-led body.

According to TRAI, the industry body should be registered under the Societies Registration Act, 1860. It must also follow the rules used to set up the machine to machine (M2M) body by the Department of Telecommunications (DoT), under the Ministry of Communications.

The explosion of data, coupled with the emergence of standalone data centre firms, technology companies and telecom service providers in India has made it necessary to set up such an industry body. The country is currently home to multiple cloud regions of industry leaders such as Amazon Web Services, Google Cloud, Microsoft Azure, Alibaba Cloud, Airtel, Yotta and Oracle.

TRAI, in a statement, said that the scope of CSPs will initially be limited to infrastructure-a- a-service (IaaS) and platform-as-a-service (PaaS) providers. However, the recommendations noted that telecom service providers should not be allowed to share infrastructure and platforms related to Telegraph with a CSP who is not a member of the industry body registered with DoT.

The industry body, TRAI said, will review its experience and deliberate on the need to form multiple bodies for different purposes, such as to address requirements of different market segments. It added that DoT may require this review after two years of functioning of the industry body, or such time as it considers appropriate.

In May this year, the Ministry of Electronics and Information Technology (MeitY) invited applications for the empanelment of new CSPs with the ministry. CSPs that are not registered with MeitY yet, or empanelled companies that want to add new data centres and services, can apply, it said at the time.