Cybersecurity Concerns Over SIM-Binding Directive: BIF Seeks Review of EU Regulations

Post Views: 15

India’s Telecom Industry Body Calls for Review of Cybersecurity Amendment Rules

India’s telecom industry body, the Broadband India Forum (BIF), has called for a review of the country’s recently introduced cybersecurity amendment rules and SIM-binding directive, citing concerns over legal and operational uncertainties.

Concerns over Regulatory Framework

The directive, which went into effect on March 1, requires messaging applications to function only when linked to a verified SIM card.

According to the forum, the SIM-binding directive introduces a new category called Telecommunication Identifier User Entities (TIUEs), which could potentially include businesses that use identifiers such as mobile numbers, IP addresses, or IMEI numbers for user identification or service delivery.

Potential Implications

This expanded regulatory scope could have far-reaching implications, bringing digital platform companies under regulatory obligations similar to those of licensed telecom operators. However, the BIF argues that this could be legally contentious, as application service providers do not fall within the same regulatory framework as licensed operators.

Industry Concerns

The industry body is also concerned that implementing the rules in their current form could create divergent compliance requirements across sectors, increasing administrative and operational costs for digital companies. Furthermore, the lack of regulatory clarity could generate legal uncertainty for businesses operating in the digital ecosystem.

Experts warn that the new rules could stifle technological innovation, as companies may struggle to balance security requirements with the need to innovate and adapt to changing market conditions.

Proposed Solution

The BIF emphasizes that a strong framework to curb cyber fraud is necessary, but it should be developed through a collaborative approach involving the government, industry stakeholders, and technology experts.

Current Requirements

Under the cybersecurity amendment rules, TIUEs are required to block fraudulent identifiers when directed by authorities, comply with data protection standards, participate in Mobile Number Verification (MNV) systems, and cooperate with law enforcement agencies.

Call for Transparency and Stability

The BIF has urged the government to work with the digital platform industry to develop an anti-fraud framework that is technically effective while also strengthening business confidence and public trust. The forum has also highlighted the importance of maintaining transparency and legal stability in the rule-making process.

Next Steps

As the government has yet to respond to the industry’s request, the business community is closely watching to see whether any review or amendment process will be initiated. The policy is being viewed as a potentially significant regulatory step amid the continued expansion of India’s digital economy.

About Author

Vaibhav

See author's posts

Cybersecurity Concerns Over SIM-Binding Directive: BIF Seeks Review of EU Regulations