Tuesday, March 22, 2011

Telecom Security Council of India

India has been seriously considering the possibilities of embedded malicious codes and spyware in the imported hardware. This has also affected the import of crucial network hardware in the past by mobile companies in India.

Indian government has also decided to get the hardware tested for malware from foreign institutions till indigenous capabilities are established by India. It is expected that from April 2013 onwards all such tests would be carried out in India itself.

Meanwhile the department of telecommunication (DoT) has put stringent conditions for the import of network equipments. DoT has proposed Rs 1000-crore as the upper limit for imposing penalty upon mobile phone companies in case any spyware or malware is found in imported networks equipment or in the event of a security breach. The lower limit for the penalty will be Rs 50 crore.

There cannot be a doubt about the proposition that both hardware and software based backdoors and malware can be preinstalled, inform Praveen Dalal, managing partner of Perry4Law and leading techno legal expert of India. This step of DOT would act as a deterrent for importing telecom hardware casually and without proper caution, says Dalal.

DoT has also suggested the creation of the Telecoms Security Council of India (TSCI) that would look into security related aspects of hardware and network equipments. This is a good step as India’s dependence upon foreign players for its cyber security and telecom security is not conducive for telecom growth in India.

In the past proposals for the establishment of Telecom Security Regulatory Authority of India (TSRAI) were mooted. However, till now no steps have been taken in this regard. Similarly, Indian government must clear its head regarding crucial issues like encryption standards, network sniffing, e-mails sniffing, mobile phones interceptions, cell phone data usages, etc. It is high time for India to enact a comprehensive legislation in this regard, suggests Dalal.

Let us hope that the proposal for Telecom Security Council of India may not face the same fate as has been faced by TSRAI.