Recently, the Cabinet Committee on Security has sanctioned the setting up of a new National Security Directive on the Telecommunication Sector. This will mandate service providers to purchase equipment from trusted sources.
Under the provisions of this directive, the Government will declare a list of trusted sources and trusted products for installation in the country’s telecom network.
This move came after the Centre asked all telecom operators to undertake an ‘Information Security Audit’ of their networks. The objective was to specifically check for any ‘backdoor’ or ‘trapdoor’ vulnerabilities in the telecom networks, which can be exploited to extract information and pass on illegally to agencies around the world. A backdoor or a trap door is a bug installed in the telecom hardware that allows companies to listen in or collect data being shared on the network. Chinese vendors Huawei and ZTE have been under global scrutiny for allegedly installing backdoor vulnerabilities and spying for the Chinese government and have been banned by several countries.
The Indian government has already banned a number of Chinese apps and barred BSNL and MTNL from using Chinese equipment for the roll-out of its 4G network. The Department of Telecommunications hinted that it would announce guidelines asking even private companies to refrain from using Chinese equipment, however, no such guidelines have been issued till now.
Major aims of National Security Directive (NSD) will be-
- To classify telecom products and their sources under the ‘trusted’ and ‘non-trusted’ categories.
- From among the sources declared as trusted sources by the designated authority, those which meet the criteria of the Department of Telecom’s preferential market access policy will be certified as Indian trusted sources.
- The policy provides opportunities to local manufacturers of equipment and handsets in the “Sensitive” telecom sector to counter dumping of products by other countries.
- Telecom Service Providers (TSPs) are required to connect new devices which are designated trusted products.
- The directive will also not affect annual maintenance contracts or updates to existing equipment already inducted in the network as on date of effect of the directive.
NSD will make its decision based on approval of the National Security Committee on Telecom. It will be headed by the deputy National Security Advisor (NSA) and have members from other departments and ministries, and independent experts as well as two members from the industry. The National Cyber Security Coordinator is the designated authority and will devise the methodology to designate trusted products.
Apart from the directive, the government will release at regular intervals new guidelines for effective monitoring and effective control of the network security of the TSPs. The move could potentially make it more difficult for Chinese telecom equipment vendors to supply equipment to Indian telecom players. Mobile applications that either have Chinese origins or have central servers in China may also find re-entry in the market extremely difficult.
