The Hindu BusinessLine, July 29, 2025
The Department of Telecommunication’s draft rules for a mobile number validation (MNV) platform under new cybersecurity regulations could wreak financial havoc for India’s start-ups and digitally-deprived groups, significantly raising their cost of compliance.
“About 90 per cent of start-ups fail within the first five years, with regulatory compliance cited as a critical contributing factor. The requirements for MNV verification would lead to start-ups diverting a large chunk of early-stage capital towards associated compliances,” said CUTS pointing out how many start-ups nowadays use SIM-based cyber security methods.
Digital rights group SFLC.in warned that the proposed rules risk overreach and could have far-reaching consequences on individual privacy, business continuity, and service delivery. It raised concerns over the absence of a clear appeals process for affected users worsening the risk of arbitrary suspensions.
It also pointed out how certain provisions allow government agencies to collect and analyse traffic and user data from relevant entities. Lack of explicit limits on data collection can lead to mission creep, where data collected for cybersecurity purposes is used for unrelated objectives, which is at odds with India’s data protection law.
“There is a concern on the potential impact on end-to-end encrypted services. These services may face challenges complying with logging and data-sharing requirements, potentially forcing them to exit the Indian market. Such outcomes would undermine user choice and the diversity of digital services available in India,” said SFLC.in.
Legislative sanction
Telecom think tank Broadband India Forum (BIF) also questioned the legislative sanction for an MNV platform or validation fees. It also asked for clarity on the scope and frequency of validation requests, the type of information exchanged or stored by the MNV platform, the information relayed back to companies and procedural safeguards to prevent misuse.
“In the absence of defined limits, the system raises the risk of user profiling, unlawful personal data processing and data sharing, in conflict with principles of necessity and proportionality laid down in the Puttaswamy [privacy] judgement,” said the BIF.
Compliance Cost
CUTS estimated over 30,000 MSME retail brands serve nearly 1.15 billion Indians. At 30 per cent compliance, the cost could surge to over ₹44 crore a year. Voluntary validation at ₹3 per verification request doubles these figures.
The proposed requirement will also demand significant investment in digital infrastructure for query monitoring, etc. Small businesses will also feel the double-edged effect of the rules as related internalised costs on bigger companies could increase operational costs for downstream service providers.
Digital divide
The proposed rules could severely limit digital access for millions who rely on shared devices such as women, elderly, children, low-income families and rural residents. In many Indian households, one phone number is used by multiple family members—for education, banking, and essential services.
“While the Draft Amendment Rules aim to enhance telecom security, they fail to account for India’s complex realities of mobile ownership, shared phone usage, and digital literacy gaps,” said CUTS.
Citing a recent Global Findex survey report 2025, CUTS said even when mobile phones are government-distributed to women in India, nearly 40 percent of them lost control over their devices within a month after distribution. Crunching numbers from national surveys, CUTS said roughly one in four female users does not have personal ownership of the device they operate. Among elderly Indians, nearly 28 million phone users are estimated to depend on family-owned devices.
Under the proposed MNV system, these individuals would lose access, effectively severing digital access for millions of secondary but legitimate users.
As for additional costs, BIF agreed that this could create entry barriers for new businesses and stifle competition, discouraging smaller firms from adopting digital verification tools. This undercuts the government’s goals of ease of doing business and digital inclusion, said the BIF.
This news item can also be viewed at:
https://www.thehindubusinessline.com/