Communications Today, July 30, 2025
The Draft Telecommunications (Telecom Cyber Security) Amendment Rules, 2025, introduced by the Department of Telecommunications (DoT), have sparked significant concern across India’s digital sector especially among digital payments, food delivery, and mobility platforms. CUTS International, a leading consumer advocacy group, has warned that the draft rules could cause substantial economic losses and dampen digital innovation.
The draft rules expand regulatory coverage to all entities using mobile numbers for user authentication-such as digital platforms, food delivery apps, fintech services, ride-hailing firms, OTT services, e-commerce platforms, and even small businesses-labelled as “Telecommunication Identifier User Entities” (TIUEs).
These TIUEs must now verify user mobile numbers through a central government platform, at a cost of 1.50 to 3 per verification. These modest per-verification charges can escalate rapidly for companies processing millions of transactions, translating to annual compliance expenses ranging from 10 crore to several thousand crores depending on business size and scale.
CUTS warns that increased compliance costs and exclusion risks may slow digital adoption, hurt competition, and risk an estimated 2.5 lakh crore loss to the digital economy, even if only 10 percent of entities comply. Compliance burdens could exclude 4,000-5,000 start-ups from the market and risk direct job losses of nearly 1.5-2 lakh.
Besides financial impact, the rules blur lines between telecom regulation and digital platforms, raising concerns about jurisdiction and privacy-since these platforms would now be treated under telecom regulations, which could increase government access to user data and add operational burdens.
The amendments would require significant resources for technical integration, ongoing compliance, dispute handling, and staff training-diverting focus and investment from innovation to regulatory management. Industry experts and advocates are urging the government to revisit and clarify the draft rules’ legal foundation and scope.
They recommend harmonizing these requirements with existing cybersecurity and data protection frameworks, conducting full regulatory and privacy impact assessments, and differentiating compliance obligations based on risk and company size. Greater inter-ministerial coordination and the use of pilot sandboxes are suggested for any roll-out, instead of imposing universal mandates.
While there is consensus on the need to enhance digital security and curb cyber fraud, most stakeholders agree that the current draft could unintentionally slow digital growth, increase costs, reduce competition, and stifle innovation in India’s fast-growing digital economy. CUTS and others have called for more granular consultation, proportional safeguards, and risk-sensitive regulatory approaches before the rules are finalized.
This news item can also be viewed at:
https://www.communicationstoday.co.in/