TRAI has issued its recommendations on cloud services. This move comes in response to DoT's vide letter dated December 31, 2012, which sought recommendations from TRAI on cloud services on broadly eight categories. The categories as listed by TRAI were as follows – regulatory framework, security over the cloud, cost benefit analysis, quality of service, interoperability, incentivization, legal framework, implementation strategies of cloud services in government.
Some of the main features of recommendations include:
- lLight touch regulatory approach has been adopted to regulate cloud services.
- lDoT shall prescribe a framework for registration of cloud service providers (CSPs) industry bod(y)(ies), which are not for profit. All CSPs above the threshold to be notified by the government have to become members of one of such industry body.
- lIndustry body will also have a disclosure mechanism to promote transparency regarding interoperability, billing, data security, and other related matters.
- lA Cloud Service Advisory Group (CSAG) to be created to function as an oversight body to periodically review the progress of cloud services and suggest actions, if any, to the government.
- lTelecommunication Standard Development Society of India (TSDSI) has been tasked to develop standards for ensuring interoperability for cloud services.
- lGovernment may consider enacting an overarching and comprehensive data-protection law covering all sectors.
- lGovernment shall draw a robust mutual legal assistance treaty (MLAT) to address the jurisdictional issues and amend existing MLATs to include lawful interception.
- lGovernment shall continue its policy to promote cloud services through cloud infrastructure projects. Ministry of MSME may also continue to promote adoption of ICT in the sector including providing subsidies as is being done at present.