Share on facebook
Share on twitter
Share on linkedin

TRAI’s Framework for Data Centres, Interconnect Exchanges and Content Delivery Networks- An Update

Communication services such as voice, video, data, internet, and wideband multimedia have become indispensable in the modern society. Information communication technology (ICT) has become a vital resource in development of various economic sectors enabling the various participants in economic and social spheres to have a quick and easy access to information and knowledge. ICT makes communication efficient in all spheres of life- in companies fostering increased efficiency, allowing access to human resource, promoting sustainable development of entrepreneurship.

At present, most sectors and organizations are generating mountains of data on a daily basis. Therefore, to stay competitive, organizations are constantly working to optimize data to leverage it to their advantage. For instance, the banking sector uses data extensively to understand how their customers use data to identify potential security risks. Data plays a vital role in the real estate and property management sector by extending an improved property analysis mechanism, understanding the customers and deciphering the market trends. The telecom industry is also utilizing data to improve in several key service areas, including customer experience, fraud reduction, churn prediction, and dynamic pricing. Further, with the rollout of 5G, data plays a key role in network planning, monitoring and management. Hence, data is the central force for driving crucial innovative and advanced industry solutions for the systematic growth of the economy.

Digital advances have generated enormous wealth in record time, but that wealth has been concentrated around a small number of individuals, companies and countries. Under current policies and regulations, this trajectory is likely to continue, further contributing to rising inequality, not only at the country level between developed and developing economies but also at the level of big online players, controlling data acting as an entry barrier for new entrants, leading to near monopoly in global digital markets. The effect of globalization and the development of the telecommunication sector has also affected the Indian market vitally.

On 21 December 2021 TRAI- the Telecommunication Authority of India released a consultation paper on the ‘Regulatory Framework for Promoting Data Economy through Establishment of Data Centres, Content Delivery Networks, and Interconnect Exchanges in India’ where it discussed and opined thoroughly on the markets of data economy, its challenges and its growth and future opportunities in the sector.


The TRAI Consultation Paper and Data Centres  

 

The new era of digitization has rolled out 5G, Internet of Things (IoT), and Artificial Intelligence (AI) leading to the creation of data via widespread, geographically distributed networks and new-age devices. Further, Enhanced Mobile Broadband (eMBB), Ultra-Reliable Low Latency Communications (URLLC), and Massive Machine Type Communications (MMTC) are set to emerge as dominant storage interfaces. 5G, along with edge computing, is set to fulfil the needs for ultra-reliable, low-latency, and high-throughput communication. Use cases driven by this intelligence-centric connectivity will catalyse computing at the edge as they effectively become mini data centres and bring a completely new paradigm to storage at the edge. This brings with it a need for advanced networking, computing and storage in edge devices and endpoints.

The main theme of the TRAI consultation paper is the development of a regulatory framework to make the data market more abiding and regulated for systematic development and protection of its users. While competing with the world data economy the need for a proper regulatory framework that can encourage the development of 5G, IoT, data centres, and associated services, data analytics, edge computing, digital platforms, and applications were discussed and their effect on the growth are discussed in the paper.  For any economy to be competitive, it has become essential to become reliable and self-sufficient in terms of futuristic technology. This has bought the Indian government’s inaction to bring in various initiatives and policies to bring digitalisation to the forefront of the market. Policies like Digital India Programme 2015 and National Digital Communication Policy 2018 contributed tremendously to the development and population of the data economy and digitalization.

The TRAI paper clearly emphasized and questioned the potential of growth of data centres in India in light of various challenges in terms of economic/infrastructure and financial aspects. The paper sought views on:

(i) incentives and long-term measures to facilitate growth and investment in data centres, Content Delivery Networks (“CDN”s), and Interconnect Exchanges (“IXP”s).

(ii) building, safety, disaster recovery, and security standards for data centres.

(iii) access to facilities such as dedicated fibre and electricity, and provision of concessional tariffs or subsidies.

(iv) need for a unified data centre policy in India and centre-state coordination.

(v) need for a regulatory framework for CDN and interconnect exchanges in India.

Additionally, it was noted in the paper that the mere establishment of data centres will not efficiently meet the country’s data requirements.  Initiatives to address challenges of data penetration in Tire 2 and Tire 3 cities also has to be addressed. The paper also discussed and opened itself to comments on the green data certification, building norms for data centres and other aspects important for the development of an economically efficient data economy. The paper further discusses the impact of Covid-19 on the digital economy that resulted in a data surge arising out of increased digital social interactions and online transactions.


The Infrastructure of the Data Economy

 

The paper recognises the following three main infrastructures for boosting the data ecosystem and facilities

  • Data Centres
  • Content Delivery Networks
  • Internet Exchange Points

Together these three form the part of what can be termed as “Digital communication infrastructure and services”. It is important to note that with CDN the delivery of the data sought by the users is established and the players like Netflix, Youtube and Amazon establish their own CDN  in locations that are near to users to make the use of the internet bandwidth less which ultimately reduces the cost and make it more economical for them. These CDN networks are not adequately regulated in the Indian market. TRAI with the consultation paper has sought opinions on the same and has also highlighted the point of whether the lack of a regulatory framework for these CDN networks in India affects the growth of the CDN market in the country.

The main mission of the paper was to connect India with proper digital communication infrastructure, propel India with the latest technology including 5G, AI, IoT Cloud, and empower India by securing its digital sovereignty and data protection.

The consultation paper further analysed the idea of the dark fibre cable network, data centre and the regulatory framework or other limitations these data centre companies are facing and how these avenues can be incentivised. 


Infrastructure Requirements for Data Centres

 

The paper discussed the resources which are required for the establishment of the data centres and how their availability or shortage can add to the hardships of the establishment of economical units of the data centre. While opting for and establishing a data centre it’s essential to look into the availability of the power supply and water. India faces an energy deficit of 1,44,1 Million Units (MU). The most affected areas are the rural areas in India. The cost of power can also not be overlooked. The major cost which is approximately 50-60% of the total operating cost of these data centres is the cost of power. The power and cooling segment of the Indian Data Centre power and cooling market is expected to reach $1,065.5 million by 2025, growing at a Compound Annual Growth Rate (CAGR) of 9.4% during the forecast period 2019–2025. 

Water resources were another facility for which data centres might face challenges. The major work of the water is to cool off. As per the report around 15- megawatt of energy in a Data Centre can use up to 360,000 gallons of water a day as the scale of the data centre will rise more reliable sources of water has to be looked into. In the process of cooling off some amount of water is also evaporated leading to loss of water. The question which arose is whether India is ready to meet these power and water supply requirements for the establishment of a highly popularizing segment of data centres. This remains a question of concern to meet the cooking up future requirements

Looking into the matter the TRAI suggested developing renewable energy and development of green data centres. In Europe, the climate-Neutral Data Centre pact is the law that aims to make all of the European Union Climate-neutral by 2050. These green data centres will have low emission rates. A vision to create such data centres and emphasis on the establishment of data centres driven by renewable energy was also emphasised.


Telecom Data and its Security Issues


 

Telecom data is the first digital footprint created by any household. For proper functioning of the services collecting such user data and establishing robust infrastructure for the services providers to proffer better services becomes very essential. For this, the mechanisms of the consented sharing of telecom data and data empowerment and protection Architecture were explained in the paper.

Even though the intention of the Personal Data Protection (Bill) 2019 was to extend legislative protection to users wherein purpose-driven collection of data, user consent to sharing of personal data etc. were addressed, it is yet to be seen how the law progresses in the future. 


Telecom Industry and the OTT Platforms

 

The functioning of the telecom industry and its importance and assistance in the development of Over the Top (OTT) platforms like ‘Netflix’, ‘Amazon’, ‘Hotstar’ can be understood easily. The telecom industry provides the oil to these OTT industry players for smooth functioning and better market reach. In the recent paper released by the Competition Commission of India (CCI) on the market study of the telecom sector, it highlighted the raising trends of a partnership between the telecom Industry and these platforms and how this can act as an entry barrier. 


CCI’s Concern over the Growth of the Telecom Market and its Nexus with TRAI

 

The market study of the telecom sector released by the CCI on 22nd January 2021, highlighted various contemporary competition issues, including upcoming competition issues as the telecom sector is set to see further transformation and innovations with 5G around the corner, discussing:

(a) Financial stability and competition

(b) Vertical integration and competition.

(c) Data privacy and competition.

(d) Infrastructure and competition.

The CCI raised concerns over the data privacy of the users from deals like Jio- Facebook, where the users are robbed of their right to data privacy. Raising concerns of such kind in its study, the TRAI also channelized its discussions on similar lines in its paper where a huge threat to the data privacy of the users was discussed and a strong need to regulate and limit the data sharing and purpose-driven data collection was identified. 


Regulatory Framework for the Data Centres, Current Scenario and the Way Forward

 

A strong surge in the consumption of data has been projected for the coming years. This massive increase in the use of data shall require a robust mechanism for data management, data security, and good data infrastructure. However, India still lacks a centralized regulatory framework that properly regulates or prescribes compliance standards with respect to the establishment of such data centres. This consultation paper by TRAI is the first concrete step in this direction.

The paper received comments from various significant stakeholders. While addressing the issue of data penetration at Tier 1 and Tier 2 cities, Vodafone Idea Limited (‘VIL’), one of the stakeholders, suggested that the Government should extend tax benefits to Service Providers that are building disaster recovery sites to ensure reliable services. Development of Special Economic Zones (‘SEZ’) in TIER 2 & 3 cities should be undertaken to motivate data centre players, rationalization of electricity tariffs across all states and ready infrastructure facilities inclusive of power, transport, water supply, fibre connectivity etc. should be set up in those Tier 2 & 3 cities. VIL further observed that a central law governing data construction and operation should address aspects relating to the entire lifecycle of data centres. Since the National Broadcasting Company (‘NBC’) covers maximum data centre related guidelines, it is recommended to form a single regulatory body under NBC, which should develop India-specific building standards for the construction of data centres operating in India.

Internet freedom foundation, another stakeholder, has also provided its comments and suggestions on the considerations raised in the Paper. The foundation advocated the urgent need for the creation of a multi-stakeholder body for the enforcement of net neutrality. The need for a more efficient data policy specifically designed for the telecom industry was also put forward promoting evidence-based policymaking for the CDNs. In order to ensure a more streamlined functioning of the telecom industry, the foundation emphasized overall sectoral transparency. It raised concerns over data monetization and its threats. Additionally, it placed stress on proper surveillance of these data centres as sensitive data of users would be involved.

The National Association of Software and Service Companies (‘NASSCOM’) in their comments on the paper focused on the development of the CDN market and its growth potential in India. NASSCOM raised concerns over regulatory compliances that can potentially make the Indian CDN market less competitive and advised on initiating strategies to combat the same. It also raised concerns over the reduced network efficiency because of the regulatory requirement of interconnection with Telecom Service Provider (TSP) and Internet Service Providers (ISP) and network neutrality. It opined that both will be affected negatively by the criteria proposed by the paper. It urged TRAI to refrain from imposing ex-ante obligations for mandatory interconnection between CDNs and ISPs.

With all these regulatory challenges the stakeholders also provided their point of view on the issues and challenges of the data centres, from advocating for the establishment of special economic zones and providing some tax benefits for the establishment of the data centres to the need for proper authority for the certification of the data centre as adopted globally has been highlighted. The stakeholders also highlighted the portions wherewith not much effort skilled labour can be found and up-gradation of the existing skills can be done. Data privacy matters took the spotlight in almost all the stakeholders’ comments. They advocated for the implementation of a comprehensive law to deal with the matter at hand. Further, on compliance, the stakeholders emphasized structuring an all-encompassing competent channel for the use and availability of the resources such as power, land, and water for smooth functioning of the data centres.

In 2020, Singapore imposed a moratorium on the establishment of the data centres because of the disparity in the use of resources by 7%. India is already facing challenges in sustainable development and is aiming to become a global hub for data centres, without a practical mechanism in place. It is interesting to note that, states like Karnataka and Tamil Nadu have formulated their policy on the same. They have also sought amendments in the state legislations to incorporate congenial provisions for the establishment of the data centres but until now no steps have been taken.

As per some of the suggestions, in addition to notifying a national policy on data centres, the government should also identify and proffer various incentives for the players keen on undertaking the establishment of such data centres, especially with respect to considerations like electricity, water resources, infrastructure, technology and Research and Development. Before formulating and enforcing anything it’s evident for the government to into consideration all the aspects of labour, resources, real estate etc. before devising a perfectively addresses the challenges of the sector and works in concert towards the benefits of its stakeholders.

In 2020 the Ministry of Information Technology formulated a Data Centre Policy, 2020 discussing the challenges and how a centralised system for clearance and approval for the establishment of data centres has to be structured and new building norms specifically dealing with the construction of the data centres are to be developed. More stress on a smooth regulatory framework for ease of doing business was emphasised.

While the central government is yet to formulate comprehensive legislation to govern data centres, various state governments have undertaken the initiative to regulate the sector within their jurisdiction.

Maharashtra’s Data policy extends fiscal incentives such as stamp duty exemption, electricity duty exemption, value-added-tax refund and property tax benefits for data centres that comply with specific criteria. 

Telangana’s Policy extends fiscal incentives like power, building fee rebates and land at subsidized costs. Additionally, other non-fiscal incentives like exemption from the purview of the Telangana Pollution Control Act, exemption from statutory power cuts and from inspection under specified labour legislation and permissions to file self-certificates have also been offered.

The Tamil Nadu Data Centre Policy 2021 has established a single-window facilitation portal to maintain time-bound processing of applications and coordination with various agencies and departments. Further, incentives such as electricity tax subsidies on power, concessional open access charges and cross-subsidies, dual power and stamp duty concessions and permits for self-certificates pertaining to compliance with respect to statutory registrations and forms under respective labour legislation are provided. 

The Data Centre Policy 2021 of Uttar Pradesh provides incentives with respect to data centre park developers and data centre units. Interest/capital subsidy, land subsidy, stamp duty exemptions and dual power grid network, as well exemption from inspection under labour legislation and permissions to file self-certificates have also been provided for under the legislation.

West Bengal data centre policy 2021 is a 5-year plan providing various power, water and infrastructure facility for the smooth functioning of the data centres. 

Haryana and Karnataka are still finalising their state policy while the Odisha government has also rolled out a policy that needs further development and the status of its implementation is not yet confirmed.

As per some of the suggestions of the stakeholders, in addition to notifying a national policy on data centres, the government should also identify and proffer various incentives for the players keen on undertaking the establishment of such data centres especially with respect to considerations like electricity, water resources, infrastructure, technology and Research and Development. Before formulating and enforcing anything it’s evident for the government to into consideration all the aspects of labour, resources, real estate etc. before devising a perfectively addresses the challenges of the sector and works in concert towards the benefits of its stakeholders.

 

Image Credits: Photo by Ian Battaglia on Unsplash

A strong surge in the consumption of data has been projected for the coming years. This massive increase in the use of data shall require a robust mechanism for data management, data security, and good data infrastructure. However, India still lacks a centralized regulatory framework that properly regulates or prescribes compliance standards with respect to the establishment of such data centres. This consultation paper by TRAI is the first concrete step in this direction.

POST A COMMENT

Share on facebook
Share on twitter
Share on linkedin

The Metaverse and its Numerous Concerns

There is a lot of buzz being generated around the “Metaverse,” which can be defined as a virtual reality-based shared digital world in which users (through their “avatars”) can enjoy three-dimensional, multi-sensory experiences. This rapidly-evolving, technology-driven paradigm is a huge shift away from the present, where digital interactions are based on text, audio and two-dimensional images/videos. The excitement around the Metaverse is due to the immense possibilities that exist around how it can be used for social interactions, commerce, media & entertainment, education, manufacturing, healthcare, defense etc. Not surprisingly, many companies, even in India, are investing in Metaverse capabilities.

While the potential for metaverse cannot be denied, it is just as important to recognize and acknowledge that there are several grey areas around this paradigm. If timely actions to prevent the misuse of the metaverse are not taken by the global community, we run the serious risk of opening a new Pandora’s Box. And once the proverbial genie is released from the bottle, it is virtually impossible (pun intended) to put it back inside.

The Potential Dangers of the Metaverse

 
What are the biggest fears surrounding the Metaverse? Concerns have been expressed from different quarters around issues relating to the privacy, safety and well-being of people who are active in the metaverse. In the current scenario, people use social platforms to connect with each other. If someone with whom I do not wish to engage seeks to connect with me in a basic digital world, I can easily deny the friend request. Even after having granted them permission initially, I can choose to block such persons. During the time they have permission to engage with me, the worst that can happen is that they send unwanted texts, audio messages or images and videos.

This is bad enough, but in the metaverse, the kind and nature of obscene or harmful content will change drastically; consequently, so will the impact of such material and experiences on vulnerable segments of society. 

For example, in the metaverse, it is quite possible for complete strangers to enter someone else’s personal space – without the latter being aware of who the former is. Given the multi-sensory capabilities of the metaverse, which includes haptic technology (the sense of touch), the experience and impact can be far worse. Arguably, the metaverse (as it exists currently) lends itself more easily to bullying, sexual abuse or intimidation. Indeed, there have been recent media reports that some VR-based games that are accessible to young children contain inappropriate content. 

AI-driven deep fakes can further muddy the waters by creating and distributing patently false content that is almost impossible to detect as fake. There is enough fake information circulating on Whatsapp as it is, think of the danger of content that purportedly shows politicians or others saying things designed to inflame emotions.

NFTs will be key to the evolution and growth of the metaverse, providing owners of physical assets such as paintings and IPR such as rights to music, movies etc. new avenues to monetize them at scale. Cryptocurrencies and tokens are likely to form the principal currency in the metaverse, powering commerce and payments. As of now, cryptocurrencies are anonymous and independent of mainstream banking and financial systems. 

In the absence of regulations that are uniformly enforced globally, such parallel payment systems can be easily misused for illegal and immoral activities and transactions, including child sexual abuse. It is likely that fraud and crimes will increasingly crisscross between the current digital world and the metaverse (and perhaps the physical world), making them harder to detect and bring the perpetrators to book.

Addressing the Issues Surrounding Metaverse 

 

A multipronged approach is key to addressing the potential dangers of the metaverse. It is vital to frame appropriate legislation and arm various regulatory agencies with the power to catch and punish violators is vital. The basic premise around legislation has to be this: if something is illegal or against the law or generally accepted social mores in the “real”, physical world, it must be treated the same way in any parallel “virtual reality” based universe.

However, legislation alone cannot secure the metaverse. It will be essential to hold creators of content and platforms that enable distribution and access responsible for violations. The metaverse infrastructure needs to be designed with more intent to put in place appropriate safety mechanisms right at the beginning. As a global society, we must learn from our experiences with the downsides of social media platforms (false information, cyber-bullying, digital fraud etc.) and take preemptive actions that can prevent problems before they become common. This is significant because changing processes after people have grown accustomed to them is never easy; also, some damage may have already occurred. It may also be necessary to think of ways to incentivize good behaviour in the metaverse.

The metaverse is expected to surge ahead quickly on its evolutionary path. Its trajectory cannot be predicted in advance, therefore, what is needed is constant vigilance and for global action to be taken in a concerted manner. The UN system is supposed to be the primary keeper of international order. A number of events over the past couple of decades have painfully driven home the point that the UN architecture needs an urgent and major overhaul. As part of this exercise, it may be useful to establish a new global body tasked with the responsibility of overseeing and governing the metaverse. Regional political/economic blocs must be encouraged to ensure that their members comply with rules and regulations related to the metaverse.

The metaverse is expected to surge ahead quickly on its evolutionary path. Its trajectory cannot be predicted in advance; therefore, what is needed is constant vigilance and for global action to be taken in a concerted manner.

POST A COMMENT

Share on facebook
Share on twitter
Share on linkedin

IS17428 -A New Privacy Assurance Standard in India

Recently, Aditya Birla Fashion and Retail Ltd (ABFR) faced a major data breach on its e-commerce portal. As per the reports, personal information of over 5.4 million users of the platform was made public. The 700 GB data leak included personal customer details like order histories, names, dates of birth, credit card information, addresses and contact numbers. Additionally, details like salaries, religion, marital status of employees were also leaked.  Forensic and data security experts were pro-actively engaged to implement the requisite damage-control measures and launch a detailed investigation into the matter.[1] This demonstrates the need to have wider awareness and establish standardized protocols for personal data management. 

The battle of data protection and privacy currently stands at a juxtaposition with a flourishing data economy. 2021 was a watershed moment in the privacy & data protection dialogue in the country. The need for comprehensive data protection law was louder than ever and there were major initiatives on the legislative and executive front.

In June of 2021, the Bureau of India Standards (BIS) introduced IS 17428 for data privacy assurance. It is a privacy framework designed for organisations to handle the personal data of individuals that they collect or process. The certification provided by BIS for IS 17428 can be deemed as an assurance extended to the customers/users by the organizations of well-implemented privacy practice. The BIS being a statutorily created standard-setting body of our country will bring some welcome change in our data management.  

IS 17428 is divided into 2 parts[2]:

  • Part 1 deals with the Management and Engineering parameters that are mandatory for an organization to comply with. This part provides for establishing and cultivating a competent Data Privacy Management System.
  • Part 2 deals with the Engineering and Management guidelines which enable the implementation of Part 1. These guidelines are not mandatory in nature but a reference framework for an organization to implement good practices internally.

 

The Context – Privacy & Data Protection laws in India

 

The Data protection bill was expected to be tabled in parliament back in 2019 but was postponed due to the ongoing pandemic. The country was hoping to pass the bill last year, however, it was sent to the Joint Parliament Committee (JPC) for perusal. The JPC made its report on the bill public in the month of December 2021.

Also, Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 had been implemented back in 2011, primarily to safeguard the sensitive personal data of individuals that are collected, processed, transferred, or stored by any organisation and enumerate security practices. The rule lays down certain practices and procedures to be followed by a stakeholder while dealing with sensitive personal data. International Standard IS/ISO/IEC 27001 is one such acceptable standard.

Later ISO27701 was specifically introduced that focused on Privacy Information Management.  However, our Indian enactment has not specifically endorsed any such standards though Standards formulated by the industry association that is approved and notified by the Central Government are also deemed appropriate.  In this background, BIS introducing a standard is a welcome initiative as it will help in bringing uniformity in terms of the implementation of privacy practices across Indian industries.

Components of Part 1 of IS 17428[3]

 
Development of Privacy Requirements:

While developing the privacy requirements of the organisation in relation to the data collected or processed, the organisation has to take into consideration various factors such as jurisdiction, statutory requirements and business needs.

Personal Data Collection and Limitation:

The organisation is permitted to collect the personal information of the individuals, provided the same has been consented to by such individuals.

Privacy notice: 

The organisation is bound to provide a notice to individuals while collecting information from them and when such collection is through an indirect method employed by the organisation, then it is the duty of the former to convey by the same in an unambiguous and legitimate means.

The contents of a privacy notice at the minimum should include the following[4]:

  • Name and Address of the entity collecting the personal data
  • Name and Address of the entity retaining the personal data, if different from above
  • Types and categories of personal data collected
  • Purpose of collection and processing
  • Recipients of personal data, including any transfers
Choice and Consent:

As mentioned earlier, while collecting information, the organisation should get the consent of the individual at the initiation of the process while offering such individuals the choice of the information that they consent to disclose. This entire process should be done in a lawful manner and according to the privacy policies implemented by the organisation.

Data Accuracy: 

The data collected by the organisation should be accurate, and in case it is inaccurate, it should be corrected promptly.

Use Limitation: 

The data collected by the organisation should be used for the legitimate purpose for which it was agreed upon and it shall not be used for any other purposes.

Security: 

The organisation should implement a strict security program to ensure that the information collected is not breached or compromised in any manner.

Data Privacy Management System: 

The organisation is required to establish a Data Privacy Management System (DPMS). The DPMS shall act as a point of reference and baseline for the organisation’s privacy requirements/objectives.

Privacy Objectives: 

The privacy objective of the organisation shall be fixed and set out by the organisation itself. While determining the objectives the organisation shall also look into various factors such as the nature of business operations involving the GDPR processing of personal information, the industry domain, type of individuals, the extent to which the processed information is outsourced and the personal information collected. Moreover, the organisation shall also ensure that the objectives are in alignment with its privacy policy, business objectives and the geographical distribution of its operations.

Personal Data Storage Limitation: 

The organisation shall be allowed to retain the information collected from the individual only for a specific time period as required by the law or the completion of the purpose for which it was collected in the first place. The individual shall have the right to delete their personal information from the organisation database upon request.

Privacy Policy: 

The organisation shall create and implement a privacy policy that shall determine the scope and be applicable to all its business affiliates. The senior management of the organisation shall be in charge of the data privacy function. Moreover, the privacy policy should be in consonance with the privacy objectives of the organisation.

Records and Document Management

The organisation shall keep a record of its processing activities which shall, in turn, ensure responsibility towards the compliance of data privacy. The possible way to achieve such a standard is to lay out procedures that help to identify various records. While laying out procedures, the organisation shall take into consideration certain factors such as a record of logs that demonstrate affirmative action and options chosen by individuals on privacy consent and notice, evidence of capture events related to access or use of personal information, and retention period of obsolete documents.

Privacy Impact Assessment: 

A privacy impact assessment shall be carried out by the organisation from time to time. Such an assessment shall help in estimating the changes and the impact that they can possibly have on the data privacy of the individuals.

Privacy Risk Management

The organisation shall put in place and document a privacy risk management methodology. The methodology shall determine how the risks are managed and how the risks are kept at an acceptable level.

Grievance Redress:  

A grievance redressal mechanism shall be established by the organisation to handle the grievances of the individuals promptly. The organisation shall ensure that the contact information of the grievance officer shall be displayed or published and that they have the channel of receiving complaints from the individuals. Moreover, the organisation shall also make it clear as to the provision for escalation and appeal and the timelines for resolution of the grievance.

Periodic Audits: 

The organisation shall conduct periodic audits for the data privacy management system. The audit shall be conducted by an independent authority competent in data privacy, internal or external to the organization, at a periodicity appropriate for the organization, at least once a year.

Privacy Incident Management: 

Privacy breaches and data privacy incidents shall be reported regularly and the organisation shall come up with a mechanism to manage such incidents. The process shall involve identifying the incident at the first stage and investigating the root cause, preparing analysis and correcting the incidents in the second stage. The last stage is basically informing the key stakeholders including Data Privacy Authority about the breach or incident.

Data Subject’s Request Management: 

The organisation shall develop a mechanism to respond to requests from individuals concerning their personal data. This process shall include the means to verify the identity of the individual, provision access to the information and the means to update the information.

 

How IS 17428 would help in Privacy and Data Protection? 

 

The Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 (RSPP and SPDI rules) had been the only law for organisations to follow. The rules did not prescribe or detail any specific requirements or standards in relation to personal data management and in the absence of formulated standards for the protection of the sensitive personal data of individuals, industry bodies were struggling to have uniform procedures. 

This being the case, introducing specific standards for personal data management will bring more clarity and will help companies to adhere to an approved standard prescribed by a government agency. Moreover, principles narrated in this standard are in accordance with the Internationally recognised privacy principles and will help Indian companies to proffer confidence when dealing with their commercial counterparts.

Introduction of record and document management, risk assessment and data subject request management are a few of the aspects that bring onerous responsibilities on companies making them more accountable and transparent.  These aspects have laid down procedures and mechanisms for an organisation to improve their privacy management, for example, introducing processes such as verification of identity, access to information, evidence of capture events of consent and retention period of obsolete documents.

 

The proposed data protection legislation and the IS 17428

 

The IS 17428 standard has been inspired primarily from the principles dictated from OECD privacy principles, GDPR and ISO27701. The proposed data protection legislation on the other hand has many divergences from the above instruments in many respects. For Instance, the IS standard has an elaborate description provided for the privacy objective of the organisation and the factors that need to be taken into account. Most of these objectives are covered under Sections 22 and 23 of the draft Bill but nevertheless, the standard has recommended a few other factors such as geographical operation, industrial domain and type of individuals as specific factors to be taken into consideration while drafting the privacy objectives. How much discretionary privacy standards can be created, what is allowed freedom for industries in this regard is unclear.

Section 28 of the draft bill talks about the records and document management of the data collected or processed and the standard covers almost every bit of the section. In addition to the consideration mentioned under the bill, the standard goes forward and echoes the need to establish a policy on the preservation of obsolete policies and process documents. Data and record-keeping should be for a defined period. The majority of other legislation prescribes an average of 7 years of data-keeping. Keeping any data beyond such a reasonable period may not serve many purposes. Why this standard has prescribed such obsolete data retention is again unclear.

The standard could be made effective by only having an enactment for data protection legislation in place. For instance, the grievance redressal mechanism, though the standards do envisage an appeal mechanism, they do not establish appeal machinery. This part of the standard can be put to use only after the Data Protection Authority as per section 32 is constituted. The standard also calls for an investigative process in the event of any breach or compromise of data. The organisation is welcome to conduct an onsite or internal investigation into the breach or incidents, but once again an independent authority to investigate in a legitimate and fair manner is required.

In short, I am afraid, has it failed to take into account the special requirements contemplated under the PDPB, 2019 which may eventually become the law of the country thereby, once this law is enacted, this standard will also be required to be modified. The government has not made any announcement as per the RSPP and SPDI rules, that IS 17428 is an appropriate standard certifying the compliance of personal data management. In the absence of such explicit endorsement, the ambiguity continues as to whether the adoption of this standard is sufficient compliance under the said rules.

Finally, with the Data protection bill around the corner, the Data Protection Authority envisaged being constituted under the legislation which shall have the power to issue code, guidelines, and best practices for protecting the privacy of data subjects. How IS 17428 standards framed by the BIS will be looked at by the DPA or the proposed rule will offer a different set of practices shall be an interesting development to observe.

References:

[1] https://economictimes.indiatimes.com/industry/cons-products/fashion-/-cosmetics-/-jewellery/abfrl-faces-data-breach-on-its-portal/articleshow/88930807.cms

[2] The IS 17438 was established on November 20, 2020 and notified in the official gazette on December 4, 2020. Please see the notification available at: https://egazette.nic.in/WriteReadData/2020/223869.pdf (last visited Jan 18, 2022).

[3] Supra note 2.

[4] Sub-clause 4.2.2 of the IS Requirements: “Privacy Notice”.

 

 

Photo Credits:

Image by Darwin Laganzon from Pixabay 

Introduction of record and document management, risk assessment and data subject request management are a few of the aspects that bring onerous responsibilities on companies making them more accountable and transparent.  These aspects have laid down procedures and mechanisms for an organisation to improve their privacy management, for example, introducing processes such as verification of identity, access to information, evidence of capture events of consent and retention period of obsolete documents.

POST A COMMENT

Share on facebook
Share on twitter
Share on linkedin

From Assembly Elections to Industry the Need to Address Change is Universal

Along with announcing the schedule for elections in 5 states a few days ago, India’s Election Commission (EC) also imposed certain restrictions on how parties and candidates can campaign during these elections. The limitations on rallies and gatherings- the most popular platforms for all political parties- were the result of the continuing spread of Covid cases across India. It was also partly in response to the criticism of the EC for not preventing large gatherings and political rallies during the previous round of assembly elections held in 2021. The EC has said it will review its restrictions after a period of time.

Expectedly, some murmurs have begun about how such restrictions will create a non-level playing field against smaller and regional parties. This concern is probably not entirely invalid; the EC’s action will definitely have an impact on how different parties campaign (and possibly, the results too, in some cases). However, I prefer to see the bigger picture. Specifically, I see two key messages in the EC’s recent action. The first is the acknowledgement that even in our country, political processes are not immune to change. The second is that while many forces of major change are unpredictable (e.g., the pandemic itself), the human race is by and large equipped to adapt to them.

Responding to changes takes time, and these timelines vary with the context of the change. For example, climate change related actions have taken much longer than ideal. Also, not all solutions will be ideal. And as solutions are deployed, newer problems may emerge (e.g., the virus mutating to new strains). It will therefore be interesting to see how different parties and individual candidates utilize digital tools to reach out to the people in their constituencies and convey their poll messages. In some sense, election campaigning is a lot like marketing, so a mix of physical, electronic and digital avenues will need to be used. The restrictions on rallies will tip the scales in favour of electronic/digital and hybrid channels will emerge.

It is just as important for parties to keep track of which of these channels gives them the highest RoI, so that they can refine them and build on them for future use. There is no point in adopting campaign channels that do not deliver. All change must be looked at in the context of its impact on consumer behaviour. In elections, the voters are the consumers of the political messaging; elsewhere, it is the paying customer.

In the world of business, as in life, it is tempting but naïve to look for one-to-one mapping of cause and effect. Consider the example of disruptions to global supply chains that have adversely impacted certain industries more than others. The automotive industry, for instance, has been affected because customers are keen on buying a certain model of car/SUV with certain preferences- and if those are not available (because carmakers do not have the chips or other components), they defer their purchases.

The emergence of Electric Vehicles (EVs) as a distinct industry with its own ecosystem is another major trend. The high price of fossil fuels, government policies, reducing cost of EVs, availability of charging infrastructure and rising environmental consciousness around the world are all contributing to a shift to hybrid/EVs. This is a threat to conventional carmakers whose products run on internal combustion engines. Unless they pivot, they will find it difficult to stay relevant in the years ahead. I do not expect conventional petrol/diesel powered cars/SUVs to be replaced by EVs in the next decade. But players will need to transform themselves to meet the challenges posed on both the supply and demand side.

The rise of the Direct-to-Customer model in FMCG may well provide a template for carmakers as well. Rather than mass-producing a large number of cars of a certain model/colour etc. and shipping them to dealers around the country (where they remain as inventory), the industry may evolve to a model where customers can pre-order vehicles of their choice and get it delivered on a certain day/date. This has already started in India, with Ola adopting this approach for its electric scooters. But as with anything new, teething troubles are inevitable. Just as companies have to get used to not having the cushion provided by dealers, customers too will have to get used to the absence of the middleman- the dealer- whose neck is the first one to catch if there is a delivery delay or problem with the vehicle.

I cite the above example only to illustrate my point. Multifaceted change and the consequent need to respond to these forces is not limited to any particular industry. While the underlying drivers of change or the pace may vary, enterprises in every industry will need to transform to remain relevant. Even the professional services industry (lawyers, accountants, consultants etc.) is not immune, simply because the kinds of problems they will increasingly be called to help solve will not be similar to the ones they have dealt with in the past.

Image Credits: Photo by Ross Findon on Unsplash

Multifaceted change and the consequent need to respond to these forces is not limited to any particular industry. While the underlying drivers of change or the pace may vary, enterprises in every industry will need to transform to remain relevant. 

POST A COMMENT

Share on facebook
Share on twitter
Share on linkedin

Impact of India's Proposed Central Bank Digital Currency (CBDC)

Numerous signals have been emanating from the government and the RBI in the past several months to indicate the imminent launch of India’s Central Bank Digital Currency (CBDC). This includes the announcement last month that the Cryptocurrency and Official Digital Currency Bill, 2021 will be tabled for discussion in the ongoing session of the Indian parliament.

What is a CBDC?

In simple terms, it is the digital version of legal tender issued by a sovereign central bank. In terms of value, it is the same as the country’s fiat currency and is exchangeable with physical currency on demand. Thus, India’s CBDC will be denominated in Rupees. Like physical currency notes/coins, CBDC can be used by individuals and businesses as a store of value and to make payments for purchasing goods/services.

 

Why does India need a CBDC?

There are many reasons why countries will need their own CBDC systems. In India, interbank transactions and settlements already take place through the reserves individual banks maintain with the RBI, so there may not be much impact in this arena. However, in the retail segment, a bulk of the transactions still rely on physical cash and increasingly, on digital payment solutions. It is important to recognize that payment solutions such as those from Google, Amazon, Apple, or Paytm and Phonepe are all privately-owned and controlled; as such, their growing popularity does pose a risk to the country’s financial system.

For example, it is estimated that 94% of mobile payment transactions in China are processed on transactions owned by Alibaba or Tencent. As the companies behind these apps start to build “ecosystems”, more and more goods and services can be paid for through these apps. Such integration and breadth of usage can easily create a virtual stranglehold that has the potential to place at risk the entire financial system of a country; there could even be regional or global ripples. The launch of a CBDC is thus not just a digital payment system, but also a mechanism towards mitigation of major risks that are associated with an increasingly digital world.

Currently, all payment solutions in India, whether developed and deployed by fintech players, Big Tech or banks, run on the Unified Payments Interface (UPI) infrastructure built and managed by the National Payments Corporation of India (NPCI), which is jointly promoted by the RBI and the Indian Banks’ Association (IBA). That India’s payments backbone has never been in private hands reduces the level of risk to our financial system. Also, it must also be acknowledged that the NPCI has done a fabulous job so far. The month of October 2021 alone saw more than 4.2 billion transactions being processed through NPCI infrastructure. But it is important to keep in mind that the payment apps owned and managed by fintech and Big Tech companies are not under the direct regulatory supervision of the RBI because they are not licensed banks. A CBDC-based ecosystem will make the regulation of such apps and platforms easier and more effective- thus enabling a higher degree of consumer protection. 

There are other reasons too why an Indian CBDC will become a necessity sooner rather than later. Countries like China are already at an advanced stage of launching their versions of CBDC. Given global cross-border trade and investment flows and repatriation of funds by Indian diaspora overseas and tourist travel, it is only a matter of time before Chinese or other CBDC enter the Indian financial system. And as more countries launch their own CBDC, it is imperative that we have our own, so that we can negotiate from a position of experience (and strength) when it comes to agreeing on multilateral CBDC protocols.

A well-designed CBDC system reduces the threat of counterfeit currency- something that our adversaries have used over many decades to weaken our economy. Arguably, CBDC can also play an important role in the nation’s fight against corruption and black money- although much will depend on how it evolves and the operational rules and regulatory framework governing it.

 

CBDC: The Road Ahead

At this time, it is unclear when and how the government will choose to launch India’s CBDC. But it is fair to say that an entirely new digital currency ecosystem will be needed. It is likely that the RBI itself will cause to design, develop and run the CBDC infrastructure. There are also speculations that they would be regulated as financial assets by the Securities & Exchange Board of India (SEBI). Big Tech, fintech and banks will need to link their apps to this new infrastructure as well- assuming that over time, individuals will retain the option to pay via physical currency-backed UPI platforms or their CBDC cousins.

Since no regulator can compete with those it is tasked with regulating, the RBI may have to let financial intermediaries continue to take responsibility for the distribution of digital currency via e-wallets or other pre-paid digital instruments and similar solutions. This also means that fintech players, BigTech and retail banks will need to evolve their platforms and come up with innovative offerings to ride this new wave of opportunity. The road ahead will have its own challenges at both the policy and operational levels. The success of CBDC will also depend on how quickly internet access expands across the country and how resistant to hacking and breaches the underlying systems are.

Fasten your seatbelts and prepare for an interesting ride at the end of which, digital currency could be the crowned king. 

 

Image Credits:  Photo by Alesia Kozik from Pexels

At this time, it is unclear when and how the RBI will choose to launch India’s CBDC. But it is fair to say that an entirely new digital currency ecosystem will be needed. It is likely that the RBI itself will cause to design, develop and run the CBDC infrastructure

POST A COMMENT

Share on facebook
Share on twitter
Share on linkedin

Frequently Asked Questions (FAQs) on Flying Drones in India 2021

Drones have been buzzing to become the next significant tech-fascination. Owing to their sleek build, agile mobility and ability to access areas of topography beyond the reach of humans; they are increasingly relevant in today’s innovation and utility-driven technology trends. However, as with any pioneering design, the value of drones largely depends upon the intention of their use. For instance, they can be employed to perform illegal or destructive activities by terrorist groups as was evident from the June drone attack at the Indian Airforce Station in Jammu.[1] Additionally, they can easily malfunction and cause unintended harm to human life or the environment.

In view of their heightened demand and novelty, governing their usage and ownership became imperative and consequently, in March 2021, the Ministry of Civil Aviation published the Unmanned Aircraft System (UAS) Rules, 2021. However, the UAS rules were perceived as restrictive and complex. Based on the feedback from various stakeholders the UAS Rules, 2021 were repealed and the new Drone Rules, 2021 were notified under the Aircraft Act, 1934;  their scope excluded the actions done or omitted before the enforcement of these rules. Here are a few pertinent questions that we have tried to answer in light of the new rules:

Do I need a drone pilot license for flying drones in India?

 

One would require a remote pilot license to fly a drone in India unless exempted. The exceptions include the operation of nano drones and the non-commercial operation of micro-drones (i.e., drones weighing between 250 grams and 2kg). 

Additionally, no remote pilot license is required for drones operated for testing purposes within the premises of a research and development entity / educational entity under the Central government, drone manufacturer with a GST, Start-up recognized by the DPIIT, or an authorized testing entity when operated within the green zone.

Are there any restrictions on flying drones at night or over people in India?

 

The current regulations are silent on the timing at which drones can be flown. However, as night-time flying of drones will have additional safety implications and may require drones to be fitted with other mandatory safety features such as anti-collision lighting, we will have to wait for further clarification/notifications from the Ministry in this regard.

Is there a last date for registering my drone in India?

 

As per the Drone Rules 2021, a person owning an unmanned aircraft system manufactured in India or imported into India on or before the 30th day of November 2021 must make an application to register the drone and obtain a UIN by 31st December 2021. But, as per the Digital sky platform, the last date to obtain a Drone Acknowledgment Number (“DAN”) for an unlisted drone is 30th November 2021. Therefore, there seems to be a conflict between the dates specified on the website and the new drone rules. Also, as per the digital sky platform and the press release by the ministry of civil aviation one must have a DAN, a GST-paid invoice and must be part of the list of DGCA-approved drones to enlist an existing drone. 

Do I need permission to fly toy drone in India?

 

Under the guidelines to enlist an existing drone, it clearly specifies that all unmanned aircraft needs to be enlisted and it has been clarified that this includes models, prototypes, toys, RC aircraft, autonomous and remotely piloted aircraft systems, etc. [2] From these guidelines on the enlistment of drones it can be inferred that unmanned aircraft also includes toys. Thus, toy drone manufacturers/operators would need to obtain the compulsory permissions under the rules.

A remote pilot license is not required to operate nano drones and micro drones (i.e., drones weighing between 250 grams and 2kg) used for non-commercial purposes.  Type certification is not required for nano drones and model remotely piloted aircraft systems (i.e., drones used for educational, research, testing, design, and recreational purposes weighing below 25 kgs and operated within the visual line of sight). All drones need to obtain a UIN except drones used for testing purposes within the green zone and premises of the testing entity.

Hence, toy drones would require a UIN and, may require a remote pilot license and type certification depending on the size and nature of the drone. It would also need to be ensured that the drone is being flown in the green zone and that there are no notifications/restriction on the digital sky platform for drone operation in the intended area of operation.

Are there any restrictions on flying drones remotely over the internet?

 

“Remotely piloted aircraft” is defined by Drone Rules as an unmanned aircraft that is piloted from a remote pilot station. One must obtain a remote drone pilot license and type certify drones unless exempted to operate drones. Model remotely piloted aircrafts have to be operated within the visual line of sight. 

Other than the type certification and the remote pilot license, all drones need to obtain a UIN. They should not carry dangerous goods or arms, ammunitions etc. unless permitted by the concerned authority. They have to fly within the permitted zones and not violate the right of way of a manned aircraft.

The current regulations are silent on the operation of drones Beyond Visual line of sight (BVLOS). However, it is observed that entities are still availing conditional exemption for BVLOS operation from the Ministry.

What are the customs regulations for entering India with a drone?

 

Under the Drone rules, import of Drones is to be regulated by the Directorate General of Foreign Trade (DGFT) or any other authorised entity. The DGFT has not released any specific import policy on drones after the release of the rules. Under the existing Import Policy by the DGFT, import of Unmanned Aircraft System is “Restricted” and requires prior clearance of the Directorate General of Civil Aviation (DGCA) and import license from DGFT.  Nano drones (i.e., drones weighing up to 250 grams) and operating below 50ft/ 15 meters above ground level are exempted from the requirement of an import clearance from the DGCA or import license from the DGFT.[3]

Although the new rules have eliminated the requirement for import clearance from the DGCA, the DGFT is yet to update the import policy and remove the requirement from the import policy.

Further, the Import Policy by the DGFT refers to the Guidelines issued by the Directorate General of Civil Aviation. These guidelines mandate that anyone wishing to import must obtain Equipment type approval from the Wireless Planning and Co-ordination Wing, Department of Telecommunication for operating in de-licensed frequency bands. [4]  An application has to be made for a Unique Identification Number (UIN) post the necessary approvals are obtained to operate a drone in India.

Can drones be used for food/package delivery/advertisements in India?

 

The current rules prohibit the carriage of arms, ammunitions munitions of war, implements of war, explosives and military stores, etc. unless permitted by Central Government. It also regulates the carriage of dangerous goods as per the Carriage of Dangerous Goods Rules, 2003. Other than the above, the current regulations are silent on the aspect of permitted payloads.

When it comes to drones, unlike aeroplanes that generally take-off from an airport, there are no specific ports from which drones are flown. The new rules mention the development of policy framework for developing corridors for safe and seamless transfer of goods by drones. As goods on a drone could have potential dangers such as accidental drops during flight and difficulty in regulation, it is possible that these will require further regulation. The 2018 CAR and UAS Rules, 2021 required drone operators to get special approval to drop/discharge substances. Such conditions are not specified in the current rules. It would be advisable to get special clarification from the DGCA on permitted payloads as there are additional safety implications associated with it.

Are there any other initiatives in place other than the liberalized Drone Rules 2021 to achieve the target of making India a drone hub by 2030?

 

In furtherance to the initiative of the liberalization of the regulations governing Drones, the Indian government approved the Production Linked Incentive scheme (PLI) for drones and drone components in India. The net fund assigned under the scheme is Rs. 120 crores over three financial years.

It provides relaxed criteria for MSMEs and startups to encourage them to avail the benefits of the scheme. The rate of PLI is fixed at 20% of the value addition throughout the scheme. Depending on the value added by the manufacturer, their eligible PLI will be 20% of the addition. The minimum addition is set at 40% of the eligible sales turnover of the FY. Value addition is calculated as the eligible sales minus the eligible purchase cost.

It is the responsibility of the component manufacturers to show that the components are exclusively used in manufacture of drones. The scheme is for three years from 2021-2022 . The amount will be disbursed in the subsequent financial year to which it is claimed . An applicant is eligible for three consecutive years but up to FY 2023-2024.[5]

 

What steps are being taken for traffic management and avoidance of collision between manned and unmanned aircraft?

 

On the 25th of October the Unmanned Aircraft System (UAS) Traffic Management (UTM) policy framework was published by the Ministry of Civil Aviation. To achieve UTM-ATM (Air Traffic Management) interoperability and integration, the policy suggests aligning with the framework of the International Civil Aviation Organisation for UTMs. It invites studies/ proposals on real -time tracking mechanisms as real -time identification and tracking (RIT) via Bluetooth or wifi is not practical owing to the low operational range. As per the policy, all unmanned aircrafts may implement RIT via network for successful separation from manned aircrafts. However, it does recognise that this facility will not be available in areas without telecommunication network.

 

The Future Lies in the Sky

 

The new drone rules have liberalised and simplified the regulations pertaining to drones. Instead of having all the regulations and certifications within these rules, powers have either been delegated or separate authorities and platforms have been established to deal with specific issues. The new rules also facilitate self-certification and self-monitoring as well as provide an easier process for transfer and deregistration. Further, they have done away with the approvals required for unique authorisation number, unique prototype identification number, certificate of conformance, certificate of maintenance, import clearance, acceptance of existing drones, operator permit, authorisation of R&D organisation, student remote pilot licence, remote pilot instructor authorisation, drone port authorisation etc. Forms have been reduced from 25 to 6.  There is no specific criteria or approvals for drone ports, instead, the current rules have proposed that a policy be developed with a framework for corridors for the delivery of goods.

All these accompanied with the considerable reduction in the fees with respect to the remote pilot license and other registrations/certifications (wherever applicable) will set new grounds and open up a plethora of opportunities for start-ups, SMEs and research organisations who want to venture into the field of aviation, avionics and related interests. As an effect, the future will soon see Amazon, Zomato deliveries through drones, site verification for insurance organisations, crime patrolling, disaster assessment etc. eventually, as Union Minister for Civil Aviation, Jyotiraditya Scindia told, make India a global drone hub by 2030.

The future lies in the sky and beyond, and it is going to get crowded than ever!

References 

[1] https://www.thehindu.com/news/national/two-explosions-rock-technical-area-of-jammu-airport/article34997389.ece

[2] https://dronenlisting.dgca.gov.in/

[3] https://www.dgft.gov.in/CP/?opt=itchs-import-export

[4] F.No.05-13/2014-AED Vol. IV dated 27th August, 2018.

[5] https://egazette.nic.in/WriteReadData/2021/230076.pdf

Image Credits:

Photo by Dose Media on Unsplash

The new drone rules have liberalised and simplified the regulations pertaining to drones. Instead of having all the regulations and certifications within these rules, powers have either been delegated or separate authorities and platforms have been established to deal with specific issues

POST A COMMENT

Share on facebook
Share on twitter
Share on linkedin

Strong Tailwinds for India’s Technology Sector Entrepreneurs and Startups

Venture Capital (VC) investments in Indian startups in the period January – July 2021 were reported at around US$17.2 Billion. Although this figure is lower than the quantum of investments made in China in the same period, it is a healthy 55% more than the US$11.1 Billion VCs invested in India in the year 2020. Here’s an even more interesting data point: in July 2021, VCs invested around US$8 Billion in India, in comparison, their investments in China were approximately US$5 Billion. This was the first time since 2013 that India attracted more VC investments than China.

One swallow does not make a summer, but there are many reasons to believe that significantly higher levels of risk capital will become available to Indian entrepreneurs- and especially to those in the tech space. While most of these have to do with India’s intrinsic strengths, there are also some external forces at work. Here is what I believe will fuel India’s tech entrepreneurs over the course of the next five years or so.

  • Steep increase in the number of Indian unicorns:

The first 9 months of 2021 alone have seen 28 new unicorns (a term that denotes startups with valuations of US$1Billion or more) emerge in India. This number stood at 38 at the end of 2020.

  • Fintech innovation:

India has seen several innovative fintech come up in the last ten years, many of which are already unicorns or on their way there. As the global banking and financial services industry look for disruptive solutions and new ways of building ecosystems, many of these “Made in India” innovations will become globally relevant and hence attractive investment opportunities.

  • The rise and rise of Edtech:

As a result of the pandemic and the emergence of interactive technologies, the learning and education space has undergone a massive transformation in the last two years. Not just in the early school years but also coaching for various entrance exams. Byju’s for example, is valued at almost US$16.5 Billion, and has already acquired 9 other Edtech companies in recent months. Like fintech, the Edtech opportunity too has the potential to tap global business opportunities.

  • Rising interest amongst western VC funds:

Existing investors are looking to expand their Indian portfolio, with some big-name investors like Tiger Global making 25 investments in India between January and August 2021 (in 2020, they invested in 18 startups). New VC firms that have not previously invested in India too are also entering the market. Andreessen Horowitz (a16z) fund, for example, recently closed a US$260 Million investment in crypto player CoinSwitch Kuber (valuing it US$1.9 Billion). Reports suggest a 60% increase in participation by US investors in Indian fintech startups over the last three years. The Unacademy group, another major Edtech player in India, recently raised US$440 million (investors included non-US funds as well)- valuing the startup at almost US$3.5 Billion.

  • Many global giants already have an Indian presence:

It was recently reported that one in 12 global unicorns have their technology centers based in India (source: August report of the IVCA). As Indian ventures and their innovations gain global visibility, I believe many more global organizations will set up shop in India (As elaborated in my earlier blog – Global Captive Centers in India: Can add Value If Set Up Differently).

  • Strong talent base:

India has a large, trained pool of tech and managerial talent that can be attracted to startups both by higher compensation made possible by Venture Capital backing and the thrill of creating something new. Such talent can form the crucial leadership and middle layers as these startups scale and grow rapidly.

  • Entrepreneurship on the ascent:

Increasingly, young graduates are turning entrepreneurs– and choosing this avenue instead of the safety of “safe” jobs with established companies. And of course, there are senior leaders from various companies who are also getting bitten by the startup bug and leaving to start/mentor various early-stage ventures.

 

Conclusion

 

Of course, there’s also the elephant (more accurately, the dragon) in the room. The Chinese Communist Party leadership has, in the past year or so, made a number of major policy changes with the apparent intention of targeting China’s home-grown Big businesses (tech and others). The Chinese government’s seeming unwillingness to come to the rescue of defaulting real estate majors is another event that has muddied waters for investors. Western investors have significant exposure to many of these companies whose wings have clearly been clipped. Strains in diplomatic and economic ties between China and the west are expected to trigger a slowdown in fresh investments, if not cause an exit from Chinese businesses.

Capital chases the best risk-adjusted returns and so will always gravitate to where investors expect the best outcomes. India, with its relative political stability, acknowledged track record of democracy, continuing commitment to reforms, and growing stature as a global innovation hub makes it an attractive alternative.

Image Credits:

Photo by ThisisEngineering RAEng on Unsplash

Capital chases the best risk-adjusted returns and so will always gravitate to where investors expect the best outcomes. India, with its relative political stability, acknowledged track record of democracy, continuing commitment to reforms and growing stature as a global innovation hub makes it an attractive alternative.

POST A COMMENT

Share on facebook
Share on twitter
Share on linkedin

Intermediary Guidelines and Digital Media Ethics Code: Shifting Paradigm of Social & Digital Media Platforms

It has been just over six months since the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (the “Rules“) have been notified. However, these six months have been nothing short of a roller coaster ride for the (Internet) Intermediaries and Digital Media platforms, especially Social Media platforms who have tried to muddle through the slew of compliance obligations now imposed through these eccentric Rules. Notwithstanding, some of them had to face the wrath of the Government and even Courts for the delay in adherence.

On this topic, we are trying to stitch together a series of articles covering the entire gamut of the Rules, including their objective, applicability, impact, and the key issues around some of the rules being declared unconstitutional, etc.

In our first article, we analyse the timeline, objectives, and applicability of these Rules through some of the definitions provided under the Rules and the IT Act.

Tracing the Roots of the Digital Media Ethics Code 

The initiation of this endeavour can be tracked down to July 26, 2018, when a Calling Attention Motion was introduced in the Rajya Sabha on the misuse of social media and spread of fake news, whereby the Minister of Electronics and Information Technology conveyed the Government’s intent to strengthen the existing legal framework and make social media platforms accountable under the law. Thereafter, the first draft of the proposed amendments to the Intermediary Guidelines, The Information Technology (Intermediary Guidelines (Amendment) Rules) 2018, was published for public comments on December 24, 2018.

In the same year, the Supreme Court in Prajwala v. Union of India[1] directed the Union Government to form necessary guidelines or Statement of Procedures (SOPs) to curb child pornography online. An ad-hoc committee of the Rajya Sabha studied the issue of pornography on social media and its effects on children and the society and laid its report recommending the facilitation of identification of the first originator of such contents in February 2020.

In another matter, the Supreme Court of India on October 15 2020, issued a notice to the Union Government seeking its response on a PIL to regulate OTT Platforms. The Union Government subsequently on November 9 2020, made a notification bringing digital and online media under the ambit of the Ministry of Information and Broadcasting, thereby giving the Ministry the power to regulate OTT Platforms.

On February 25, 2021, the Union Government notified the much-anticipated Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, bringing various digital entities under its purview and imposing new compliances to regulate them.

 

Objectives of the Digital Media Ethics Code

The rising internet and social media penetration in India raises concerns of transparency, disinformation and misuse of such technologies. The Rules address these concerns and bring accountability to social and digital media platforms by mandating the setting up of a grievance redressal mechanism that adheres to statutory timeframes. The Rules also address the legal lacuna surrounding the regulation of OTT platforms and the content available on them and introduces a three-tier content regulation mechanism.

Key definitions and the applicability of the Digital Media Ethics Code

The Rules add on extensively to the 2011 Intermediary Guidelines and also introduce new terms and definitions. To understand the Rules and the compliances thereunder in a holistic manner, it becomes imperative to learn the key terms and definitions. This also addresses concerns of applicability of the Rules to different entities, as they prescribe different sets of compliances to different categories of entities.

Key definitions:

Digital Media as per Rule 2(1)(i) are digitised content that can be transmitted over the internet or computer networks, including content received, stored, transmitted, edited or processed by

  • an intermediary; or
  • a publisher of news and current affairs content or a publisher of online curated content.

This broadly includes every content available online and every content that can be transmitted over the internet.

Grievance as per Rule 2(1)(j) includes any complaint, whether regarding any content, any duties of an intermediary or publisher under the Act, or other matters pertaining to the computer resource of an intermediary or publisher as the case may be.

Intermediary has not been defined in the Rules, but as per S. 2(1)(w) of the IT Act, intermediary, with respect to any particular electronic record, is any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes.

The first part of the definition lays down that an Intermediary with respect to an electronic record, is any person that receives, stores or transmits that electronic record on behalf of another person.

An entity becomes an intermediary for a particular electronic record if that record is received by, stored in or transmitted through the entity on behalf of a third party. However, as the clause does not use the term “collect” with respect to an electronic record, any data that entities may collect, including IP Addresses, device information, etc., do not fall within the definition’s purview. Hence the entities would not be considered as intermediaries for such data.

Moreover, the second part of the definition lays down that those entities that provide any service with respect to an electronic record would be intermediaries. However, what constitutes “service” has been a key point of discussion in prior cases. In Christian Louboutin Sas v. Nakul Bajaj[2], the Court not only held that the nature of the service offered by an entity would determine whether it falls under the ambit of the definition, but also went on to hold that when the involvement of an entity is more than that of merely an intermediary, i.e., it actively takes part in the use of such record, it might lose safe harbour protection under S. 79 of the Act.

The definition also includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-market places, and cyber cafes as intermediaries. In Satish N v. State of Karnataka[3], it was held that taxi aggregators like Uber are also intermediaries with respect to the data they store. Therefore, Telecom Service Providers like Airtel, Vi, Jio, etc., Network Service Providers like Reliance Jio, BSNL, MTNL, etc., Internet Service Providers like ACT Fibernet, Hathaway, etc., Search Engines like Google, Bing, etc., Online Payment gateways like Razorpay, Billdesk etc., Online Auction Sites like eBay, eAuction India, etc., Online Market Places like Flipkart, Amazon etc. are all considered intermediaries.

Social Media Intermediaries as per Rule 2(1)(w) is an intermediary which primarily or solely enables online interaction between two or more users and allows them to create, upload, share, disseminate, modify or access information using its services. This includes platforms like Tumblr, Flickr, Diaspora, Ello, etc.

Significant Social Media Intermediaries as per Rule 2(1)(v) is a social media intermediary having number of registered users in India above such threshold as notified by the Central Government. Currently, the threshold is 5 million users. Platforms that fall under this category would be Facebook, Twitter, Instagram, YouTube, Snapchat, LinkedIn, WhatsApp, Telegram etc.

News & current affairs content as per Rule 2(1)(m) includes newly received or noteworthy content, including analysis, especially about recent events primarily of socio-political, economic or cultural nature, made available over the internet or computer networks, and any digital media shall be news and current affairs content where the context, substance, purpose, import and meaning of such information is in the nature of news and current affairs content. Therefore, news pieces reported by newspapers or news agencies, shared online, on social media, or on digital media platforms are news & current affairs content. This includes contents of such nature created by any person and shared through social media platforms like WhatsApp, Facebook, Twitter etc. Digital content discussing news and the latest happenings will also come under the purview of this definition.

Newspaper as per Rule 2(1)(n) as a periodical of loosely folded sheets usually printed on newsprint and brought out daily or at least once in a week, containing information on current events, public news or comments on public news. Newspapers like The Hindu, Times of India etc. will fall under this category.

News aggregator as per Rule 2(1)(o) is an entity performing a significant role in determining the news and current affairs content being made available, makes available to users a computer resource that enable such users to access such news and current affairs content which is aggregated, curated and presented by such entity. This includes platforms like Inshorts, Dailyhunt etc.

Online curated content as per Rule 2(1)(1) is any curated catalogue of audio-visual content, other than news and current affairs content, which is owned by, licensed to or contracted to be transmitted by a publisher of online curated content, and made available on demand, including but not limited through subscription, over the internet or computer networks, and includes films, audio visual programmes, documentaries, television programmes, serials, podcasts and other such content. This includes movies and shows available on OTT platforms like Netflix, Prime Video, Disney+Hotstar etc.

Publisher of News and Current Affairs Content as per Rule 2(1)(t) includes online paper, news portal, news aggregator, news agency and such other entities, which publishes news and current affairs. This would include websites/apps such as The Wire, The News Minute, Scroll.in, Dkoding.in, The Print, The Citizen, LiveLaw, Inshorts etc.

While the Rules do not include the regular newspapers or replica e-papers of these newspapers, as they come under the Press Council Act, news websites such as Hindustantimes.com, IndianExpress.com, thehindu.com are covered under the Rules, and the Union Government clarified the same on June 10, 2021. The clarification stated that websites of organisations having traditional newspapers and digital news portals/websites of traditional TV Organisations come under the ambit of the Rules.

This does not include news and current affairs reported or posted by laymen or ordinary citizens online, as the scope is limited only to news publishing agencies.

Publisher of Online Curated Content as per Rule 2(1)(u) is a publisher who performs a significant role in determining the online curated content being made available and enables users’ access to such content via internet or computer networks. Such transmission of online currented content shall be in the course of systematic business or commercial activity. This includes all OTT platforms, including Netflix, Prime Video, Voot, Lionsgate, Disney+Hotstar, etc.

The Digital Media Ethics Code Challenged in Court

Part III of the IT Rules has been challenged by many persons in various High Courts. News platforms including The Wire, The Quint, and AltNews moved to the Delhi High Court, alleging that online news platforms do not fall under the purview of Section 87 of the IT Act, under which these Rules are made as the section is only applicable to intermediaries. Section 69A is also limited to intermediaries and government agencies. It is alleged that since such publishers are not intermediaries, they do not fall under the purview of the IT Rules.

A similar petition was moved by LiveLaw, a legal news reporting website before the Kerala High Court, alleging that the Rules violated Articles 13, 14, 19(1)(a), 19(1)(g), and 21 of the Constitution and the IT Act.[4] The petitioners contended that the Rules had brought Digital News Media under the purview of the Press Council of India Act and the Cable Television Networks (Regulation) Act, 1995, without amending either of the two legislations. They also alleged that the rules were undoing the procedural safeguards formed by the Supreme Court in the Shreya Singhal[5] case. In this regard, the Kerala High Court has ordered that no coercive action is to be taken against the petitioner as interim relief.

Recently, the Bombay High Court in Agij Promotion of Nineteenonea v. Union of India[6] delivered an interim order staying Rules 9(1) and 9(3), which provides for publishers’ compliance with the Code of Ethics, and the three tier self-regulation system respectively. The Court found Rule 9(1) prima facie an intrusion of Art. 19(1)(a).

Legality & Enforceability of the Digital Media Ethics Code

Even though six months have passed since the Rules came into force, the legality and enforceability of the Rules are still in question. While most intermediaries, including social media and significant social media intermediaries, have at least partly complied with the Rules, the same cannot be said for publishers of news and current affairs content and online curated content. This will have to wait until the challenges to its legality and constitutionality are settled by Courts.

References:

[1] 2018 SCC OnLine SC 3419.

[2] 2018 (76) PTC 508 (Del).

[3] ILR 2017 KARNATAKA 735.

[4] https://www.livelaw.in/top-stories/kerala-high-court-new-it-rules-orders-no-coercive-action-issues-notice-on-livelaws-plea-170983

[5] (2013) 12 SCC 73.

[6] Agij Promotion of Nineteenonea v. Union of India, WRIT PETITION (L.) NO.14172 of 2021.

Image Credits: 

Photo by Jeremy Bezanger on Unsplash

 

Even though six months have passed since the Rules came into force, the legality and enforceability of the Rules are still in question. While most intermediaries, including social media and significant social media intermediaries, have at least partly complied with the Rules, the same cannot be said for publishers of news and current affairs content and online curated content. This will have to wait until the challenges to its legality and constitutionality are settled by Courts.

POST A COMMENT

Share on facebook
Share on twitter
Share on linkedin

Education in India: Time to Connect the Dots and Look at the Big Picture

In the last few days, I read news reports that are seemingly unrelated on the surface. However, I think there exists a deeper connection for those willing to think outside the box. I thought I would use this article to articulate my thoughts on the connections and their possible implications for India. 

India’s New Education Policy expected to gain traction

The first item was about various initiatives announced by the Union government on the first anniversary of India’s National Education Policy (NEP). While internationalization, multiple entry/exit options, and digital education will be key pillars, one other important component is to enable students to pursue first-year Engineering courses in Indian languages.

In the context of the broad-brush changes envisioned to India’s education system, it is time to rethink the role of the UGC as a body that enables the nation’s higher education system in ways beyond disbursing funds to be recognized universities. There also ought to be more harmony between the various Boards that govern school education. The roles of bodies responsible for governing professional education in India- e.g., AICTE, NMC (which replaced the MCI), ICAI, ICSI, ICWAI, Bar Council of India etc. should also be redefined to ensure that India’s professionals remain in tune with the needs of a fast-changing world.

English will play an important role in our continued growth

The second report that caught my attention was on two main points made by Mr. Narayana Murthy (the Founder of Infosys), in a recent media interaction. He stated that it is high time that English be formally acknowledged and designated as India’s official link language, and greater emphasis is given to its teaching and learning in Indian schools. He said that his opinion is based on his first-hand knowledge of many technically qualified students in Bangalore/Karnataka who lose out in the job market largely because they lack a certain expected level of proficiency in English.

In the same interview, Mr. Murthy went on to say that on a priority basis, India needs overseas universities and vocational educational institutions to set up facilities in India to train students and teachers in key areas like nursing. This too makes sense because our healthcare infrastructure needs massive upgrades- and human resources will be critical.

China’s tightening regulations threaten its US$100 Billion EdTechc industry

The third report was on China’s recent decision to tightly regulate its online tutoring companies. The new rules bar online tutoring ventures from going public or raising foreign capital. There are also restrictions on the number of hours for which tutors can teach during weekends and vacations. In fact, the rules go so far as to make online tutorial businesses “not for profit”.

Different views have been expressed on why Chinese authorities have taken this step. Some see it as a means to reduce the cost of children’s education- and thus encourage couples to have more children. They point to this as a logical enabler of the recent relaxations in China’s two-child policy. Others view it as a step designed to clip the wings of Chinese tech companies that are deeply entrenched in many consumer segments, and have, over the past decade, acquired significant financial muscle.

To put into perspective the size of Chinese EdTech companies, consider this data point: Byju’s, arguably India’s largest EdTech company, was valued at over US$16.5 Billion as of mid-June 2021. Despite this high valuation, Byju’s would have been smaller than the top 5 Chinese EdTech players (on the basis of valuations that existed before the recent draconian rules came into effect).

Implications for India

The majority of China’s EdTech ventures are financed through significant venture capital investments from the west. Analysts expect that China’s sudden actions will, at least in the short run, divert capital to other locations. India could be a potential beneficiary because it already fosters a large EdTech ecosystem.

Given our demographics, we have a significant domestic market for education across all levels- primary, secondary, and college. Since digital education will likely become the norm, this space is ripe for newfangled innovations in the days ahead. If online education can bridge the gaps that employers currently perceive in our fresh graduates, unemployability rates shall notably decline. . This will not only contribute directly to our GDP but also indirectly stimulate innovation and entrepreneurship.

India has a large technical skill base. Some of these resources can easily be harnessed to develop next-gen education solutions using cutting-edge technologies such as AI, ML, Language Processing, Augmented Reality, etc. To begin with, Indian start-ups can build, test, and scale EdTech platforms and solutions for our domestic market. Over time, these can be refined and repurposed for global markets. Similarly, features built for the global market can be adapted to Indian markets, thus creating a virtual cycle. Such a trend will not only proffer legs to implementing India’s NEP but will also enable us as a society to improve access to education to underprivileged sections of the society. This is critical to sustaining our growth on the path of socio-economic development.

By taking the right decisions now, we can attract capital, talent, and world-famous institutional brands to this critical sector. EdTech in India has the potential to become a powerful engine of growth for our services sector. Done right, I have no doubt that in a few years, India can become a “Vishwaguru” not just in the spiritual sense, but also literally.

PS: As with many other sectors in India, the legal framework that governs education too needs to be made more contemporary and relevant, but that’s for another time.

Image Credits: Photo by Nikhita S on Unsplash

By taking the right decisions now, we can attract capital, talent and world-famous institutional brands to this critical sector. EdTech in India has the potential to become a powerful engine of growth for our services sector. Done right, I have no doubt that in a few years, India can become a “Vishwaguru” not just in the spiritual sense, but also literally.

 

POST A COMMENT

Share on facebook
Share on twitter
Share on linkedin

Income Tax Returns for AY 2020-21: Ready Referencer

With the extended time limit for filing of Income Tax Return (for AY 2020-21), u/s. 139(1), without late fees, for Non-Audit cases and for Non-Corporate assessees of 31st December 2020 fast approaching, given below is a quick guide for ready reference of some key changes that have been made in the respective Income tax return forms for this year.

Further, the conditions and features for eligibility of forms that are applicable for filing the correct income tax returns are also specified as follows:

Key Procedural Changes:

  • ITR 1 to ITR 4 can be filed using PAN or Aadhar by Individuals.
  • The submitted ITR forms display the ITR-V with a watermark ‘Not Verified’ until the same is verified either electronically by EVC or by sending the same via post after manual signing.
  • The unverified form ITR-V will not contain any income, deduction and tax details. The unverified form will only contain basic information, E-filing Acknowledgement Number and Verification part.
  • The unverified acknowledgement is titled as ‘INDIAN INCOME TAX RETURN VERIFICATION FORM’ & final ITR-V is titled as ‘INDIAN INCOME TAX RETURN ACKNOWLEDGEMENT’.
  • Return filed in response to notice u/s. 139(9), 142(1), 148, 153A, and 153C must have DIN.
  • There is a separate disclosure for Bank accounts in case of Non-Residents who are claiming income tax refund and not having a bank account in India.

COVID related Changes:

  • The Government had extended the time limit for claiming tax deduction u/CH VIA to 31st July 2020, and the details of the same need to be reported in Schedule DI (details of Investment).
  • The time limit for investing the proceeds or capital gains in other eligible assets, so as to claim exemptions u/s 54/ 54B/ 54F/ 54EC, had been extended to 30th September 2020.
  • Penal interest u/s. 234A @ 1% p.m., where the payments were due between 20-03-20 to 29-06-20 and such amounts were paid on or before 30-06-20, had been reduced to 75%, vide ordinance dated 31-03-20.
  • Period of forceful stay in India, beginning from quarantine date or 22-03-20 in any other case up to 31-03-20, is to be excluded, for the purpose of determining residential status in India.[1]

Consequences of Late filing of Return of Income:

  • Late Fees u/s. 234F of INR. 5,000 up to 31.12.20 and INR. 10,000 up to 31.03.21. In case of total income up to 5 Lacs, the penalty is INR. 1,000.
  • Penal Interest u/s. 234A @ 1% per month
  • Reduced to 75%. vide Ordinance dated 31.03.20, where the payments were due between 20.03.20 to 29.06.20, and such amounts were paid on or before 30.06.20.
  • Vide CBDT Notification dt 24.06.2020, no interest u/s 234A if Self-Assessment tax liability is less than 1 Lac and the same has been paid before the original due date.
  • In case of a belated return, loss under any head of Income (except unabsorbed depreciation) cannot be carried forwarded.
  • Deduction claims u/s. 10A, 10B, 80-IA, 80-IB, etc would not be allowed.

Consequences of Late filing of Return of Income:

  • Late Fees u/s. 234F of INR. 5,000 up to 31.12.20 and INR. 10,000 up to 31.03.21. In case of total income up to 5 Lacs, the penalty is INR. 1,000.
  • Penal Interest u/s. 234A @ 1% per month
  • Reduced to 75%. vide Ordinance dated 31.03.20, where the payments were due between 20.03.20 to 29.06.20, and such amounts were paid on or before 30.06.20.
  • Vide CBDT Notification dt 24.06.2020, no interest u/s 234A if Self-Assessment tax liability is less than 1 Lac and the same has been paid before the original due date.
  • In case of a belated return, loss under any head of Income (except unabsorbed depreciation) cannot be carried forwarded.
  • Deduction claims u/s. 10A, 10B, 80-IA, 80-IB, etc would not be allowed.

Vide CBDT Notification dt 24.06.2020, no interest u/s 234A if Self-Assessment tax liability is less than 1 Lac and the same has been paid before the original due date.

  1. Section 5A: Apportionment of income between spouses governed by the Portuguese Civil Code.
  2.  115BBDA: Tax on dividend from companies exceeding Rs. 10 Lakhs; 115BBE: Tax on unexplained credits, investment, money, etc. u/s. 68 or 69 or 69A or 69B or 69C or 69D.
  3. Inserted in sec 139(1) by Act No. 23 of 2019, w.e.f. 1-4-2020:

Provided also that a person referred to in clause (b), who is not required to furnish a return under this sub-section, and who during the previous year:

  • has deposited an amount or aggregate of the amounts exceeding one crore rupees in one or more current accounts maintained with a banking company or a co-operative bank; or
  • has incurred expenditure of an amount or aggregate of the amounts exceeding two lakh rupees for himself or any other person for travel to a foreign country; or
  • has incurred expenditure of an amount or aggregate of the amounts exceeding one lakh rupees towards consumption of electricity; or
  • fulfils such other conditions as may be prescribed,

Shall furnish a return of his income on or before the due date in such form and verified in such manner and setting forth such other particulars, as may be prescribed.

4. Section 57: Deduction against income chargeable under the head “Income from other sources”.

5. Schedule DI: Investment eligible for deduction against income (Ch VIA deductions) to be bifurcated between paid in F.Y.19-20 and during the period 01-04-20 to 31-07-20.

6.High-value Transaction: Annual Cash deposit exceeding Rs. 1 crore or Foreign travel expenditure exceeding Rs. 2 Lakhs, Annual electricity expenditure exceeding Rs. 1 Lakh.
7.Schedule 112A: From the sale of equity share in a company or unit of equity- oriented fund or unit of a business trust on which STT is paid under Section 112A.

8. 115AD(1)(iii) proviso: for Non-Residents – from the sale of equity share in a company or unit of equity-oriented fund or unit of a business trust on which STT is paid under Section 112A.
9. Section 40(ba): any payment of interest, salary, bonus, commission or remuneration paid to a member in case of Association of Person (AOP) or Body of Individual (BOI).

10. Section 90 & 90A: Foreign tax credit in cases where there is a bilateral agreement; Section 91: Foreign tax credit in cases of no agreement between the countries.

[1] Circular No 11 of 2020 dated 08th May 2020.

References

Image Credits: Photo by Markus Winkler from Pexels

POST A COMMENT