Moneycontrol
Last Updated : Jun 01, 2011 08:31 AM IST | Source: CNBC-TV18

Govt makes 'Location Based Service' mandatory for operators

The government on Tuesday made it mandatory for operators to introduce Location Based Service, which may cost service providers about USD 5 billion to upgrade their networks that may promt them to hike tariffs, as one of the steps to enhance security against misuse.


The government on Tuesday made it mandatory for operators to introduce Location Based Service, which may cost service providers about USD 5 billion to upgrade their networks that may promt them to hike tariffs, as one of the steps to enhance security against misuse.


Location Based Service (LBS) provides details of mobile customers in the area in which the subscriber is using the phone. The timeframe for introducing the service ranges from 1-3 years depending upon the service area.


The Telecom Ministry amended the licences and has asked operators to appoint only Indian nationals for maintaining networks and said any security breach would lead to Rs 50 crore penalty besides initiation of criminal proceedings.


"The licencees shall employ only resident, trained Indian nationals as Chief Technical Officers (CTOs), Chief Information Security Officer, Nodal executives for handling interception and monitoring cases and incharge of softswitch, central data base and system administrator," the amendment said.


It said that a penalty of up to Rs 50 crore will be levied for any security breach which has been caused due to inadvertent inadequacy in precaution on the part of licensee prescribed under this amendment.


According to preliminary estimates, introduction of LBS may cost up to USD 5 billion (over Rs 20,000 crore) to Indian operators.


"The govenment should subsidise services or reduce the taxation burden as operators are already facing huge costs on network expansion both in existing 2G and also on 3G operations," COAI Director General R S Mathews told PTI while commenting on LBS.


It has asked the operators to ensure that all the documentation, including software details are obtained from manufacturer/vendor/supplier of equipment in English language.


This has been opposed by foreign vendors. In case of inadequate measures prescribed under this amendment, act of intentional omissions, deliberate vulnerability left into the equipment or in case of deliberate attempt for a security breach, penalty will be Rs 50 crore per breach. The Licensee shall deposit the penalty amount with the Licensor within 30 days of the issue of notice.


The Licensees shall be completely and totally responsible for security of their network and they shall have organisational policy on security and security management of their networks.


The operators must audit their network or get the network audited from security point of view once a year from a network audit and certification agency


The Telecom Ministry has also suggested steps like the licensee should endeavour to create forum, say, Telecom Security Council of India (TSCI), on voluntary basis to increase the security assurance levels and share common issues, which will help in increasing the security of networks.


The amendment also says that the licensee shall induct only those network elements into his telecom network, which have been got tested as per relevant contemporary India or International Security Standards. The copies of test results and test certificates shall be kept by the licensee for a period of 10 years from the date of procurement of equipment.


The Licensee through suitable agreement clauses with vendor shall ensure that the vendor/ suppliers allow the Telecom Service Provider, Licensor/ DoT or its designated agencies to inspect hardware, software, design and supplychain and subject all software to a security/ threat check any time during the supplies of equipment.

The expenditure for such visits for order valuing more than Rs 50 crore up to 40 man days per visit shall be borne bythe licensee directly or through vendor. The operators shall create facilities for monitoring all intrusions, attacks and frauds and report the same to the licensor.

First Published on May 31, 2011 11:05 pm
Sections