The Department of Telecom (DoT) has issued a notification dated 16 May 2018 (Notification) which prescribes know your customer (KYC) norms for issuing subscriber identity module (SIM) cards to be used in machine to machine (M2M) communications. Amongst other things, the Notification also deals with the restrictions and ownership related aspects of SIMs to be used in M2M devices.
The Notification is one of the first in a long time that provides pivotal understanding over some of the material and significant aspects of M2M communications. In a way, the DoT has provided fundamental clarifications over certain questions that were long awaited by the industry.
Before we outline the provisions of the Notification, it will be prudent to understand the meaning of M2M communications. M2M communication is also generally identified as ‘internet of things’ around the world. In simple words, it is a concept that allows machines to interact amongst themselves (using internet or evolving communication technology) with minimal human intervention.
M2M communications is a result of convergence of multiple technologies (such as wireless communication, sensors etc.) and few constituents of M2M ecosystem include the device manufacturer, connectivity provider or telecom service providers (TSP), M2M service provider (Service Provider) and the end user.
Key highlights of the Notification
The landscape around regulatory framework for M2M communications have been largely unclear and the Notification issued by DoT is very important considering the issues related to ownership of SIM, KYC norms, e-SIM etc. had not been addressed thus far. By way of the Notification, the DoT has carved out a major exception and permitted transferability of M2M SIMs. Traditionally, the SIMs used in everyday life for voice and data communication are not permitted to be transferred. It is a welcome decision as it is in line with the demand of the present day, where automation has seeped into every industry. The Notification has also permitted use of embedded SIM in devices which is landmark for the industry, which will facilitate proliferation of M2M both in domestic and industrial spheres.
The Notification envisages Service Provider and TSPs to comply with provisions set out, but questions arise regarding the compliance requirements of other stakeholders and whether they will be covered under the regulatory framework. Further, other issues such as registration requirements for Service Provider, roaming and spectrum aspects, quality of service, data protection have been deliberated in the past but are not covered under the Notification.
Importantly, the Notification imposes a significant penalty on Service Providers in case of non-compliance of provisions of the Notification. It states that all connections issued to a breaching Service Provider will be disconnected if such Service Provider fails to comply with the instructions in the Notification (post expiry of period of six months from the date of issue of Notification). The DoT may subsequently need to provide clarity over the intent of the provision as it appears to be severe and disproportionate. It will not only impact the service offering by Service Providers but also affect the end users.
While the Notification may not be comprehensive, it does spell out answers to issues that were persisting, and much will be required to be done in near future to formulate sound legal and regulatory framework around M2M communications.