The cloud service industry in India has generally been an unregulated space, despite multiple attempts by the government over the past decade to introduce legal and policy frameworks. The National Telecom Policy, issued by the Department of Telecommunications in 2012, was one of the first policy attempts that addressed the need to adopt cloud computing. In 2018, the Digital Communications Policy replaced the 2012 policy with an aim to establish India as a global hub for cloud computing and create a light touch regulatory framework for the industry. Simultaneously, the Telecom Regulatory Authority of India – the nodal telecom regulator – released two consultation papers between 2017 and 2019, with recommendations on cloud services, a proposal for a regulatory framework, and suggestions on the establishment of an industry body to govern and regulate cloud service providers in India. The recommendations were met with significant opposition from leading market players and were put on hold. Today, there is no single regulation or legal framework that governs cloud services. Nevertheless, cloud services designed for government agencies are not a free-for-all, and certain government initiatives impose obligations on providers that offer cloud solutions to such agencies.

This note provides an overview of the regulatory requirements for organisations that seek to provide cloud services to public sector players in India. Please reach out to Mathew Chacko or Aadya Misra for any queries.