The Department of Telecommunications (DoT) has asked service providers to install remote access servers in India within six months. Operators would be permitted remote access only after the DoT was satisfied with the compliance report on their remote access storage in India, said a recent DoT communiqué.
To tighten remote access (the provision to monitor data and voice traffic on cellular networks from remote locations), DoT has also asked all service providers to create online mirror images and audit the trail of remote access information. Telecom companies would have to file technical reports every six months, or whenever changes are made, to the respective term cells, providing details of their networks.
International long-distance operators would have to provide the details of their routes, countries to which their networks are connected directly and the routing of international telecom traffic, DoT told service providers. Operators would also have to provide training on remote access methodologies to officials of DoT and term cells. Foreign carriers such as AT&T, BT, France Telecom, Verizon and Cable & Wireless would be impacted.
In 2009, India had agreed to global carriers’ demands they be allowed to transfer user information of their clients to locations outside the country. So far, India allowed remote access only from international locations approved by the home ministry and intelligence agencies. Domestic operators and access service providers, the long-distance arms of telecom companies such as Bharti Airtel, Reliance Communications, BSNL and Tata Teleservices, are barred from transferring any user accounting information (except in the case of roaming) outside India. Details of infrastructure and network diagrams are also barred from being transferred outside India.
Companies would have to store remote access details online for at least six months, after which the audit trail would be stored offline, DoT said. Remote access to networks should be provided only to approved locations abroad through approved locations in India, and all remote access command logs should be stored directly on the Indian remote access server.
Remote access was introduced in India in 2005, after the government had increased the foreign direct investment limit from 49 per cent to 74 per cent. Since April 2007, the remote access policy has been uniformly applied to all telecom licences, including national and international long-distance and internet service providers.