[27th
November 2024] The following draft rules,
which the Central Government proposes to make in exercise of the powers
conferred under section 27, read with clause (y) of sub-section (2) of section
56 of the Telecommunications Act, 2023 (44 of 2023), are hereby published for
the information of all persons likely to be affected thereby and notice is
hereby given that the said draft rules shall be taken into consideration after
the expiry of a period of thirty days from the date on which copies of this
notification as published in the Official Gazette are made available to the
public; Objections or suggestions,
if any, may be addressed to the Joint Secretary (Telecom), Department of
Telecommunications, Ministry of Communications, Government of India, Sanchar
Bhawan, 20, Ashoka Road, New Delhi - 110001; The objections or
suggestions which may be received from any person with respect to the said
draft rules before the expiry of the aforesaid period shall be taken into
consideration by the Central Government. CHAPTER
1 PRELIMINARY (1)
These rules may be called the
Telecommunications (Regulatory Sandbox) Rules, 2024. (2)
They shall come into force on the date of
their publication in the Official Gazette. (1)
In these rules, unless the context otherwise
requires: (a)
"Act" means the Telecommunications
Act, 2023 (44 of 2023); (b)
"applicant" means an authorised
entity or company, society or partnership firm, duly constituted under the laws
of India, or an Indian national, or a research and development institution
recognized by the Department of Science and Technology, Ministry of Science and
Technology, Government of India, that submits a proposal for creation of a
regulatory sandbox; (c)
"approved applicant" means an
applicant approved by the Central Government or a person nominated by the
Central Government for the purpose of operation and management of a regulatory
sandbox created under rule 4; (d)
"Governance Committee" means the
committee constituted under rule 7; (e)
"participant" means a participant
to a regulatory sandbox that satisfies the eligibility criteria specified
pursuant to rule 5; (f)
"portal" means the portal which may
be notified by the Central Government under rule 11 of these rules; (g)
"regulatory sandbox" means a live
testing environment created under rule 4 where new products, services,
processes and business models which may be deployed, on a limited set of users;
and (h)
"test users" means the limited set
of users who voluntarily participate in a regulatory sandbox; (i)
"validity period" means the
duration of the regulatory sandbox as specified under sub-rule (2) of rule 5. (2)
Words and expressions used in these rules and
not defined herein but defined in the Act, shall have the meanings respectively
assigned to them in the Act. The Central Government, for
the purposes of encouraging and facilitating innovation and technological development
in telecommunication, may specify on the portal, the creation of one or more
regulatory sandboxes and the terms and conditions applicable thereto, with a
view to enabling a live testing environment where new products, services,
processes and business models may be deployed on a limited set of test users
for a specified period of time. (1)
A regulatory sandbox may be created and
specified on the portal by the Central Government: (a)
upon its own assessment of the need for such
a regulatory sandbox; or (b)
upon receiving a proposal from an applicant,
or a proposal received in response to a request for proposals from the Central
Government, in the form and manner, and accompanied with the supporting
documents specified on the portal, as well as fees of rupees ten thousand only. (2)
The Central Government may, upon examination
of a proposal received under clause (b) of sub-rule (1), seek clarifications or
further documents, as may be required from the applicant. (3)
Where an applicant has undertaken any
testing, including under laboratory environments such as test beds,
laboratories, or experimental isolated networks, it shall include the reports
and results of such testing along with the proposal submitted pursuant to
clause (b) of sub-rule (1). (4)
Any rejection of a proposal received under
clause (b) of sub-rule (1) shall be accompanied with reasons for such
rejection. (1)
Any regulatory sandbox created under rule 4
shall specify: (a)
the scope and objective of the regulatory
sandbox; (b)
the name and details of one or more approved
applicants responsible for the operation and management of the regulatory
sandbox; (c)
eligibility criteria for participation in
such regulatory sandbox, and obligations of such participants; (d)
the telecommunication services or
telecommunication network or equipment or processes or technologies or business
models that may be tested in such regulatory sandbox; (e)
applicable exemptions from the requirements
of authorisation or assignment or any other provision under the Act or rules
made thereunder, for the duration of regulatory sandbox; (f)
risk analysis and management required to
ensure mitigation of any potential risks; (g)
reporting requirements including those relating
to the methodology of testing and steps to be taken to ensure compliance with
the terms and conditions of the regulatory sandbox; (h)
validity period of the regulatory sandbox; (i)
details of the exit strategy for exiting the
regulatory sandbox; and (j)
details of any other matter relevant, in the
opinion of the Central Government, connected with or related to the
participation in such regulatory sandbox. (2)
The validity period of a regulatory sandbox
shall not exceed twenty-four months: Provided that the Central
Government may, if it considers necessary, extend the validity period by a
period not exceeding twelve months at a time, upon receipt of a request for
extension, made in the form specified on the portal, from an approved
applicant, at least thirty days prior to expiry of such validity period, with
reasons for such extension, or upon a recommendation for extension from the
Governance Committee received under rule 7. (1)
Every approved applicant shall ensure compliance
with the terms and conditions of a regulatory sandbox specified by the Central
Government under rule 5 for undertaking testing by itself or through other
participants, in the relevant regulatory sandbox. (2)
Every approved applicant shall be responsible
for applying for or seeking exemption from allocation of resources including
numbering resources, assignment of spectrum, and permission for right of way,
as may be required for implementation of the regulatory sandbox. (3)
Without prejudice to the generality of
sub-rule (1), every approved applicant shall, (a)
establish mechanisms for: (i)
the on-boarding of participants based on the
eligibility criteria; (ii)
adherence by each participant to the terms
and conditions for the regulatory sandbox as specified by the Central
Government; (iii)
specifying the test parameters, control
boundaries, testing sites, and manner of maintenance of records of the test
results by each participant; and (iv)
monitoring the testing undertaken by
participants within specifications of clause (iii); (b)
ensure compliance by itself and by every
participant with the provisions of the Digital Personal Data Protection Act,
2023, and any other applicable laws, rules, regulations, when onboarding test
users for testing within such regulatory sandbox; (c)
provide information to the Central Government
of the participants in a regulatory sandbox, as well as their exit from such
sandbox, in the form and manner specified for this purpose on the portal; (d)
where the regulatory sandbox involves
enrolment of test users for testing of the regulatory sandbox: (i)
inform such test users the purpose of the
regulatory sandbox and the scope of testing being undertaken; (ii)
obtain the prior written informed consent of
the test users for being part of the test environment of the regulatory sandbox
in the form that may be specified on the portal; (iii)
ensure that test users are not required to
pay any charges for their participation in the test environment; (e)
ensure liability or indemnity insurance of an
adequate amount for the duration of testing in the regulatory sandbox, to
safeguard the interest of the test users: Provided that the adequacy
of indemnity cover shall depend on determination of the maximum liability based
on, among others, (i) maximum exposure to a single test user, (ii) the number
of claims that could arise from a single event, (iii) potential for multiple
claims, and (iii) number of claims that might be expected during the testing
period; (f)
ensure that the telecommunication services or
technologies or products, processes or business models being tested in the
regulatory sandbox are not made commercially available in the market during the
testing period; (g)
ensure storage of records relating to the
testing, including work plans, methodologies, consent records of test users,
and other relevant data, for a period not less than one year after validity
period of the regulatory sandbox, and for such longer periods as determined by
the Central Government; (h)
ensure destruction of any data and records
specified under clause (g), in a secure manner; (i)
keep the Central Government indemnified from
any acts, omissions, commissions, breaches or any kind of culpability arising
out of or in relation to any testing in the regulatory sandbox by itself or by
any participant; and (j)
ensure that confidentiality is maintained by
it and the participants with regard to the regulatory sandbox, including
testing and results thereof: Provided however that the
Central Government may publish any relevant and generic information about the
regulatory sandbox, including the approved applicants and participants on the
portal. (4)
An approved applicant may surrender the
approval to operate and manage the regulatory sandbox prior to the validity
period: (a)
on completion of testing, along with the
certificate of completion from the Governance Committee; or (b)
if, in its assessment, the regulatory sandbox
does not meet the desired objectives. (1)
The Central Government shall constitute and
specify on the portal one or more Governance Committees for monitoring and
evaluating the performance of a regulatory sandbox created under rule 4,
comprising of members nominated by the Central Government from within the
government, academia, or the private sector. (2)
The Governance Committee shall, depending on
the nature of testing, and telecommunication services or telecommunication
networks or equipment or processes or technologies or business models being
tested, specify the frequency and format of periodic reports to be submitted by
the approved applicants, and the Central Government shall specify the same on
the portal. (3)
Within fifteen days of completion of testing,
or at least thirty days prior to the expiry of the validity of the regulatory
sandbox, each approved applicant shall submit to the Governance Committee a comprehensive
report in the form and manner specified on the portal, which shall include: (a)
the results and outcomes of the testing; (b)
feedback from the test users, including
complaints, concerns, security issues; (c)
challenges faced during testing period; (d)
measures taken to overcome security and other
issues, consumer protections and risk mitigation measures deployed; and (e)
any other data or information as may be
specified by the Governance Committee. (4)
Upon receipt of report under sub-rule (3),
the Governance Committee may make recommendations to the approved applicant as
well as to the Central Government, which may include recommendations for: (a)
continuation of the testing; (b)
modifications to the approval to enable
modification to the scope of testing, including scaling up of the testing; (c)
certifying completion of the testing and
termination of the approval; and (d)
commercial viability of the product, service,
process or business module which was the subject matter of the testing under
the regulatory sandbox. The Central Government, upon
receipt of the recommendations of the Governance Committee under sub-rule (4)
of rule 7, may: (a)
seek further information and clarification
from the approved applicant or the Governance Committee; (b)
extend the validity period of the regulatory
sandbox under sub-rule (2) of rule 5; (c)
consider any modification to the terms and
conditions of the regulatory sandbox; or (d)
consider to permit the commercialisation of
the telecommunication services or telecommunication networks or equipment or
processes or technologies or business models tested in the regulatory sandbox
under the relevant rules for authorisation. The Central Government may,
on its own or upon the recommendation of the Governance Committee, by order
recording the reasons therefor, suspend or revoke the approval to operate and
manage a regulatory sandbox: (a)
where an approved applicant has: (i)
wilfully furnished incorrect or false
information to the Central Government; or (ii)
failed to comply with specific terms and
conditions and criteria based on which approval for testing was granted, or
failed to ensure such compliance by participants in a relevant regulatory
sandbox; Provided that, no decision
for suspension or revocation of approval for testing in regulatory sandbox
under sub-clauses (i) and (ii) shall be made unless the approved applicant has
been given a reasonable opportunity of making being heard. (b)
in the opinion of the Central Government,
such suspension or revocation is necessary in the interest of national security
or public interest. No compensation or refund of
fees shall be applicable as a result of any suspension or revocation of the
approval granted under these rules, for any reason whatsoever, or for any
modification, variation, cancellation or revocation of terms and conditions of
any approval granted under these rules. The Central Government, in
furtherance of section 53 of the Act, may notify a portal for the digital
implementation of these rules.Telecommunications
(Regulatory Sandbox) Rules, 2024
PREAMBLE