Tough Indian telecom rules spark foreign backlash
MUMBAI, India—Telecom companies and trade groups are urging India to soften tough new security regulations on foreign telecommunications companies -- believed to be aimed at China -- which they say could set a troubling global precedent for onerous security norms.
India's telecom infrastructure is being built almost entirely by foreign companies. That has raised concerns that the nation's vast mobile phone network -- by far the most comprehensive communication system in a country with relatively few landlines -- could be vulnerable to foreign infiltration, particularly from China.
Under guidelines proposed last week, foreign equipment makers must allow regular security inspections and make their network design and source code -- proprietary information used to run a network -- available to the Indian government. Companies would also be subject to large penalties and blacklisting for security breaches, and would have two years to replace foreign engineers with local hires.
On July 27, 11 U.S. trade groups appealed to Secretary of State Hillary Rodham Clinton to get the Indian government to suspend implementation of the new rules.
"Not only do India's new telecommunications security requirements raise potential WTO compliance concerns, if they remain unchallenged, other governments may use them to justify their own elaborate information security regimes," they wrote in a letter obtained by the Associated Press. "India's approach is establishing a dangerous precedent."
The next day, 20 groups from the U.S., Europe and Japan fired off a letter to India's home, technology and commerce ministers, calling the proposals "a nonstarter."
India began the crackdown in December, by requiring companies to get a government security clearance on telecom equipment orders. Since then, billions worth of procurement orders -- industry estimates range from $1 billion to $5 billion -- have languished awaiting security clearance.
China's Huawei and ZTE have a backlog worth an estimated $750 million.
Nokia Siemens Networks said second quarter sales fell 5 percent, to euros 3 billion ($2.2 billion), mostly because of sales blocked by India's security issues. Ericsson's quarterly India sales plunged 63 percent for largely the same reason.
Analysts and executives say India's security concerns are not unreasonable but that the measures go beyond international norms.
The U.S., Japan and Europe struggled to establish effective information security rules in the 1980s and 1990s. Rather than limiting data encryption or requiring automatic disclosure of proprietary information, most countries require disclosure only in exceptional circumstances.
"We deeply respect and support the steps taken to beef up security," said Ericsson India vice president P. Balaji. "However we feel that some of the clauses are unprecedented. We request a dialogue to ensure that the security concerns can be balanced with good international practices."
Telecom department spokesman Satyendra Prakash said telecom devices have been misused in the past, and India's response to security problems is in line with what other countries are doing. The government wants to prevent spyware and malware and has built in safeguards so source code would only be accessed if there is a security breach, he said. He declined to comment on the letters. Officials at the home ministry did not return calls seeking comment.
The crackdown comes as China gains strength in India's telecom equipment market and grabs business from Western companies like Nokia that have turned to India to make up for flagging growth in the developed world.
Chinese executives say China's telecom exports to India are about $3 billion annually, making them a significant chunk of India's estimated $21.4 billion trade deficit with China last fiscal year.
That imbalance is a concern in New Delhi, which last year imposed antidumping duties on several companies, including Huawei and ZTE.
Some feel the trade gap and historical animosity -- India and China went to war in 1962 and still tussle over their border -- also lurk behind the tough new security norms.
None of the Department of Telecommunications' official circulars single out Chinese companies for special sanction, but executives say security rules seem to be applied differently.
Some orders for equipment from Western companies got security clearance, while orders from Chinese companies did not, four executives said on condition of anonymity because of the sensitivity of the topic.
The Department of Telecommunications has also told telecom operators that certain companies -- including Huawei, ZTE and Lenovo -- have not been given security clearance to sell telecom equipment, according to a person who has seen one such letter. The person spoke anonymously for fear of undermining business relationships.
"Under the garb of security, they want to challenge the importing being done by Huawei, for example," said Sandeep Ladda, an executive director at PricewaterhouseCoopers.
Whatever the intent may be, the new rules will apply to everyone. Companies worry they could face huge liabilities for security problems outside their control and lose control of proprietary information at the core of their business.
In the event of a security breach, operators would face a penalty of 500 million rupees ($10.8 million) plus 100 percent of the value of the contract -- which often totals several hundred million dollars -- while equipment vendors could be blacklisted.
No other country imposes penalties of that size, and it's rare to punish operators for security breaches, whose provenance can be hard to trace, said Rajan Mathews, director general of the Cellular Operators Association of India, a lobby group.
"We are uncomfortable but we don't know if we have any leeway because the government has taken a hard stand," he said.