COAI Raises Concerns on DPDP Rules Impacting Telecom Sector

COAI highlights unaddressed concerns about DPDP rules, advocating for harmonized guidelines and a risk-based approach for telecom, citing issues with consent management, reporting overlaps & minor verification.

The sector has also opposed the overriding result of the DPDP Act over other sectoral laws in case of dispute. “A review and harmonisation of sector-specific guidelines with the DPDP structure, together with clear interpretive support, would aid reduce obscurity.,” COAI said.

DPDP Act’s Impact on Sectoral Laws

The DPDP Policies forbid directors and crucial personnel of data fiduciaries from associating with Authorization Managers. The COAI claimed this is “overly rigorous”, adding that numerous well-known organisations in innovation, economic, and telecommunications solutions possess the experience required to run a responsible permission administration system.

The Mobile Operators Association of India (COAI) which stands for the top 3 telecom operators claimed unlike various other markets, telecommunications companies already release mature networks and system safety and security controls. The existing controls currently decrease risks of exfiltration or unauthorised access, and because of this, the adequacy of safeguards ought to be evaluated in a layered, risk-based manner for the industry.

Network Security and Risk Mitigation

COAI likewise suggested that CERT-In and the Data Protection Board established under the DPDP Rules take into consideration taking on a linked breach-reporting timeline with a solitary trigger, a harmonised coverage home window, and a standard incident-notification style appropriate throughout all electronic and telecom entities.

Harmonized Breach Reporting Timeline

Telecom drivers in India, which are taken into consideration significant information fiduciaries under the Digital Personal Information Protection Policy (DPDP) 2025, claimed a lot of their problems and ask for extra quality increased throughout public examinations stay unaddressed by the rules notified by the Ministry of Electronic Devices and Infotech (MeitY).

“COAI is of the sight that either a single, interoperable consent‑management layer be permitted for the telecom market (for instance, through a typical industry permission supervisor or interoperable arrangements), or that it be made clear that telecom drivers are not mandatorily required to make use of exterior approval supervisors where a durable, auditable inner consent‑management system is in location, gave that such systems completely meet the DPDP requirements on consent,” Kochhar said.

Consent Management for Telecoms

The telecommunications sector likewise opposed the current overlap of reporting protection violations, under the IT Act, CERT-In directions, and DoT guidelines. The sector organization recommended harmonised timelines to stay clear of unneeded duplication.

The COAI also suggested functional exception in developing proven approval for minors aged 16-18 years for SIM acquisition, stating that it offers useful challenges and does not appropriately stand for India’s varied house frameworks or the electronic freedom encouraged under different federal government efforts.

“COAI is in the process of assembling in-depth inputs for MeitY on the DPDP Rules. While the market waits for comprehensive notifications, standards and parameters for conformity under the DPDP regimen, COAI and its members verify their longstanding dedication to a solid, protected and future-ready information defense ecological community,” said Lt. Gen. Dr SP Kochhar, Supervisor General, COAI in a statement Thursday.