Search Your Queries Related To Trilegal


The OSP Framework gets a Progressive Overhaul

05 Nov 2020

In a boost to the ease of doing business, the DoT has overhauled the OSP Framework. The new framework applies only to entities carrying out voice-based BPO activities. Several provisions have been removed such as the requirement for registration, bank guarantees, network diagrams, restrictions on interconnection, and penalty and audit provisions. India’s IT sector may now implement modern network structures, WFH facilities and infrastructure sharing for greater efficiency. Security related obligations such as requiring OSPs to maintain CDRs and to avoid toll bypass have been retained.

The Department of Telecommunications (DoT) has published the Guidelines for Other Service Providers (OSP) implementing a significant overhaul of the existing telecom framework for Business Process Outsourcing (BPO) entities in India.

The OSP framework was originally put in place to ensure that the special dispensations provided to the then nascent BPO sector had adequate safeguards. These safeguards were designed to ensure that OSPs did not impinge into the jurisdiction of Telecom Service Providers (TSP) as well as to address associated security concerns. Over time, thanks to the increased availability (and the decreasing cost) of telecom connectivity, as well as the convergence of voice and data technologies, these regulations were no longer relevant. To the contrary, they imposed a significant compliance burden on the IT and ITeS industries which were made even more challenging given the vague language with which the framework had been drafted.

The DoT has radically pared the framework down to restrict its applicability and to remove a number of the procedural compliances. These include:

  • the applicability of the framework to non-voice based BPO activities;
  • the registration requirement for all OSP entities;
  • penalty and audit provisions;
  • requirements to furnish a bank guarantee;
  • content monitoring;
  • most restrictions on sharing of infrastructure; and
  • location and network specific requirements like the need to provide a network diagram.

In effect, the framework now primarily contains certain security obligations with additional high-level protections to prevent toll bypass. The definition of the term OSP has been limited to only voice based BPO service providers removing data-based services entirely from the ambit of the regulation. The new framework permits (i) the sharing of infrastructure between international and domestic OSPs over VPNs, (ii) the interconnectivity of OSPs, (iii) the use of closed user groups for internal communications, (iv) the facility of work from home/work from anywhere, and (v) the use of distributed EPABXs, without any limitations or registration/intimation requirements. All that OSPs are required to do is ensure that there is no toll bypass.

International OSPs may host their EPABX abroad, provided they have a copy of their call data records (CDR) and system logs stored at any of their centres in India. Domestic OSPs on the other hand are required to retain their EPABX and client data centre only in India. As far as security related obligations are concerned, the new framework requires OSPs to maintain CDRs, system logs, access log, configurations of the EPABX, and routing tables, for a period of one year. Remote access is required to be provided to the authority to view the CDRs along with details of the agent manning the position. In case of specific instances of unlawful content (such as content that infringes intellectual property), the OSP is required to extend support to the authority in tracing any malicious calls, messages or communications carried on its network.

Download PDF to read more

Subscribe to our Knowledge Repository

If you would like to receive content directly in your inbox from our knowledge repository, please complete this subscription form. This service is reserved for clients and eligible contacts.


    This page contains general information regarding Trilegal and is not intended as a solicitation or an advertisement of its services or any invitation or inducement of any sort. Nothing contained in this website constitutes legal advice or creation of a lawyer-client relationship. If you have any issues, you must seek legal advice. Trilegal is not liable for the consequences of any action taken by relying on the material/information provided on this website. For more information, please read our terms of use and our privacy policy.

    Trilegal - Up Arrow