Telecom and Regulatory Quarterly Milestones (January-March 2025)

Partner: Jaideep Reddy, Senior Associate: Akshaya Parthasarathy, Associate: Shravya Basgula Devaraj, Consultant: Hatim M Hussain

Key Developments

Telecom Regulatory Authority of India amends its anti-spam regulations to make them more stringent

In February, the Telecom Regulatory Authority of India (TRAI) notified the Telecom Commercial Communications Customer Preference (Second Amendment) Regulations, 2025 to significantly amend its existing anti-spam framework.

Amongst other things, the amendment:

1. modifies the definitions of ‘service’ and ‘promotional’ text messages and calls, and the corresponding consent requirements, necessitating senders of commercial communications and telemarketers to carefully reassess their marketing measures and consent flows;

2. imposes stringent consequences for non-compliance by senders and telemarketers, including the immediate suspension of traffic, blacklisting, financial disincentives and reporting to law enforcement agencies;

3. introduces an annual self-certification requirement for registered senders and telemarketers. Entities that do not self-certify their headers, consent templates, content templates, etc., with telecom carriers in the prescribed manner will be automatically suspended.

These changes aim to enhance regulatory compliance and consumer protection in light of a marked increase in spam.

A related circular issued by the Reserve Bank of India advised its regulated entities to undertake transactional and service calls only using the ‘1600xx’ numbering series (once operationalised) and promotional calls only using the ‘1400xx’ numbering series, as well as follow the TRAI’s guidelines on sending commercial communications.

Securities and Exchange Board of India mandates safeguards around the use of artificial intelligence and machine learning tools

The Securities and Exchange Board of India (SEBI) has introduced amendments to various regulations to hold all intermediaries, depositories, stock exchanges and clearing corporations that use in-house or third-party artificial intelligence and machine learning tools (AI/ML) and techniques responsible for:

1. the privacy and security of data maintained by it;

2. the output from such tools or techniques that the regulated entities rely upon; and

3. compliance with applicable laws in this regard.

These revisions emphasise SEBI’s close scrutiny of the use of advanced technological tools by market intermediaries.

In addition to the above, this quarter:

1. SEBI has extended the compliance timeline for the Cybersecurity and Cyber Resilience Framework for certain SEBI regulated entities by three months, i.e., till 30 June 2025.

2. The Financial Intelligence Unit – India has introduced certain new requirements for virtual digital asset/crypto-asset service providers seeking to register in the country.

3. The Department of Telecommunications has noted that a social media influencer shared instructions on how to alter caller ID information so that the recipient sees a different number. As a result, any application that enables such changes has been clarified as illegal, and social media platforms have been advised not to host such content.

These developments reflect a concerted push by Indian regulators to modernise compliance frameworks across sectors and attempt to achieve a balanced regulatory response to emerging technologies.

If you require any further information about the material contained in this newsletter, please get in touch with your Trilegal relationship partner or send an email to alerts@trilegal.com. The contents of this newsletter are intended for informational purposes only and are not in the nature of a legal opinion. Readers are encouraged to seek legal counsel prior to acting upon any of the information provided herein.