Telecommunications Quarterly Milestones (October-December 2025)

On 22 October 2025, the Department of Telecommunications (DoT) notified the Telecommunications (Telecom Cyber Security) Amendment Rules, 2025 (2025 Rules), setting out norms for the use of telecommunication identifiers by digital platforms like fintech, e-commerce, ride-hailing platforms and Over-The-Top (OTT) messaging services. Subsequently, on 28 November 2025, the DoT issued a notification directing entities which provide app-based communication services to continuously link these services to the SIM card installed in the device.

The 2025 Rules introduce a new regulated category of “Telecommunication Identifier User Entities” (TIUE), which includes a wide array of digital platforms like fintech, e-commerce, ride-hailing platforms and OTT messaging services that use telecom identifiers (e.g., mobile numbers) for user identification or service delivery. TIUEs must now comply with government directives on data sharing, monitoring, and cybersecurity incident reporting. The government is also empowered to direct telecom entities and TIUEs to suspend the use of an identifier if required in public interest.

Further, the 28 November 2025 direction requires all TIUEs that use telecommunication identifiers for user identification and provide app-based communication services to ensure SIM-binding, such that the app cannot be used without the specific active SIM. Web-based versions of mobile applications must automatically log out at periodic intervals (no later than six hours), and users must then re-link the device using a QR code.

While the 2025 Rules introduce strict compliance requirements with respect to data sharing, monitoring, and incident reporting to minimise cybersecurity incidents, businesses may face operational and technical challenges in complying with the SIM-binding mandate.

The amendment can be accessed here and the directive here.

Continuing its efforts to operationalise the Telecommunications Act, 2023, the DoT published the draft Telecommunications (Authorisation for Telecommunication Network) Rules, 2025 (Draft Authorisation Rules) on 9 October 2025 and the draft Telecommunications (Sharing, Trading, and Leasing of Spectrum) Rules, 2025 (Draft Spectrum Rules) on 28 November 2025.

The Draft Authorisation Rules seek to revamp the license-based regime for authorisations with a new framework that introduces six distinct categories for telecommunication network authorisations, allowing for specialisation based on an entity’s role in the ecosystem. These categories are – (i) Infrastructure Provider (IP-1), (ii) Digital Connectivity Infrastructure Provider (DCIP), (iii) Satellite Earth Station Gateway (SESG), (iv) Internet Exchange Point Provider (IXP), (v) Cloud-hosted Telecom Network Provider (CTN), and (vi) Mobile Number Portability Provider (MNP). The Draft Authorisation Rules are significant as they carry forward the conditions under the existing telecom licensing scheme (which drew their validity from the Unified Licenses granted by the DoT) and bring them under the umbrella of authorisations granted directly under the Telecommunications Act, 2023. They also consolidate several miscellaneous services (for instance, M2M registrations) and bring them within this umbrella.

The Draft Authorisation Rules can be found here.

The Draft Spectrum Rules, on the other hand, seek to enhance spectral efficiency, promote competition, and facilitate the monetisation of underutilised spectrum assets, particularly to support the rollout of 5G services. All processes relating to sharing, trading, and leasing spectrum are intended to be managed through a notified government portal to ensure digital implementation, transparency, and efficiency, and all such arrangements require formal statutory approval.

The Draft Spectrum Rules can be found here.

On 30 December 2025, the DoT released the National Frequency Allocation Plan 2025 (NFAP), replacing the 2022 version. The NFAP is a foundational policy document that governs the management and allocation of radio-frequency spectrum in India in the 8.3 kHz to 3000 GHz range. It has been constructed in line with the International Telecommunication Union’s Radio Regulations and reflects the outcomes of the World Radiocommunication Conference 2023.

The NFAP will serve as a crucial reference for spectrum managers, wireless operators, and equipment manufacturers by designating frequency bands for a wide array of services, including mobile communications, satellite services, broadcasting, defence, disaster relief, and radionavigation. For example, the NFAP identifies separate bands for International Mobile Telecommunications, satellite communications, and also carves out additional spectrum for In-Flight and Maritime Connectivity (IFMC). The NFAP also supports emerging technologies such as Vehicle-to-Everything communication (V2X), Internet of Things (IoT), and Short-range Devices (SRD).

The NFAP can be accessed here.