iSPIRT Foundation’s Response to Union Budget 2022

Union Budget 2022 – Imprints of using Digital public infra with Private innovation

iSPIRT Foundation, a technology think-and-do tank, believes that India’s hard problems can be solved only by leveraging public technology for private innovation through open APIs.

This “innovation architecture” is now going mainstream. The Union Budget 2022 mentions five efforts that iSPIRT has been intimately involved in:

India Stack – Promoting digital economy & fintech, technology-enabled development, energy transition, and climate action.
Health Stack – An open platform for the National Digital Health Ecosystem will be rolled out. It will consist of digital registries of health providers and health facilities, unique health identity, consent framework, and universal access to health facilities.
Digital Sky – Use of ‘Kisan Drones’ will be promoted for crop assessment, digitisation of land records, spraying of insecticides and nutrients.
Digi-Yatra & Logistics Stack – Multimodal Movement of Goods and People. The data exchange among all mode operators will be brought on the Unified Logistics Interface Platform (ULIP), designed for Application Programming Interface (API).
DESH (Digital Ecosystem for Skilling and Livelihood) Stack – This aims to empower citizens to skill, re-skill or upskill through online training. It will also provide API-based trusted skill credentials, payment and discovery layers to find relevant jobs and entrepreneurial opportunities.

This embrace of the new innovation architecture is a seminal moment for our economy and society. However, more could have been done.

Some low-hanging opportunities missed are:

A few positive announcements have been made for the funding ecosystem for Indian startups (such as capping the surcharge on long term capital gains and an expert committee to suggest measures to boost venture capital and private equity investment in startups). While these are in line with iSPIRT’s ‘Stay-in-India’ checklist effort, immediate actions on some of these (as well as other) issues in the checklist will help further.
Ease of Doing Business is mentioned in the Budget speech, but no specific actions are announced.
5G is a big opportunity. India can leverage this to become a telecom equipment provider in Radio Access Network (RAN). iSPIRT’s SARANG effort is focused on this. There should have been specific capital allocations and Design Linked Incentives (DLI) for OpenRAN as a strategic area in Mission mode.

Overall, the Budget is well-balanced and ushers in new thinking about innovation in emerging sectors that are strategic to the country.

Sharad Sharma, Co-founder & Volunteer – “In the coming years, India needs to usher in a product economy in Defence, Electronics, BioPharma, ClimateTech (including EVs), FinTech, HealthTech and Software. This Budget sets the stage for this new innings by having a focus on sunrise industries.”

Sudhir Singh, Fellow – Policy Initiatives – “Since the announcement of National Policy on Software Product (NPSP), no Budget has been able to consider making it active and announce measures, e.g. Digital Product Development fund could help bolster “Digital India” and other strategic measures could help galvanise a Software product Industry of India.”

Sanjay Khan Nagra, Member – Donor Council & Volunteer – “Some of the measures announced by the FM for startups (tax parity for unlisted and listed securities, extension of concessional tax regime for startups and manufacturing startups, setting-up a committee for encouraging VC/PE investments in startups, etc) and digital assets/blockchain ecosystem are commendable and in line with long-standing industry demands. We hope the momentum continues with the pragmatic implementation of these policy measures and further regulatory actions building on top of these measures.”

About iSPIRT Foundation – We are a non-profit think-and-do tank that builds public goods for Indian product startups to thrive and grow. iSPIRT aims to do for Indian startups what DARPA or Stanford did in Silicon Valley.

iSPIRT builds four types of public goods – technology building blocks (aka India stack), startup-friendly policies, market access programs like M&A Connect and Playbooks that codify scarce tacit knowledge for product entrepreneurs of India. For more visit: www.ispirt.in

For further queries, reach out to Sudhir Singh (+91) 96505 76567, Email us: [email protected] or [email protected]

13/10/202113/10/2021

Stay-In-India Checklist Index aiming for 5 trillion $ Economy by 2025

What is Stay-in-India Checklist?

The Stay-in-India checklist is a list of regulatory hurdles that makes it attractive for Indian startups to Domicile in foreign jurisdictions like Singapore and USA.

The checklist was prepared by iSPIRT to present the most important issues where respective Government departments or regulators could being in reform to help stop this exodus of start-ups from India.

The checklist is important to achieve the vision and mission objectives of National Policy on Software Products. In turn, it will boost the innovation-driven economy, Ease of Doing Business (EOB) in India, retain and multiply the economic value thereby contributing to the 5 trillion dollar economy goals by 2025.

The issues pertaining to various regulations on making funding of start-ups complex and unattractive, difficult or redundant compliance, ambiguity or unclear notifications etc.

iSPIRT has taken up a list of 36 issues since 2015/16. Until now out of 36 issues, some have been addressed. Some issues were resolved fully, some partially and about 17 or more issues from the original list are still unresolved.

Note: This blog is a progressive blog to maintain the evolution of the Stay-in-India Checklist and its progression as the issues get resolved by the Govt. of India.

Index of issues solved and remaining

The objective of this blog post is to provide readers in the Start-up community to keep track of issues in this checklist.

We covered many of the resolved issues on www.pn.ispirt.in and www.policyhacks.in . Ready links given below.

A list of issues pending to be solved is are given below.

1. Digital Goods and Services Confusion

Authority: MoF and MOC

Status/Explanation:

The digital economy is about “Digital Goods” and “Digital Services”. Even the physical goods are traded through “Digital services” platforms and means. Hence, it is important to get “Digital goods” defined in our legal systems as distinct from “Digital Services”.

National Policy on Software Products (NPSP) was announced in February 2019 promoting Software products with a vision to make India a Software product nation.

Software products possess all properties of “Goods” except that they are intangible. Recognition of Software products as distinct from Software services is paramount to the success of the NPSP and promotion of the Software product industry. In larger shape, this requires a clear treatment and definition of Digital (intangible) “Goods” and “Services”.

Recommendation/Suggestion:

The National Policy on Software Product (NPSP) was announced in Feb 2019 to promote the Software products. The Policy implementation has huge friction owing to the non-acceptance of Software products as separate from Services. To leverage NPSP for the success of the Software product Industry “instituting” this clarity is important.

2. Abrogate Softex forms for SW products

Authority: MoF and MOC

Status/Explanation:

Softex form is required to be filed for export of software. After the GSTN system came into existence, all exporters filed Export invoices and regular exporters filed a letter (LUT) with the Government of India. The GSTN system can be used to track remittances received against each invoice.

Software products are traded based on MRP/list price mechanism in both On-premises and SaaS models and hence does not require any valuation.

Recommendation/Suggestion:

Softex forms is a Redundant process to ascertain Foreign remittances arrivals after the GSTN system is in place. RBI systems should digitally connect EDPMS to GSTN for a homogenous tracking of export proceeds remittances just like Income tax and other systems have done it. This will give way to a homogeneous system across all goods and services.

At the least Softex forms for Software products can be abrogated to ease the business of Software product companies where there is no need of valuation and those listed on the Indian Software Product Registry (ISPR) maintained by MeitY.

3. Remove TDS on sale of Software products

Authority: MoF

Status/Explanation:

A business can buy a hardware product without a TDS but not a Software, as the purchase of a Software product from Software companies are subject to TDS at 10% of all receipts under Section 194J.

The refund of this amount only happens after filing their IT Returns in September of each year, with this delay causing hardship in terms of working capital.

In the case of SMEs and Start-ups, it is hard to receive working capital loans from banks or NBFCs. For SaaS business the transactions are online and it is not possible to map TAN numbers at the time of online transactions and tracking of TDS on all transactions.

Since all profitable businesses with more than 40 lakh turnover are filing GSTN invoices, the tracking can easily be done through the GSTN system of each invoice amount and mapped to the income tax return filed at year-end.

Recommendation/Suggestion:

No product is subject to TDS when sold by producer to channel partners or end consumer. Software Products are subject to this sale. CBDT mixes this TDS with other TDS issues hence is reluctant to remove it. Income from Software products should not be classified as Royalty income and “Software Products” should be treated as “Goods” as defined in constitutions. This again requires recognition of “software products” and a Solution to this problem.

4. Setup HSN Code for Software Products

Authority: MoF

Status/Explanation:

Software products are intangible goods and keeping and treating them with Services in SAC list will not be able to help in creating a “Software product Industry”. They have to be classified as “products”.

Presently Software is classified in HSN code based on the medium on which it is physically supplied. The intangible Software is not defined in HSN and for domestic purposes, the Software product companies use Service Accounting Code Services Accounting Code (SAC) list which is not internationally harmonized. Hence, the trade of Software products can’t be homogeneously measured.

Recommendation/Suggestion:

HSN code mechanism is only used for Physical goods. However, in order to promote “Software products,” some countries are giving treatment to “Software products” and “Digital goods” under chapter 98, 99. India should also create a provision for “software products” HSN code until a harmonious global system is developed for “Digital goods” (including Software Products).

5. Level playing in B2C Sales of SW products

Authority: MoF

Status/Explanation:

Although there are mechanisms laid to report sales in India for foreign companies (non-resident taxable person), yet a lot of business of Software products especially in apps business happen in B2C area from not so popular brands. As a result, the Indian “Software product” companies have a non-level playing field as they have to comply with the GST regime of 18%.

Recommendation/Suggestion:

Provisions should be made to relieve the B2C sales of Indian “Software products” from heavy 18% GST for the advancement of “Digital India” and especially new post-pandemic digital and Gig worker economy.

6. Favourable Tax Regime for IPR

Authority: MoF

Status/Explanation:

In the past several years, India has experienced increased capabilities of innovative, creative and capable young professionals for creation of significant and valuable IPR. At the same time, India has also seen that the ownership of such IPR usually does not reside with Indian companies or in India.

Whilst there are several ‘non-tax’ reasons for this loss of ownership in favour of other jurisdictions, tax remains one of the major reasons. As a result of the huge negative tax impact, Indian companies constantly look to hold their IPRs for worldwide use in a jurisdiction which is more favorable from a tax perspective. Some of such notable jurisdictions are: Ireland, The Netherlands, Switzerland, and Singapore.

Further, governments of certain jurisdictions are aggressively targeting Indian companies to house their IPR there. For instance, a majority of Indian software product companies prefer to set up base in Singapore given the incentives offered by the Singapore government and the aggressive marketing by the Singapore government.

It is noteworthy that in the case of technology companies, IPR is one of the most (if not the most) important assets. Accordingly, technology companies usually follow their IPRs and establish base in jurisdictions that are most favourable for IPR. Lacking this, India has seen most of its technology companies shifting base to jurisdictions such as Singapore.

Creating a favourable tax regime for intellectual property is, therefore, extremely important for retaining technology companies in India.

This is partially covered in the Budget announcement, which provides that income by way of royalty in respect of a patent developed and registered in India will be taxed at 10%.

Recommendation/Suggestion:

Further action also needs to be permitted-

Such companies should not be subject to minimum alternate tax. However, such companies should be subject to dividend distribution tax as may be applicable to all other companies;
Transfer of IPR so developed and owned, or acquired and owned should result only in capital gains and be taxable as capital gains. Such IPR should be characterised as a long term asset if held for more than 3 years as is the case for other assets;
For self-generated IPR, the holding period should start from the date an application is made under the IPR laws for its exclusive ownership, viz, copyright, trademark or patent registration.

7. Informal Guidance Mechanism & appellate authority at RBI

Authority: RBI

Status/Explanation:

This needs to be pursued. The RBI helpline announced recently does not resolve this issue, as it does not contemplate making RBI approvals/rejections public or appeal process for parties aggrieved by an RBI decision.

While public notification of RBI decisions has been announced for compounding orders, it is yet to be done for cases of approvals/rejections of applications under FEMA (on a no-names basis).

Recommendation/Suggestion:

In our discussion with authorities, it was suggested that instead of codifying laws on aspects like round tripping, it is better to have an informal guidance and appeal procedure at RBI, similar to SEBI. This needs to be pursued.

8. Filing of Form FC-TRS – post-transfer requirement

Authority: RBI

Status/Explanation:

In terms of the FDI policy, a transfer of shares of an Indian company between non-residents and residents can be taken on record by the company subject to it receiving endorsed form FC-TRS. While the filing of this form has been made online, it still takes a few days’ time for the AD banks to review and approve the form.

Thus, the transfer of shares cannot be recorded by the company (despite the purchaser remitting monies to the seller and completing all other formalities) until form FC-TRS is endorsed/approved by the AD bank. At times, this process takes months (there are substantial delays even after the filing process has been made online).

Recommendation/Suggestion:

Since FC-TRS filing is online now, there should not be an issue in making it a post-transfer requirement.

9. Collection of monies by a resident on behalf of a non-resident to be permitted

Authority: RBI

Status/Explanation:

The Foreign Exchange Management Act, 1999 (FEMA) prohibits any person to make any payment to or for the credit of any person resident outside India in any manner. As the nature of commerce has undergone major change and many services and goods are being delivered through aggregators using online or mobile media, there is a need to re-look at this provision. Essentially, in all aggregator arrangements, the aggregator acts ‘on behalf of’ the seller to collect payments and provide selling and/or ancillary services.

Recommendation/Suggestion:

Presently, only start-ups have been permitted to collect monies in India on behalf of their foreign subsidiaries. This needs to be permitted for all companies, and also on behalf of any other entity (regardless of such entity being a subsidiary).

10. Acquisition by residents of overseas companies with an existing subsidiary(ies) in India to be permitted

Authority: RBI

Status/Explanation:

Presently, there is uncertainty on the meaning of “round-tripping” in relation to such transactions.

Recommendation/Suggestion:

“Round tripping” is usually invoked when an Indian company acquires a foreign company, with an existing subsidiary in India.

It needs to be clarified whether the transfer of shares between an overseas subsidiary of an Indian company and a third party falls under any compliance/approval process under FEMA.

Also, there is a limitation on foreign investment by resident individuals in association with the ‘Indian Party’ in only operating entities. This may be done away with.

The RBI policy announcements contain only the following generic statement: “Streamlining of overseas investment operations for the start-up enterprises”. The aforesaid specific actions need to be performed.

11. ODI JVs/WOS investing back into India to be permitted where it is a genuine business requirement and bona-fide investment

Authority: RBI

Status/Explanation:

There is uncertainty with regard to “round-tripping” in such transactions.

Recommendation/Suggestion:

Such investments should be permitted (under the approval route, if need be) on commercial justification.

The following transaction may be specifically permitted:

Bona-fide acquisition of existing structures having a leg in India; or
Where the Indian investment is made for bonafide commercial reasons out of funds earned/raised overseas without Indian guarantee and is in 100% FDI automatic route sector (e.g. infrastructure).

Further, setting up an overseas structure under the ODI route to raise equity capital for investing back into India should be specified/clarified to be a bonafide and permitted overseas investment.

Since there is no bar under the extant regulations, entities which have overseas JVs / WOS which have downstream investments in India should not be subject to punitive action.

Individuals should be allowed to hold shares in foreign entities with step-down subsidiaries, subject to the investment in the foreign entity being a specific fraction (and not the whole of) of foreign funding received by step-down subsidiaries.

To permit Investments up to a specified limit (eg USD 10 million) by companies (regardless of their net worth) in overseas entities.

Again, the RBI policy announcements contain only the following generic statement: “Streamlining of overseas investment operations for the start-up enterprises”. The aforesaid specific actions need to be performed.

12. Late filing to be allowed for subsidiary formations by start-up founders

Authority: RBI

Status/Explanation:

Currently, this is not permissible.

Recommendation/Suggestion:

Lot of founders who set-up subsidiaries abroad and have not compiled with RBI, should be allowed an automatic route through late fees.

13. Restriction on FVCIs to invest in all sectors to be removed and brought in line with FDI policy

Authority: RBI

Status/Explanation:

Presently, FVCIs are permitted to invest in only certain sectors.

Recommendation/Suggestion:

In terms of RBI/2016-17/89/ A.P. (DIR Series) Circular No. 7 of 20 October 2016, FVCIs are permitted to invest only on ten sectors (viz., Biotechnology, IT related to hardware and software development, Nanotechnology, Seed research and development, Research and development of new chemical entities in pharmaceutical sector, Dairy industry, Poultry industry, Production of biofuels, Hotel-cum-convention centres with seating capacity of more than three thousand, and Infrastructure sector).

While RBI (under the above circular) has exempted start-ups from this restriction, other companies also need to be exempted from this.

14. Limit on acceptance of deposits from shareholders to be removed for private companies

Authority: MCA

Status/Explanation:

Under Section 73 of the Companies Act, private companies are allowed to accept deposits from their shareholders up to 100% of their share capital and free reserves. However, since most start-ups require constant funding during initial years, and do not have free reserves, such limits may be removed for them.

Recommendation/Suggestion:

The Companies Law Committee Report recommends removal of this limit for all start-ups. However, fine print is awaited.

15. Grant of ESOPs to promoters and independent directors for all private companies

Authority: MCA

Status/Explanation:

The provisions of the Companies Act do not permit companies to grant ESOPs to promoters or members of the promoter group or independent directors. There is no rationale for this restriction as the promoters essentially function as employees of the company. Further, through multiple rounds of fundraising, the stake held by the Promoters would have significantly diluted. Also, to get good professionals to join as independent directors, it is important to issue them ESOPs as payment in cash for compensating them is a burden on the company’s resources.

Recommendation/Suggestion:

Provisions of the Companies Act need to be amended to permit issuing of ESOPs to promoters and members of the promoter group and independent directors. Management ESOP should be permitted for unlisted companies to keep the Promoters incentivized and motivated. Likewise, the role of advisors is critical for the success of the ventures. Equity seems to be the only logical form of incentive, given the lack of liquidity.

While the MCA has permitted the issuance of ESOPs to promoters for start-ups, this needs to be permitted for other companies as well. Also, the issuance of ESOPs to independent directors needs to be permitted as well.

16. Taxation of gains from sale of ESOPs as salary or prerequisite (leading to very high tax at present)

Authority: MCA

Status/Explanation:

The ESOP regime in India is geared more towards listed entities, which have a liquid market, as opposed to start-ups. Section 17, IT Act 1961 and Rule 3, IT Rules 1962 deal with the taxation of ESOPs. First, the employee is subject to tax at the time of exercise of option – i.e. this tax is payable immediately even if the employee has not sold the share in that tax period. The magnitude of the tax is calculated on the notional gain between the acquisition price of the share (option strike price) and the fair market value (FMV) at the time of exercise. Secondly, the nature of such gains is considered as salary or perquisite. This means that the employee may be payable for ordinary income tax – 30% (excluding surcharge and education cess), calculated as per the marginal income tax rate) for the notional gains calculated above. This causes an economic outflow in the hands of the employee upon exercise, which is funded by debt or is at times even declined due to this reason. This is especially acute since the shares they hold don’t have the same rights as those offered to Investors.

Recommendation/Suggestion:

Amend Rule 3(8)(iii) of the Income Tax Rules, 1962 and as follows (insertion in bold) “In a case where, on the date of exercising of the option, the share in the company is not listed on a recognised stock exchange, the fair market value shall be such value of the share in the company as determined by a merchant banker or accountant on the specified date as per Rule 11UA(1)(c)(b), provided such fair market value shall not be less than the exercise price ”

Tax incidence should arise in the year of the sale of shares (not the year of exercise of the option). Profit made on sale of shares should be treated as capital gains (vs. the treatment as a portion of the gains as salary or perquisite).

17. Dividends from overseas subsidiaries taxed again in India

Authority: MoF

Status/Explanation:

Dividend received from overseas subsidiaries is taxed once again in India as income in the hands of the company. Also, while the rate of tax on such dividends for certain companies is 15% (as against 30%), the same exemption is not provided to limited-liability partnerships and individuals.

Recommendation/Suggestion:

Thus, tax levied on dividends from overseas subsidiaries should be discontinued, for parent companies incorporated by resident Indians in India.

18. Fair market value tax

Authority: MoF

Status/Explanation:

Any investment above the ‘fair market value’ (as may be determined by the Income Tax Authority at a future date) is treated as income for the company and is subject to income tax. This impacts angel investments at high valuation, as there is a risk of the Income Tax Authority determining such investment as above fair market value and requiring the company to pay tax on the differential.

Recommendation/Suggestion:

Start-ups have been exempted from this tax. However, the certification process to be recognized as a start-up is cumbersome and needs to be relaxed.

19. Harmonisation of tax policy for listed and unlisted equity instruments

Authority: MoF

Status/Explanation:

Listed Securities have a holding Period of 12 months for LTCG whereas for Unlisted it is 24 months Unlisted securities have a tax rate that is twice the rate of their listed counterparts, and the surcharge applies on the sale of unlisted securities while it is exempt for listed securities.

Recommendation/Suggestion:

Globally, the differentiation in tax treatment on listed and unlisted securities is not prevalent. Unlisted securities are more illiquid and riskier as compared to listed securities. They should have the same tenure of holding and the same tax rate on the same. There is a disparity in the tax rates applicable for capital gains on the sale of listed securities (12 months) vis-à-vis sale of unlisted securities (24 months). Dematted Unlisted securities of start-ups or companies that were registered as start-ups can also be subject to STT (or the new Stamp Duty regime announced in February 2019) in order to harmonise the tax treatment of both listed and unlisted securities.

Disclaimer: The discussion and ideas expressed here should not be construed as legal advice. The discussion is conducted with Industry practitioners and experts for purpose of benefiting the Industry members in the Software product, Start-up ecosystem and other related industry sectors

17/02/202118/02/2021

Mapping Policy a major Progressive reform for Digital India

Almost everything in the tangible world has a location attached. In the future Data Economy, map information is going to be one very important piece of information.

The Government of India announced a policy and new guidelines of using Mapping and relaxed the Policymaking it simple enough, aiming at unbundling the economic value across all sectors in the economy.

Click here to read the entire notification issued by the Ministry of Science and Technology, Government of India.

iSPIRT organised a panel discussion on the policy announcement to understand the policy and its importance for India. This blog post is an exciting read and listen for young innovators wanting to reimagine the economy as almost each and every thing will require mapping.

Following participants took active part in discussions.

Lalitesh Katragadda, Co-Founder of Indihood
Umakant Soni, Co-founder & CEO of ARTPARK (AI & Robotics Technology Park), AI Foundry
Mohit Gupta, Co-Founder of Zomato
Sudhir Singh, Volunteer at iSPIRT (Policy Hacks Anchor)

Recorded Video Transcript

Subsequent to introduction, Sudhir Singh (anchoring the Panel) opened the discussion asking Lalitesh Katragadda to explain important features of Policy announced.

Lalitesh explaining the policy salient features said “all the other Map’s policies that used to exist in various departments currently stand null and void, and they are replaced by this one very simple policy that has been issued, and people who embark on Mapping don’t have to worry.

He further added, “ if you are Indian company you can map anything except for a small blacklist of attributes and features that you should not map, I’m sure will be related to military and security. And, you can map using whatever technology that you want, you can use lidar, you can use high-resolution cameras, underwater, over water, anything. You cannot just create Maps you can disseminate, sell and distribute.”

“The only restriction if anything is that international mappers are restricted to a higher level of resolution for security purposes and they can also have access to high resolutions Maps created by Indian entities. This new policy is so simple that it creates freedom to map”, he said.

Mohit Gupta said, “for me the most important thing is Government taking notice”, and “coming to an understanding about the digital infrastructure required to build high-quality businesses and services across a large spectrum of different areas”.

He also expressed his happiness on the news that the Indian Space Research Organisation (ISRO), a Government organisation and MapmyIndia a private Indian company are collaborating.

Mohit Gupta informed that they tried in the past, experimenting with various different players who provide mapping services both Indian and international and understand the importance of alternative options to handle both the precision mapping and business economics.

Umakant Soni started the discussion by quoting an example of google maps and how they had increased the cost from free to 10X to 20X and made it expensive to use their service and almost single-handed dependence upon them.

He said that, “fundamental thing that was different in the mobile revolution was the use of location” and that, “the immersion of the digital world into the physical world started with the whole mobile revolution and I think Zomato and Ola kind of companies have actually really profited from that”.

According to him, If out of every ₹4 that a business earns out of its services, it is spending ₹1 on mapping, then it is tough to sustain certain kinds of business models. Hence, it is a great move to create more options, thereby reducing the price in the long-term and benefit the Indian consumer.

He gave a perspective on the amount of value mapping technology and applications can unlock. Quoting the survey he explained 90% of the value lies in intangibles and this is not possible to unlock this value without having easy reformative mapping policy, that will help India to build the 5Trillion 10 Trillion Economy.

“The challenges that we are at 3 trillion, wanting to go to 10 trillion, and we are talking about additional 7 trillion out of that 90% i.e. 6.3 trillion is going to be in the digital domain. If you’re not own the critical pieces which are going to create the intangible assets, we will not be reaching 10 trillion. We might actually get to 3.7 or 4 trillion that’s it in another 10 years” explained Umakant.

The other perspective on the value that Umakant gave was on how Google is inherently underestimating its business targets of 5 billion revenue from mapping. Quoting Baidu’s estimates from China, he explained that more than 70% of this value is lying in the future data economy, where location and mapping data will actually flow from sensors, almost everywhere in our lives. According to him, this data will augment the present Satellite imagery and physical mapping.

“You will be able to catalogue and tag every single object that you see in the physical world around you and that is the future of mapping, and this policy, actually unleashing this whole system of innovation that is now possible because this tiny little camera has got lidar, you can actually see a single object, and that’s where the computing moving onto the edge”, said Umakant.

He further added that “I mean we have not even started to comprehend what it might be”, And “that’s why it’s great news for Indian start-ups founders. What is next right after the mobile revolution, I think Maps. You know combined with AI and robotics they are going to form the next big wave of change in terms of massive business potential we have”, said Umakant.”

On the question of whether we can go International, Lalitesh answered, “when we have the best mapping technologies available and that will only happen if we start in our own backyard.”

He had further explained that according to a rough guess not more than 15% of India is mapped and we need to map everything that matters in India for development. According to him, there is a lot of work to be done, it won’t happen with just one company building it.

He further added that “democratization can only happen if the underlying layers become accessible which is both coverages has to increase quality has to increase and that can only happen with large amounts of innovation” and making it as easy as creating websites’.

‘So, I am looking forward to a world where we have you know hundreds, if not thousands of mapping innovations coming”, he added.

Mohit expressed his agreement with Lalitesh on how unmapped India was and explained the Challenge it posed to them in food delivery even to urban dwellers.

He went on to explain how they had to innovate and add a pre-recorded voice (audio instruction) message for consumer location to solve a problem of precision mapping.

He said that the “Audio instructions “we had to launch and are being used very widely, the last mile addresses and ability to get last-mile addresses accurately is very poor as a result a lot of our riders would end up calling customers for last-mile instructions.”

“Reality is that, there is a lot of ground to be covered for maps”, he added.

He also informed that they do not like over-dependence on a single player and hence has been doing a pilot almost every year with MapmyIndia. He felt that MapmyIndia has also a room to improve and become competitive to existing major services.

Sudhir posed a question on how easy it will be to use maps and if the process of using mapping information will be as stringent as existing offline maps, which sometimes require the approval of a senior official like joint secretary of Government of India, to obtain a physical map and use.

Lalitesh answered, “policy calls for all the government agencies cooperating, obviously if not of security sensitivity, which is most of the mapping data, to be made accessible to Indian company I’m hoping see changes coming”

Maps that you can depend on how to run on good quality data otherwise they will fail so so this is really enabler I don’t look at the map a product at the map enabling piece of infrastructure that every you know digital entity in India needs to have access to

Lalitesh further went on to explain how mapping can change lending, by using mapping in property and land record. According to him, it has the potential to unlock more than 4 and a half-trillion dollars of capital both for small business.

****The End****

14/12/202014/12/2020

PM WANI – Empowering people with Wi-Fi Internet

Wi-Fi Access Network Interface (WANI) that was envisaged by TRAI Consultation papers has become a reality as Government approved it as PM WANI, on 9^th December 2020, for exponential proliferation of public Wi-Fi networks.

PM WANI will make it possible millions of Wi-Fi hotspots to emerge across the country, giving easy access to internet to common man. New business models will emerge, making it possible to add another layer of Internet providers with access points being provided by corner shops and stores and others.

The Detailed Document about the Scheme can be downloaded and read at (Click to open) Department of Telecom Site.

The simplicity of the scheme is recognised by the very fact that DOT automatically recognised PDOA after application in 7 days.

PM WANI explained in a snapshot

This PolicyHacks Panel discussion with Dr. RS Sharma, Ex-Chairman TRAI, Pramod Varma, iSPIRT Volunteer, gave conceptual Architecture of WANI, Siddharth Shetty, iSPIRT Volunteer, Shubendu Sharma, Founder of Wifi Dabba and Dr. Ajay Data, Founder & CEO of a Class A ISP and other technology companies.

iSPIRT has been a protagonist of the concept of WANI with Pramod Varma, Siddharth Shetty and other volunteers involved in building the concept to unbundle another layer of broadband level Internet access to masses on the go and in far-flung areas.

Dr. RS Sharma explains,”we came to a conclusion that if we can create a technology architecture for some body to market and provide access by unbundling from ISPs like UPI has done, then it will become seamless and easy to implement and Kirana shops can also provide Wi-Fi without hassle”

“And that is how we came up with the concept of PDO like PCO of Telephone booths and PDOA etc”, he added explaining how PDOA will be a layer above PDO.

The main policy issue here was reselling of the bandwidth, which was addressed and then a consultation papers was evolved and a pilot done to test the concept on ground, he mentioned while explaining how TRAI was involved.

“It is a very asset heavy architecture if a Telco alone has to do all that physical investment till the last wire in your house or each hotspot in country” and “all the fiber in BHARATNET and others that we are laying no body knows at the the end, what we have to do and it requires an ‘entrepreneurial model’ to scale to be putting millions of connection” said Pramod Varma.

In Covid year, we have seen real hardship for people who are not privileged to have broadband access and education of children abruptly stop. “We have to make Connectivity a human right”, says Pramod Varma and explains, that is why, how essentials it is to invest into infrastructure and the last mile becomes people property.

“We had the mental model that, if we can create self sustaining interesting parts of it” Said Pramod, explaining how the concept was evolved. Adding further, that a KYC done ones can give a KYC token that can be used to further to authenticate who the person is on access layer in the Model, without doing KYC again and again. “UPI will further provide the payment model, as we have already solved it”, said Pramod.

“You will have multiple providers come together to unbundle this” Said Siddharth Shetty, adding to the conversation.

Shubendu, from Wi-Fi Dabba who had been thinking this as a ‘business model’, deployed the pilot for testing the concept. Explaining his experience, he said, “we wanted to see if we draw a Internet cable from a router in our office to street side shop, how it is used by people, can people pay for it and use it and in a week we had people instead of buying eclairs asking for a Token to use Wi-Fi”.

“In 2016, we took it as a fulltime project, and this was the time when our problem started as ISPs stopped giving us connection, after knowing we were reselling bandwidth” said Shubendu.

He also explained that, “the kind of paperwork you have to maintain and additional costs you have to incur” does not make it viable for small business to apply for an ISP.

“This policy make life simpler for businesses like us” in entirety, added Shubendu.

Dr. Ajay Data, who founded a Class A ISP in Jaipur, was on panel and said, “I am ‘very positive’ about it and this can revolutionise many many things in this Country”.

He explained, how the product “Vedio Meet” they developed to solve local education problem did not work on HD quality for students in last mile and had to be downgraded to SD quality, because of bandwidth in last mile. “we need to have the internet of the ‘streaming quality’ across country, where HD streams can be delivered on any device and if we can achieve this, rest of the applications will work ” said Ajay Data.

He raised apprehensions, on how it will be regulated on ground without harassment of the PDOs by regulatory bodies, giving examples of how even licensed ISPs are harassed and ISPs are charged AGR even in on sale of Computers and routers. Similar legal issue should not be left unaddressed and should be taken care, in languages (including vernacular medium) for PDOs to be not harassed.

“May be a board (Certificate) can be out in each PDO point to ascertain that local police and enforcement does not harass them”, said Ajay Data.

RS Sharma, addressing concerns raised by Ajay Data, Said, “PM himself has tweeted about this” and leadership knows the exact importance of the policy.

He further explained that, “Retail sale of bandwidth has been made passthrough in the AGR Computation”, either the TSPs or ISP pays for the 8% AGR, retailer has nothing to pay, as it has been already paid for.

Dr. Sharma also explained further, that it can save lot of bandwidth, as content can be maintained locally at local access points and last mile user need not traverse through the upstream network for local content, which is a very useful concept for ISPs and TSPs, to decongest the upstream networks.

The PDOs will not have any problems, as the responsibility of who is accessing what by monitoring SSIDs will lie with PDOA (aggregator), not with PDO.

Shri Sharma added that, “what is important is this is implemented well” sharing the issue with Ajay that many a times polices are misused. And we all hope good intentions will prevail and country will be benefited, he had added further.

The panel discussion ended with note of thanks.

15/08/202015/08/2020

iSPIRT Foundation’s Official Response to Non-Personal Data Report

Last month, an expert committee chaired by Kris Gopalakrishnan submitted a report on a framework for regulating Non-Personal Data in India. The rest of this blogpost contains iSPIRT’s response to this report.

At iSPIRT Foundation, our view on data laws stems from three fundamental beliefs:

Merits of a data democracy (that is, the user must be in charge),
Competitive effects must be well understood, for creation of a level playing field amongst all Indian companies, and some ring-fencing must exist to protect against global data monopolies
Careful design enables both high compliance and high convenience

It is with these three perspectives that we have analyzed the Non-Personal Data report in our response.

The report makes a well-cited and articulate case for regulating data in India, such that “[data’s] benefits accrue to India, and Indians”. It defines and outlines the roles of various entities relating to the capture, processing and governance of Non-Personal Data. Whereas we are wholeheartedly aligned with the vision of the committee and its members in creating an Aatmanirbhar Bharat and the importance of facilitating a robust AI-industry in the country, we find that the report is sound in premise but murky in detail. Where an overarching legal framework surrounding NPD is proposed, on closer inspection it falls short of achieving the aforementioned goals of protection for Indians and prosperity for Indian businesses. Therefore, more work must be done before a final version of this report can be released.

In what follows, we take the example of one industry that will be affected by the new Non-Personal Data framework and attempt to understand the report in relation to it.

Case Study: X-ray Data

Consider the case of a (fictional) health-tech startup called rad.ai that seeks to generate radiology summaries from lung X-rays. These summaries will help pulmonologists (lung-specialist doctors) identify various pulmonary diseases or early signs of cancer. Such a company requires two things to succeed – data about X-rays and technology to build models.

Under the tenets of the NPD report, it would seem that (given the right technology foundations) such a startup would be well placed to succeed. In particular, the report suggests that the X-ray data as described above will be classified as community data and outlines mechanisms for collecting and sharing it. It suggests that the dual goal of enabling rad.ai while protecting the subjects of the data can be accomplished in the following framework –

rad.ai will first be able to identify that appropriately anonymized lung X-rays, termed community data, are available for access through meta-data that is published by radiology labs engaging in collecting such data.
rad.ai will then be able to access this data for free through a data trust (presumably a virtual API on the cloud) which is created by the radiology labs.
This will all happen with the consent and oversight of a data trustee, an entity that is a representative of the persons from whom this data is collected.

While this sets a broad-strokes framework with the right intentions, there are a few key problems that arise when we dive deeper into the proposed solution. We have outlined some areas where clarifications are needed and details must be made available. These include the definition & value of community data, obligations of the data custodian, access for data users and rights of the data principal. Towards the end, we also discuss the question of NPD’s interplay with personal data and the definition and use of public data.

Definition and Value of Community Data

While the case of X-ray data seems straightforward, the scope of community data in the report appears to be vast. However, it also seems to suggest that while data explicitly extracted from users is classified as community data, data generated in the course of a business’s activities may be considered private business data – and this may not be mandated to be shared. In that case, it would appear that e-commerce, delivery and employee data fall under private business data – although an argument could be made for classifying this as community data.

Further, the report makes a distinction between raw and processed data. In particular, raw data must be shared free of cost, whereas the price of processed data could be determined based on market or FRAND (fair, reasonable and non-discriminatory) principles. In the case of lung X-ray data, labs obtain such data from anonymizing raw personal data, so presumably it is now processed and need not be shared without remuneration. In the general case, however, we recommend that the lines between raw and (various levels of) processed data should be clearly demarcated.

Data Custodian Perspective

Consider next, the situation from the perspective of the diagnostic labs. There are about 70,000 labs and hospitals offering radiology services in the country [ref]. Each of these has its own technology implementations or third-party TSPs (technical service providers) for collecting and storing any patient data. How can all of these labs and hospitals be mandated to provide control of this data to the data trustee in order to share the X-ray information with companies like rad.ai? Who is/are the data trustee in this case anyway – the MoHWF, the NHA, an NGO serving the interests of cancer patients? If there are multiple data trustees that have an interest in the same underlying data, how is it ensured that every decision that each of them takes is in the best interests of the user? How are labs supposed to even publish the meta-data (meta-information about what data they have collected) in a standard, machine-readable format, so that companies like rad.ai can discover it seamlessly? Finally, considering that such compliance comes with associated costs, what are the concrete benefits for making this data available?

Data User Perspective

Then there is the case of rad.ai itself. Let us assume, for now, the provisions of the previous paragraph and overlook the contentions raised. Say that because of access to this X-ray data, the startup rad.ai has been able to create excellent ML models to predict the early risks of major diseases and help pulmonologists. It has done well and begins to expand across the country. A few years later, a foreign health-tech giant (again, fictional) called Hooli enters the fray by investing in rad.ai. Backed by foreign investment, rad is now stronger than ever. However, the report identifies “to promote and encourage the development of domestic industry and startups that can scale” as one of its key objectives. While rad.ai was originally a fully Indian company, it was allowed access to the community data from radiology labs to develop its models. Now that rad.ai has foreign investment, should it still be allowed to benefit from Indian community data? What if Hooli owns a majority stake? What if Hooli acquires rad.ai outright?

Data Principal Perspective

Finally, consider this from the perspective of the patient herself – the “data principal”. How is she guaranteed that her interests are protected and the aforementioned data is impervious to de-anonymization? As discussed above health data is considered sensitive data and the patient has every right to ensure that it is handled with extreme care. The report also recommends that consent must be taken from the actors in the community before the anonymization and use of their data – but what form will this consent take? How will its purpose be determined and collection be enforced before any data is anonymized and utilized? How can anonymisation be assured when multiple anonymised datasets are capable of being combined together? Finally, the report acknowledges that all sharing of community data should be based on the concept of “beneficial ownership” where the benefits of this data sharing also accrue to the data principal. How is the patient directly benefiting from such a data-sharing mechanism? What mechanisms are in place to enable such benefits?

Interplay With PDP Bill

Consider next, the case of the health-tech giant Hooli and assume that it also operates a search engine. As per the suggestions of the Srikrishna PDP Bill [Clause 14], Hooli could be allowed to collect personal user data and use it directly since its operation of search engines falls under “other reasonable uses of personal data”. When combined with the fact that under the provisions of the Non-Personal Data report sharing of all raw NPD becomes mandatory, Hooli is actually disincentivized from anonymizing its personal search data. By keeping this data personally identifiable, it is prevented from having to share it with competing search engines and startups. Can misaligned incentives such as these hinder progress towards the report’s stated goals?

On Public Data

Consider finally that some of the labs and hospitals conducting X-rays will be government-owned. The report recommends that all data generated through government and government-funded activities are classified as Public data, which is in turn classified as a national resource. There is no guidance on the compliance requirements of the government controlling this public data under such a scenario. Will government hospitals still be required to make it available? More importantly, does the community (i.e. patients) have no claim to their data in this case merely because it was collected by the government instead of a private entity?

Concluding Remarks

In summary, the report importantly conceives a legal notion of community, private and public non-personal data and outlines a framework in which such data might be shared for the advancement of economic, sovereign and core public interests. However, more work must be done to detail compliance requirements and standardize the mechanisms of sharing such data before the final version of the report is released. In its current state, the report only touches upon the rights of the data principal, the obligations of the data trustee and the compliance requirements of the data custodian. In a State with limited regulatory capacity for creating standards and enforcing bodies, these rights, obligations and compliance requirements should be comprehensively and clearly defined before a law ordaining them can come to pass. Custodians must be incentivized to share, industry startups must be enabled to access and the community must be empowered to self-preserve before the vision of an Aatmanirbhar Bharat with a booming AI industry can be realized.

For further queries, drop us a note at [email protected]

07/01/202008/01/2020

Union Budget 2020 – iSPIRT Recommendations

India is among the top startup ecosystems in the world with home to 50,000+ startups and 3,500+ funded startups growing at a rapid pace at 30 per cent. While the future outlook of the Indian startup ecosystem is definitely promising, further accelerated growth can happen only if the government introduces more startup-friendly policies, other than the existing support under ‘Startup India’.

With Budget 2020 less than two months away, the startup ecosystem is hoping to get a major boost with respect to the following measures:

Improve ease of doing business for startups.
Attract domestic and foreign investors.
Increase working capital flow for startups.

iSPIRT has made a 13-point recommendation list for Budget 2020 with respect to the above-mentioned measures:

1. Remove the TDS payment for DPIT registered Startups

Currently, payments to DPIT registered startups are subject to Tax Deduction at Source (TDS) of 10% under section 194J. It takes at least 1-2 years for startups to get refunds after filing of their returns, which blocks their working capital for that time period.

2. Harmonise the Tax Rate and Holding Period between Listed and Unlisted Securities of Startups

The higher holding period and higher tax rate disincentivise investments into startups from Indian sources. Globally, no such differentiation exists.

This recommendation seeks:

Reduction of the holding period for unlisted securities to 12 months from the current 24 months.
Levy of a lower tax rate of 10% on the sale of unlisted securities.
Removal of the “superrich” surcharge of 25%/37% on the sale of unlisted securities.

3. Change in the taxation of ESOPs for Startups:

The existing definition of Rule 3(8)(iii) of the Income Tax Rules, 1962 does not take into consideration the discrepancies in the determination of ‘Fair Market Value’.

The new recommendation seeks amendment to this rule as as per Rule 11UA(1)(c)(b), provided such fair market value shall not be less than the exercise price.”

4. Clarification on the February 19^th, 2019 DPIIT circular on “Angel Tax” with regard to Form 2

This circular states that the exemption lapses in the case the startup has or will invest or conduct any of the activities below for a period of 7 years after investment, inter alia:

Make capital contributions to other entities,
Make investments in shares and securities,
Give loans and advances (except in the case of lending startups

The recommendation seeks an amendment to this notification

Extend the “business model” test applicable to all the other investments mentioned in Form 2 to all points mentioned therein
Allow Startups to make Loans and Advances in the ordinary course of business provided that the PAN of the recipient is reported
Allow startups to invest into shares and securities and make capital contributions provided that such downstream investments do not make further investments into any of the other points listed in Form 2

5. Allow for AIF expenses to be capitalised/passed-through

Expenses of an AIF can add up to up to 25%-30% of its corpus during the lifetime of a scheme, making a large chunk of the fund is a “dead-loss”.

The new recommendation seeks AIF expenses to be capitalised as the Cost of Acquisition or allowed to be set off against the income.

6. Classification of securities held by AIFs as Capital Assets by amending section 2(14) of the Income Tax Act, 1961.

There is still friction between the startups, investors and income tax department with respect to taxation of short-term gain from the sale of securities under AIF.

The new recommendation seeks an amendment to Section 2(14) as “any securities held by a Foreign Institutional Investor or AIF which has invested in such securities in accordance with the regulations made under the SEBI.

7. Pass-Through Status for CAT III AIFs

Unlike CAT I and CAT II AIFs, CAT III AIFs do not have pass-through tax status, rendering their income to be taxed at the maximum marginal rate for their income earned, regardless of the tax status of the underlying investor.

The new recommendation seeks an amendment to Section 115UB and Section 10(23FBA) by including CAT III AIFs.

8. Allow Universities and Public Trusts to invest in AIFs

Currently, investments are allowed in SEBI registered Mutual Funds or notified Mutual Funds set up by a public sector bank or a public sector financial institution.

The new recommendation seeks an amendment to this section to include ‘Units of an Alternative Investment Fund registered with the Securities and Exchange Board of India”

9. Notify all SEBI registered AIFs as “long-term specified assets” under section 54EE

Section 54EE was introduced on April 1, 2016, to give capital gains exemption of Rs 50 lakhs for any gains invested into “long-term specified assets”, defined as “a unit or units, issued before the 1st day of April 2019, of such fund as may be notified by the Central Government in this behalf”

So far, the Central Government hasn’t notified any such funds, so no tax-payer has been able to avail of this benefit.

The new recommendation seeks issuance of a Central Government notification to notify all SEBI registered AIFs as “long-term specified assets” under section 54EE and announce measures to extend this to April 1, 2025.

10. Time-bound response from the Inter-Ministerial Board (IMB) and allowing all startups to reapply

The IMB has not been effective yet in timely responses to startups.

The new recommendation proposes DPIIT to issue a notification stating that:

IMB will respond in 60 days from the date of submission by the Startup.
Startups who were denied IMB recognition prior to February 19^th, 2019 can re-apply for IMB recognition once again under the new criteria.

11. Exempt Software product Companies from Softex

Software product exporters are required to file SOftex form to report the inward remittance on export invoices in convertible foreign currency. However, Software products have a publicly listed MRP/List price and hence do not require any valuation.

The new recommendation seeks RBI to exempt software product companies from filing Softex and create a separate category of Purpose code for disposal of inward remittances by authorised dealers.

12. Creation of aHSN code for Software Product Startups

Under the GST regime, all IT Software has been treated as “Service”. Yet, there exists HSN codes and SAC codes both.

It is recommended that an HS code classification for specific categories can be issued using the last 2 digits (first 6 Digits being defined under international system).

13. R&D Credits for Software Product Companies

As startups and young software product companies don’t have taxable profits, they are unable to take advantage of current R&D tax benefits that involve setting off R&D expenses against taxable profits. To overcome this limitation, they should be allowed a deferred tax credit for up to 7 years after the R&D investment.

You can read about Budget Representation 2020 in detail here.

24/10/201924/10/2019

Indian Software Product Registry – All That Product Companies Need to Know

Earlier this year, National Policy on Software Products was rolled out to create a robust, participatory framework to bring together industry, government and academia on a common platform to make India as a global hub for software products development. This is a much-needed initiative to provide holistic and end-to-end support to the Indian software product ecosystem. The registry is the first step among many towards solving the real problems of the industry and nurturing the software product companies. If done right, this initiative will have immense potential and far-reaching impact to benefit the industry.

Under this policy, one of the key initiatives is the set-up of the Indian Software Product Registry (ISPR) through industry ownership. It is a collaborative platform which will act as national coordination, facilitation and inter-connected centre for all activities related to the Indian software product ecosystem.

The main purpose of this policy is to focus towards the promotion of Indian software products which are defined as under for implementation:

Indian Company: As per sub-section 26 of section 2 of the Income Tax Act, 1961, “Indian company” means a company formed and registered under the Companies Act, 1956 or Companies Act, 2013, provided that the registered office or, as the case may be, principal office of the company, corporation, institution, association or body in all cases is in India.

Indian Software Product Company (ISPC): An ISPC is defined as an Indian company in which 51% or more shareholding is with Indian citizen or person of Indian origin and is engaged in the development, commercialisation, licensing and sale /service of software products and has IP rights over the software product(s).

ISPR aims to create a platform to enable discovery of Indian Software Product Companies and their products while simultaneously giving automatic access to the Government e-Marketplace (GeM) platform. This will enable the government to identify Indian companies as part of their buying process. However, more work on specific allocation of government buying and redeveloping of RFP’s in government for products will also be initiated so that the government can finally buy Indian products.

Secondly, by listing on exchange on ISPR will enable MEITY to get a better understanding of the industry so that specific product-related interventions like recurring payments for SaaS companies, credits for R&D to enable Indian companies to invest in research and development, and facilitation of Indian software product industry for providing fiscal incentives, if any, at a later stage among others will also be achieved.

Thirdly, ISPR will also enable Indian Software Product Companies to list their products here and connect to buyers across the world. Since this is a government-backed platform, it provides a high level of trust and authenticity in the global market.

Indian Software Product Companies can register here. For any more queries, please feel to reach out on [email protected].

06/05/201906/05/2019

A right HS Code ‘need of hour’ for NPSP Success

National Policy on Software Product provides for creating a HS Code under Strategy item 1 for “Promoting Software Products Business Ecosystem”

The tax regime will be demarcated for ‘Software Products’ from ‘Software Services’, by providing clearly defined HS Code for the “Software products (intangible goods)” delivered through any medium; physically or online using internet (to be published within three months of notification of this policy). A model HS code will be evolved that will be further sub categorized based on the type of software products, its inter-linkages with other economic sectors, including services and hardware manufacturing. Thus, software products defined by such identifiable HS code will be treated as goods manufactured in India and will be able to avail all incentives provided under Make in India Programme.

Objective of this blog

There are number of challenges to get the HSN Code issue resolved and to get a right HSN code from the Govt. of India. This blog is an attempt to understand the regimes of HSN/SAC Code use and its application to promote a Software product industry in India to implement the above said item in the NPSP 2019.

It will be good to read the following reference documents (Click below to read)

Present status of HSN and SAC Code

After launch of GST, all transactions are to mention the relevant HSN code /SAC Codes are must to be mentioned in Invoices. HSN for Goods and SAC for services.

Under GST regime, all IT Software has been treated as “Service”. Yet, there exists HSN codes and SAC codes both. HSN codes traditionally meant for physical exports through ports still exist in GST regime as there still will be Physical exports through ports.

iSPIRT has time and again represented to Government of India that the provisioning for a “Digital Goods” regime will help India embark upon a Software product wave. However, the GST regime has assumed all Software as service.

Following HS Codes or SAC codes are in use by Indian Software product companies.

For a full view of the codes relevant file links at CBIC are given above.

HS Code	Item Description
4907 00 30	Documents of title conveying the right to use Information Technology software
4911 99 10	Hard copy (printed) of computer software (PUK Card)
8523 80 20	Information technology software on Media (Packaged or Canned)

SAC code

Item Description

9973 31

Under 9973 – Licensing services for the right to use intellectual property and similar products.

Licensing services for the right to use computer software and databases.

9984 34

Under 9984 Online Content

Software downloads

Most prevalent uses are of

8523 80 20 – for packaged products and downloads
9973 31 – SaaS Software

Following Codes are specifically for use of Software Services companies

Under Category 9983 – Management consulting and management services; information technology services.

9983 13	Information technology (IT) consulting and support services
9983 14	Information technology (IT) design and development services
9983 15	Hosting and information technology (IT) infrastructure provisioning services
9983 16	IT infrastructure and network management services
9983 19	Other information technology services n. e. c

The coding mechanism covers both international trade Domestic Tariff Area (DTA) under new GST regime for invoicing.

Present coding is bottleneck for Software product trade

The above coding scheme has emerged from a traditional regime which

Classifies only physical ‘goods’ can only qualify for cross-border trade and hence under HSN and
Software sales is a ‘license to use’ in stead of a product trade.

In addition, it induces a confusion in SAC 9984, where it also lists Software downloads along with other content.

‘Software’ has not been given recognition but how Software is delivered is given an importance.
It also does not allow us to account for Software product in a clear manner, both Domestic and International Trade Statistics.
It does not allow us to ‘account’ for emerging segments of Software products due to technological change.
It is also confusing in sense packaged software downloads can be classified under 9984 also.

“Having right code system is Central to promotion Software Product Industry and related ecosystem.”

A proper classification and coverage will help us promote Indian Software product industry and account for Software product trade verses Software services bother internationally and domestically.

Adoption of Software product will be an important measure of maturity of digital economy.

What is needed to boost SPI under NPSP

The very basis of NPSP launch by Government of India is the recognition of our Competitive advantage in “Software” and hence capability to create world class products.

We have earlier presented papers to Govt. where “digital goods” verses “services” debate is in advanced stage.

Despite being a Software power house, Indian today has a digital deficit.

Recognizing the “Software products” as a new reality will boost India’s strength in “digital deficit”.

Recognize Software product and Distinguish Products from Services

The goods/products exhibit the following properties (as per internationally accepted definition):

Durability (perpetual or time bound)
Countability – traded commodity can be counted as number of pieces, number of licenses used, number of users etc.
Identifiability – identified as a standardised product
Movability and storage. Can be delivered and stored and accounted as an inventory
Ownership of the right to use
Produced/Reproduced through a process
Marketable/Tradable or can be marketed and sold using standard marked price (except when volume discounts, bid pricing and market promotion offers are applicable).

as distinguished from services that are consumed either instantly or within very short period of time or continually coinciding with the activity of provision of service.

Software product exhibit all the properties of a ‘good’ except that they are intangible. Hence, Software products is an ‘intangible’ good, with discrete symptoms.

Software product brings in high value for the Software manufacturer and is normally tied to “Intellectual Property” in its development. Traditionally all software products were installed and used on end-user computers.

However, with advent of cloud it is possible to ship same product as ‘on-premises’ product (to be installed and used by end-user on their premises) or be installed on computers/cloud resources owned by original manufacturer and used by end-user through internet.

The latter is category called “SaaS” based products.

Some Software take a expanded view and present themselves as ‘platform’ with multiple products integrated together capable of being used alone or as set of products and services and ability to serve at country or global scales.

‘Platforms’ are a reality in software world and to be a power in global game, countries having large “platforms’ will be winders. India has the capacity and capability, but has systemic bottlenecks to be removed.

Technological changed will bring in newer dimensions of trade. In 2019, India should provide direction to worls by setting new trends and nudge global community in that direction.

Software products trade can’t be delimited under ‘license’ to sale regime only.

Trade is central to success of an Industry. Treating Software as mere ‘license’ is limiting the trade under Indian tax regime as of now.

The IP and ‘Software product’ is central to original Software manufacturer (Software product company). Yet, it is a ‘product’ or intangible good.

Other ‘goods’ also have IP attached as patents and copy rights, but that never is the ‘license’ a barrier to sales.

Treating Software product as a license is creating a barrier, as then each sales of Software product is subjected to “withholding tax” regulations under direct taxes.

Treating Software product as intangible goods neither infringes the ownership of IP of Software OEM nor does it cause loss to tax. But, it lubricates the trade.

Break through from tradition leads to success

The traditional understanding of trade in tax regimes does not account for technological changes. Indian took a lead in past and has a reference point of adopting such changes to successfully create an Industry.

India created a success of IT Services industry by breaking tradition. In 1992, there was a similar problem that faced country after launch of Software Technology Park (STP) Scheme. As per customs, the exports of any goods could happen only through ports or at best from foreign post office.

To enable exports through data communication links, SOFTEX form was introduced, feeling the need of hour. This was a breakthrough from existing regulations that gave us glorious 25 years in IT.

Indian can have another glorious 25 years of being a Software power, by adopting a mechanism that can distinguish the Software products from services and recognises Software product as intangible goods.

Recommendations (for creating SW product ecosystem)

A HS code classification for following categories can be issued using the last 2 digits (first 6 Digits being defined under international system).

Following category of definition will solve the issues of raised above for creating favourable environment a Software product Industry.

(i) 8523 80 20 – IT Software on media that is not Off-the-self i.e. not covered under Product
(ii) 8523 80 21 – Software Product (Pre-packaged software downloaded or Canned Software)
(iii) 8523 80 22 – Software Product hosted by OEMs on cloud (SaaS, PaaS Model of Software) and used by end-clients using internet.

Note: Problem with 85238020 is that it can be any Software. The only requirement is it is Information Technology Software and on media.

This will give cover for all Software products in following two categories and leave (i) above for Software other than product on media.

S/W product Used – On premises (on computers/private cloud of end-user) – 8523 80 21
S/w product On Cloud of OEM – 8523 80 22 (SaaS/PaaS)

The above recommendation is minimum basic and should not be a limitation to a more wide and granular classification e.g. a different code for SaaS and PaaS etc.

Can we use SAC code?

It is recommended to use HSN rather than SAC for “Software product” for following reason.

(i) The Software ‘product’ attribution is difficult in Services codes and will always be confused with services. SAC is not right place either for a ‘product’ image or for a trade accounting of intangible ‘goods’.
(ii) The SAC code classification is not targeted at distinguishing Software services and Software product. Also, the license to use a database can not be same as license to use a pre-packaged product.
(iii) It is better Software product are defined in HSN to capture both national and International trade Statistics. Not having them at one place will create redundancy, with chances of lot of import happening under a code under existing HSN 85238020. (The idea is to get clear distinction between Software product from services)
(iv) In a “Digital Economy” eventually Software products will have a international trade dimension. Hence, HSN code is a better place.
(v) The whole idea of NPSP is to get Software product recognition with a vision aiming India as a “Software product nation”. Hence, we need to start accounting for intangible mercantile”. To make these changes will nudge the system in that direction.

Note: Some countries have created a HS code under 98/99 for Downloaded Software e.g. China has a code under 980300 for Computer software, not including software hardware or integrated in products. Similarly, some countries are using 9916 as a code for pre-packaged software.

Conclusions

Future of ‘digital economies’ will see trade wards on ‘digital goods’. A meaningful breakthrough from traditional trade regimes is must for a winner. India must be a winner and we should play our games in the area we have enough capability.

Software product Industry is some thing Indian needs badly both for domestic and international trade, specially when our IT Services industry growth is diminishing day by day.

Let us power up the “Software product’ with new coding and classification that recognises Software product with legitimacy to do provided by NPSP.

In 1992, MeitY (then DOE) took lead and created a breakthrough that led to 25+ years of Success of IT Industry. Once more MeitY leadership can take lead and create next 25 golden years by making Indian a Software product nation.

13/03/201917/03/2019

SaaS founders discuss NPSP 2019 with MietY Officials in Chennai

Shri Rajiv Kumar Joint Secretary in-charge of National Policy on Software Products (NPSP 2019) and Senior Director Dr. A K Garg met 20 SaaS companies founders and leader in Chennai on 13th March 2019. At meeting it was discussed that NPSP announced by Government of India on 28th February will soon create a National Software Product Registry, where SaaS companies can register and have access to GEM portal. Also, the procurement process will be suitably amended to allow Govt. departments to procure and use SaaS products. ‘National Software Product Mission (NSPM)’ envisaged in the policy will be setup at Ministry of Electronics and IT (MeitY).

Government has launched NPSP 2019 to focus on Software product ecosystem. iSPIRT has been advocating the cause of SaaS segment in Software products and its importance for India to remain a force to reckon with in Software in next 25 years.

The event was a golden opportunity for SaaS companies Founders and leaders, to provide feedback to and understand from the senior officials in Delhi, about the vision they have to make India a Software product power. Twenty SaaS companies represented in the event.

Speaking on behalf of SaaS founders, Suresh Sambandam, Founder and CEO of OrangeScape said,” Global landscape has changed very fast driven by new technology. We have a 2 trillion Dollar opportunity for SaaS industry. If we get our act right, India can aspire to remain in global game in Software Industry”.

The roundtable was organised by iSPIRT Foundation to facilitate officials to have direct interaction with SaaS industry and understand issues, problems and opportunities in SaaS industry, to enable Government to further carve out schemes/ programs under NPSP 2019 going further.

04/03/201917/03/2019

Policy Hacks – National Policy on Software Products (NPSP) 2019

It is a moment of delight at iSPIRT to see Govt. of India setting its focus on “Software Product”, with the announcement of National Policy on Software Products by government of India on 28th February 2019. The policy framed by Ministry of Electronics and Information Technology (MeitY) is aimed to sustain India as a global power in Software industry in emerging technological changes impacting the industry. iSPIRT had earlier covered this announcement in a blog titled “India powers up its ‘Software Product’ potential, Introduces National Policy on Software Products (NPSP)” A link to PDF document of the NPSP 2019 is given here on MeitY website. https://meity.gov.in/writereaddata/files/national_policy_on_software_products-2019.pdf Ispirt held a Discussion on NPSP 2019 on 2nd March 2019 with Dr. A. K. Garg, Director MeitY and iSPIRT volunteers Shoaib Ahmed, Amit Ranjan, Nakul Saxena and Sudhir Singh. A vedio of the discussion is placed below. Given below is the transcript of the main part of the discussion. (We have tried our best to put this but It is not a ditto verbatim transcript but what each participant spoke in essence). It is advised to watch and listen to the video. Sudhir Singh started the discussion and invited Dr. A.K. Garg to give an overview on the policy. Dr. A.K. Garg – The policy gives wholistic looks and a single window opportunity. issues involved with HS Code. Three tire effort of building a talent pool. First, Appraising Students at school level that there is a difference between product and services. Second, Dedicated pool of developers dedicated to products. Third, Developing a pool of people who can be mentors The other aspects we have looked at is, how do we provide dedicated market access to the product space. Unless and until there is a dedicated and early market access, we cannot create opportunities. We have not looked at graduating this from services industry to product industry, but we are looking at a completely new set of eco-system that will created around the product space, that is one thing which is very important and hallmark of this policy. Sudhir – in the Strategy section 1 that deals with ‘Promoting Software Products Business Ecosystem’ creating ‘Product registry was an important aspect that can be further utilised to create incentives, schemes and programs. Amit Ranjan – what can not be measured can not be improved, going further on the line, what can not be defined can not be measured. The government is taking a proactive view od first defining what is a Product and then a logical breakdown of that is building the registry, building the classification and codification system. So at least the system recognizes the different dimension and different players in the industry and then once you have a clear understanding of it than you know you can tailor policy and you can do specific thing for specific part and creating this registry will lead to mapping the industry and there after many things could emerge out of the system Nakul Saxena – One of the main objectives of iSPIRT was to create a special focus on Software products and thanks to people like Mr Garg and Secty MeitY and the Minister that we finally got this out. The HS code creation can help product companies to get preferential inclusion in Government procurements and Software products being included in many of the international agreements, especially where Govt of India gives grant to developing countries. Shoaib Ahmed – Is the definition of Software product clear (referring to the early phase of development of policy when there was lot of debate on this part). Nakul – the definition on Software product company is that that the company need to be owned 51% by Indian origin person and IP should reside in India.” Dr. Garg – lot of thinking has gone in to Software product and Software product company. The first and foremost thing is that, it is a very dynamic world and what we have taken is an approach where Software product definition can adjust to changing dynamics. Initially we thought we will not keep any definition, but ultimately, we had to with pressure of various stake holders. Sudhir – requested Nakul to take up the second Strategy section on Promoting Entrepreneurship & Innovation. Nakul – One of the important features of the Policy is that Govt. and MeitY will be putting together 20 Grant Challenges to solve for specific eco-system problems in education, agriculture and healthcare. He mentioned that Secretary has asked to quickly start working on the Grant Challenges. Dr. Garg – Can we crowed source ideas using iSPIRT and Policy Hacks platform. Nakul – Yes, we can. This is a welcome idea and suggested we can have Policy Hacks session to structure discussions and then invite ideas. Dr. Garg – (further spoke on skilling) for skill development to suit product space, one has to think product and live with it. We have to think through a program that can create a pool of 10 to 15 thousand product professionals who understand product eco-system can help innovation and creation of new ideas and or mentor product companies. And that will be the most important dimension for creating a product eco-system. Shoaib – I think that is a wonderful point and a very important point, beyond the technology and is a combination of skills with one being important is understanding of product market and development of these skills is important. Amit – The way to think about it is that we have to catch people when they are young and I actually see this playout when lot of times when student are in their secondary education, when they are doing their class 10^th or 12^th, if you are able to educate them at this stage then it takes very early root in their mind. Product system is all about being experimental and all about being failing then retrying and then improving via every attempt. We should educate them about what is a Product how is it different from Services. We do not have lot of Product success stories from India. But educate them and then skill building comes at secondary stage. Dr. Garg – We do not have to replicate the Silicon valley model and that will never work. We have to think and India specific solution that will work. Shoaib – We need to create an India eco-system, there are a few success stories which we have in India, we need not copy but which need to be understood. Sudhir – There are two more points covered in this section of Strategy. One is on common upgradable infrastructure to be created to support startups and software product designers to identify and plug cyber vulnerability. The second being creation of a Centre of Excellence will be set up to promote design and development of software products. Dr. Garg – the first market in Cyber Security is Govt. So creating a single repository of various Indian Cyber products will help. The other thing could be understanding Indian cyber problems and through Challenge grant on some of these problems. Sudhir – let us take up the Strategy section on improving access to market. Requested Nakul to start. Nakul – for Indian Companies to start growing and start scaling it is important getting some anchor customer. The policy has taken care of this aspect for Product companies to get access to anchor customers and then compete within domestic and international market. But the product entrepreneurs have also to be aware how to deal with Govt. RFP. Dr. Garg – So first two anchor customer are important. In Govt. space we are working on Gem to provide interface to Indian Software product. But we need to think how these product companies tie up with System Integration Companies and their interest are not compromised by Sis. Second thing is awareness building in various Govt. agencies. A young entrepreneur may not be able to get to the right stake holder, how does he get this access is what we need to think through. We will be very happy to get your views on creating access to first market. Amit – this is a very important point, especially in the context of SaaS companies, there is an unwritten rule that Indian Domestic market is not big enough or pay enough to sustain many of the SaaS startups. And that is why many VCs are suggesting that you can build a SaaS Company of out of India but that is essentially for engineering, product design but the market it self you will have to go overseas. Development of the Indian domestic market is extremely important. One of the factors which will play a role there is kind of graduating these startups up the Quality ladder as well. The buyer will look for best product in market at best price. By focusing on Quality, they can compete with foreign companies. It is very important to break this negative feeling in the Eco-system that if you are SaaS you can not sell in India, you have to go out. Shoaib – my point is that Quality software and creating a eco-system. Selling Software, servicing Software and manage Software is a complete different eco-system. Making sure that policy supports that and recognizes it, is the first step. I think we have started with that and I am happy to spend more time to contribute on what does it take to do this. Dr.Garg – if you have a Quality and you do not have a brand it a challenge. Sudhir – this section again mentioned in Policy creating a Software product registry and connecting this with Gem for government product. Sudhir – Let us move on to the last strategy section on implementation. I remember that the ‘National Software Product mission’ (NSPM) was proposed by iSPIRT in to the policy. NSPM can play a vital role as it can become an umbrella cover. Using this it may be possible to create many schemes and program. For example, we have a formidable SaaS industry and it may be possible to quickly create a SaaS product registry and use Gem to get access to Government. Once the registry is created may be Govt. can also issue and advisory to state Government to adopt products from this registry. Dr. Garg – One of the important things is we have to educate the people, and secondly, we have to educate the people on procurement model. Most of the time procurement models are one-time purchase, whereas in a SaaS you have to budget every quarter or every month or it will be pay per use also. Which is a very difficult proposition in Govt. to be approved. One of this thing that come in to my mind is the entry barrier have to be made easier, e.g. there is lot of activity around e-commerce. Now Govt. is actively going to promote product. The e-commerce system is far more developed, it has lower gestation. You can find few companies having valuation of Billion dollars, but that is not true of Product startups. So, we need to see how do we make entry barrier lower for entrepreneur of product companies, other wise human nature is to go by the path of least resistance. Product takes much longer to build, the gestations are much longer, risk are much higher. Shoaib – the challenge are to get role models going, to showcase this. Education is some thing we have been talking about from two dimensions, one is the entrepreneur, second is the Indian SME customer or the Indian customer. The Participants did deliberate further on important of early implementation of NSPM and working on various section of Policy and providing active support from iSPIRT. The discussion was closed with final remarks from the participants. (please listen/watch the Video for further details on final deliberations). The main Salient features of this policy for benefit of users are as follows:

The visision is to make India a Software product leader in world
In it’s mission – It aims at a ten-fold increase in India’s share of the Global Software product market by 2025, by nurture 10,000 technology startups, upskill 1,000,000 IT professionals and setting-up 20 sectorl technology cluster.
The policy has 5 Strategie to implement the policy.
Strategy are 1 – Intendents to create a congenniel environment for Sofware product business.
An important feature of the policy is creation of a Software product registry of India that can facilitate implementation of schems and programs in future, creation of a HS Code category for Software products.
To boost enterprenure ship, it itends to create a Software Product Development Fund (SPDF) with 1000 Croroe contributed by ministry in a fund of funds format. Remaining coming from private sources.
20 dedicated challenge grants to solve societal challenges.
Readying a talent pool of 10,000 committed software product leaders
Improving access to domestic market for Software product companies and boost international trade for Indian Software products.
Lastly setting up of a “National Software Product Mission (NSPM)” to be housed in MeitY, under a Joint Secretary, with participation from Government, Academia and Industry. NPSM will further drive implementation of the policy and be able to craft schemes and programs for the said purpose.

An important part of announcing the scheme has been done. This has now to be leveraged to create a momementum in Software product. iSPIRT is committed to see the further development of India as a Product Nation.

01/03/201923/03/2019

India powers up its ‘Software Product’ potential, Introduces National Policy on Software Products (NPSP)

This is an exciting occasion for our indigenous software industry as India’s National Policy on Software Products gets rolled out. This policy offers the perfect framework to bring together the industry, academia and the government to help realise the vision of India as a dominant player in the global software product market.

For ease of reference, let us summarise some of the major things that the policy focuses on

Single Window Platform to facilitate issues of the software companies
specific tax regime for software products by distinguishing them from software services via HS code
enabling Indian software product companies to set off tax against R&D credits on the accrual basis
creation of a Software Product Development fund of INR 5000 crores to invest in Indian software product companies
grant in aid of INR 500 Crores to support research and innovation on software products
encouragement to innovation via 20 Grant Challenges focusing on Education, Healthcare & Agriculture thus further enabling software products to solve societal challenges
enabling participation of Indian software companies in the govt. e-marketplace to improve access to opportunities in the domestic market
developing a framework for Indian software product companies in government procurement.
special focus on Indian software product companies in international trade development programmes
encouraging software product development across a wide set of industries by developing software product clusters around existing industry concentrations such as in automobile, manufacturing, textiles etc.
nurturing the software product start-up ecosystem
building a sustainable talent pipeline through skilling and training programmes
encouraging entrepreneurship and employment generation in tier II cities
creating governing bodies and raising funds to enable scaling of native software product companies.

There is good cause for cheer here. The policy offers to address many of the needs of the Software Product Ecosystem. For the first time, HS codes or Harmonised Codes will be assigned to Indian software product companies that will facilitate a clear distinction from ‘Software Services’ facilitating availing of any benefits accruing under the ‘Make in India’ programme. In addition, this will enable Indian software product companies to participate in govt contracts through registration on GeM (Govt. eMarketplace).

Considering that we remain a net importer of software products at present, steps such as the inclusion of Indian software products in foreign aid programmes, setting up of specialised software product incubators in other geographies and promoting our software product capabilities through international exhibitions definitely show intent in the right direction. With a commitment to develop 10000 software product start-ups, with 1000 of them in tier II cities, technology entrepreneurs building IP driven product companies can now look forward to infrastructural and funding support. The policy also aims to go beyond metro-centric development with a commitment to develop tech clusters around existing industry concentrations, enable skilling and drive employment in non-metros and tier II cities while actively encouraging Indian software companies to solve native problems.

This policy could not have been possible without the vision of the Honourable Minister Shri Ravi Shankar Prasad, and continuous engagement and discussions with Shri Ajay Prakash Sawhney, Rajeev Kumar and Ajai Kumar Garg from MEITY and their team.

We have seen software companies solving native problems do exceptionally well, just look at what Paytm has been able to achieve while driving digital payments in India. There is now an understanding ‘Make in India’ can help us bridge the digital divide given that Indian entrepreneurs have a greater understanding of local issues and the challenges that are unique to us.

Setting up bodies such as the National Software Products Mission in a tripartite arrangement with the industry, academia and govt. to enable creation and monitoring of schemes beneficial to native software product companies is another much-needed step that will create a forum distinct to our software product companies and help give them a strong voice.

We would like to thank Lalitesh Katragadda, Vishnu Dusad, Sharad Sharma, Rishikesha T Krishnan, Bharat Goenka, T.V. Mohandas Pai, Arvind Gupta for their diligent efforts on the continuous dialogue and inputs for the policy.

While launching the policy is a great start, its implementation is what we all will have our eyes on. Now is the moment of action. We all look forward to fast-tracking of the various proposed measures under this policy for the benefits to start showing!

Website link to the official policy – (https://meity.gov.in/writereaddata/files/national_policy_on_software_products-2019.pdf)

References

JANUARY 15, 2019 – https://tech.economictimes.indiatimes.com/news/internet/india-needs-to-win-the-software-products-race/67533374

DECEMBER 8, 2016 – https://pn.ispirt.in/what-to-expect-from-draft-national-policy-on-software-products/

NOVEMBER 13, 2016 – https://pn.ispirt.in/national-software-policy-2-0-needed/

MAY 10, 2016 – https://pn.ispirt.in/taxation-and-digital-economy/

APRIL 29, 2016 – https://pn.ispirt.in/saas-the-product-advantage-and-need/

JULY 16, 2014 – https://pn.ispirt.in/government-recognizes-the-software-product-industry/

DECEMBER 11, 2013 – https://pn.ispirt.in/three-waves-of-indian-software/

JULY 16, 2013 – https://pn.ispirt.in/smbs-and-indian-software-product-industry-intertwined-fortunes/

JULY 4, 2013 – https://pn.ispirt.in/8-truths-why-it-services-organizations-cannot-do-software-products/

07/01/201907/01/2019

Discussion on “The Information Technology [Intermediaries Guidelines (Amendment) Rules] 2018”

Ministry of Electronics and Information Technology (Meity) has put up a new set of draft rules for the IT Act, and is inviting feedback.

The draft rules mostly relates to governing violations on social media.

The Draft is given at:

http://meity.gov.in/content/comments-suggestions-invited-draft-%E2%80%9C-information-technology-intermediary-guidelines

It contains a link to the new rules:

http://meity.gov.in/writereaddata/files/Draft_Intermediary_Amendment_24122018.pdf

This PolicyHacks recording was done on 2nd January 2018 at 5.30 pm covering a discussion on the proposed rules ( amendment ).

iSPIRT Volunteers, Sanjay Jain, Saranya Gopinath, Venkatesh Hariharan (Venky), Tanuj Bhojwani iSPIRT volunteers and Bhusan, a lawyer from IDFC participated in the discussions with Sudhir Singh.

The main aspects of the draft amendment and its impact on the Software product and Start-ups in tech world in India are covered in the discussions. A transcript of the discussion is given below for read. Or you could choose to listen to the recorded audio/video on you tube embedded below.

The draft rules mainly cover information published by users on intermediaries also referred to as platforms in this discussion. The three broad aspects that draft rules cover are :

Putting higher onus on Intermediaries on objectionable content
High level of compliance and penalties
Enforcing traceability of objectionable content

With above introduction to topic floor was opened for discussions by host Sudhir Singh. Below is the transcript of contribution made by participants ( the transcript may not be complete word by word but follows the semantics of contribution made).

On Question on how the draft rules will impact industry

Sanjay Jain – “Two three element that you have highlighted in there.

First is the definition of the platform player. Intermediaries are broadly defined. They include everybody from telecom players, ISPs, a Social network and even a site like apartment Adda, Baba-jobs, because all of these will have some kind of user generated content, which is being published and shared with others. While the law drafting may have had one type of intermediary in mind, but it actually applies to all of them and as such that is where some of the issue starts.

Second part is that by moving some of the Onus to the platform, and I actually think they have not fully moved the onus to the platform, which is very dicey situation because, they have moved and not moved at the same time. And because, the onus is primarily still on the Govt. to notify to the intermediary, that there is something objectionable and they have to remove it. But, at the same time they have said that intermediary shall develop technological means for identifying all of this, as well. Sometimes there is an assumption that technology can do a lot, and in reality while you can have 99.9% accuracy, you still have those 0.1% and that becomes an issue.

Third part, I wanted to say is cost of compliance goes up considerably. They have put a limit 50 Lakh users in India, though we believe 50 lakh may either be little low. They should go little higher and depending upon type of user generated content they should allow for little graded form of compliance.”

Bhusan, from IDFC Institute – “As a context, these rules have come about are drafted based on earlier rules of 2011 and have some new features like graded approach such as significant intermediary to non-significant intermediary. They have put time lines in terms of response from intermediary and so these rules are being built upon existing set of rules.

There is some short of tightening of the compliance on intermediary e.g. 72 hours of time line for response. If you are a significant intermediary, than you have to be incorporated in India and has to appoint a person who is available 24X7, and you also have to have proactive measure to screen content on your side. Some of this is coming from frustration of getting information from intermediaries.”

On issue of how much these numbers are practical for small players? How to save start-ups?

Sanjay Jain – “Differed assumption is that if you publish any content which is against the law, you are liable. Being an intermediary protects you. If you remember the case of Baje.com, the only protection they got was proving to be an intermediary. Hence, you want to call them (Start-ups) intermediaries but get a better procedural control to stop harassment at hand of low level law enforcement.”

Tanuj came in and quoted the the line after 72 hours, in section 5 it says”as asked for by any government agency or assistance concerning security of the State or cyber security; or investigation or detection or prosecution or prevention of offence(s); protective or cyber security and matters connected with or incidental thereto.”

According to Tarun, this statement is so broad that any junior level officer can say I got information that someone from Hissar in Haryana is harassing a person and give information of all users in Haryana.

Venky – “I agree with Tarun, we have the laws or the rule meant to be more sharply defined and have sharp implementation guidelines. In this case seems to be pretty loosely framed.”

Sudhir Singh – “There is another issue in draft rules on once in a month information to user, and taking their consent. Any hard compliance of rules is normally easier for large players, they may easily invest and handle with technology but small players and start-ups it is difficult situation to comply.”

Sanjay – “From technology experience we learn that if you make something automated, user ignore it. So, what will happen is this will be implemented by sending one email to every user, once in a month, stating if you don’t comply, we will delete your account from platform.

That’s an email that is going to get ignored. So, it is a very ineffective suggestion. Also, there is an implicit assumption that all users are identifiable, which is not the case always. So, just to implement it you will have to identify users. That may not be a valid requirement.”

Bhusan – “On the point that you need to have more than 5 million users. My question is procedurally how do you even establish that?

Will platform will have to do GPS type of tracking to ensure that and does this not create a privacy risk in itself e.g. I do not know does platforms like Quora know that they have more than 5 million users in India or not. It seems, there is this focus on regulating Big Techs and this 5 Million number really come from that.”

Sanjay – “Basically, anybody can be hosting user generated content. So, lets us say we are on a common platform, and there is a message flowing from me to you. If I violate the law, and let’s say the message is liable of incitement or any other law, then I should be held liable and not the platform.

For that platform needs to be qualified as intermediary, put under safe harbour and intermediary takes on the responsibility of helping the law enforcement. So, we should not take up start-ups out of its ambit. What we have to do is make sure that, the conditions required is that conformance to the standard should not be so terrible that start-up should be excluded.

So, we need to sharpen the requirement they they should be conforming with and make it easy enough for somebody to confirm.”

It is being discussed that Govt. is aiming for higher level of Penalty. What should be our recommendation?

Tanuj – “If you take very young company any short of hit is bad, but if you can put proportion of revenue basis, it will be at least more forward thinking, even if it is not absolutely fair, in some sense more fair of not having that rule or having flat rule. The amendments of changes we should think about of moving the penalty would be not being in favour of arbitrary penalty.”

Tarun added – “Our recommendations should be around sharpening rules, like who can use it who cannot use, what are the accountability measures on them, more than magnitude of these numbers.”

Saranya – “Just to address the Data protection law vis-à-vis intermediary act. The subject matter of Data Protection law is ‘personally identifiable information’, whereas Intermediary act tries to cover ‘all communication in some sense’ and hence, Intermediary act has a longer leash with regard to the person who can take the intermediaries to task.

The criteria of what would be offensive under Intermediary act is very different e.g. encouraging consumption of narcotics. Hence, the criteria that a person can take intermediary to task is extremely wide and needs to be curtailed.”

Bhusan – “There is an inherent subjectivity in these rules and there is need to some short of standard procedures on how these rules are applied by law enforcement agencies across. All that these rules say is – any request has to come in writing and intermediaries have to comply with.”

Venky – “From an implementation perspective we need implementation guideline. Section 5 is so wide that anybody can drive a truck through it.”

How the numbers (e.g. 72 hours period to respond and 50 lakh users) should be defined in a manner that is suits Start-ups who are in the early phase.

Sanjay – “Broadly, we need to identify the places and various numbers to apply proportionally depending upon the size of entity and size of violation, in our feed back to the Government.”

Sanjay also brought in attention to the “Appropriate Govt”, needs to be defined well. He said, “What we want is the Govt. agencies to be defined.”

Bhusan – “This is very standard way of defining. I have not seen any precise definition on specifying agencies in general regulation and I do not see they will start with IT act on this.

Bhusan mentioned another important issue of end-to-end encryption is a more political point rather than national security issue. (refer section 5 last lines).

Sanjay – “This is about tracking and tracing may not be about encryption. The fact, that I sent information to some body is about meta data, it’s not about information itself. This may be clarified better, but is not about end-to-end encryption but about meta data.”

Sanjay further added, “perhaps one clause you could add is to say that the ‘intermediary should be able to do this based on the information it has, if it does not have information, there should be not requirement to maintain information’ e.g. if you take business of mailinator, they don’t keep record of mails sent in and out.”

Bhusan, added “it should not lead to intermediaries having a requirement to do KYC on users.”

Is 50 lakh only to target large platform players?

Sanjay, “my read is they may have thought that way. But in reality a regional ISP or even a small newspaper will fall in to that category.”

“Bhusan, I don’t think it is a number generate by some study, but it seems like they just picked it.”

The discussion was rapped with thanks to all players.

Author note and Disclaimer:

PolicyHacks, and publications thereunder, are intended to provide a very basic understanding of legal/policy issues that impact Software Product Industry and the startups in the eco-system. PolicyHacks, therefore, do not necessarily set out views of subject matter experts, and should under no circumstances be substituted for legal advice, which, of course, requires a detailed analysis of the relevant fact situation and applicable laws by experts in the subject matter on case to case basis.
PolicyHacks discussions and recordings are intended at issues concerning the industry practitioners. Hence, views expressed here are not the final formal official statement of either iSPIRT Foundation or any other organisations where the participants in these discussions are involved. Media professionals are advised to please seek organization views through a formal communication to authorised persons.

31/10/201805/11/2018

Understanding National Digital Communication Policy For Startups And Cloud Telephony Players

iSPIRT has been actively engaged in pursuing the favourable policy for the Cloud Telephony sector in Telecom Industry, an amalgamation of the various IT and Communications technologies.

National Digital Communication Policy has been announced recently and it is encouraging to see the announcements in the policy on some common issues to do with Startup ecosystem and digital communication aspects of the Cloud Telephony Players.

We are expecting the Department of Telecom (DOT) to further work on implementation and framing of rules and regulation in light of policy in near future. Despite many positive directional changes, there is a need to develop a regulatory framework for the Cloud Telephony players. Cloud Telephony players are adding value to communication and hence to the economy in several innovative ways. In addition, they also add a good revenue stream to licenses Telecom Service Providers (TSPs).

This PolicyHacks session is devoted to the critical analysis of the NDCP for this sub-sectoral player. Some of the entrepreneurs involved in the discussion are Gurumurthy Konduri of Ozonetel, Ujwal Makhija of PhoneOn, Gaurav Agrawal of Exotel and Gaurav Sawhney of Knowlarity.

A recording of this discussion is given below. Please feel free to click and watch. (About 20 seconds lost in the opening frame, apologises for the error)

The main point covered in the discussion is summed up below as are the some of our recommendations and good work is done (while the Policy was in the draft stage and during various consultation processes), which have been reflected in the policy under respective sections as under:

Page 7

1.1.(f) – Encourage and facilitate sharing of active infrastructure by enhancing the scope of Infrastructure Providers (IP) and promoting and incentivising the deployment of common sharable, passive as well as active, infrastructure

1.1.(g).iv. – Allowing benefits of convergence in areas such as IP-PSTN switching.

Both of these are encouraging moves however it is to be seen how further rules and framework make easy for Small and Startup companies to use them without licensed TSPs creating a barrier for them.

Page 8

1.1.(j) – By encouraging innovative approaches to infrastructure creation and access including through resale and Virtual Network Operators (VNO)

This is a very encouraging announcement for the Cloud Telephony startups.

Page 14

2.1. (c ) iv. – Improving the Terms and Conditions for ‘Other Service Providers’, including definitions, compliance requirements and restrictions on inter-connectivity

2.1.(c ).viii. – Creating a regime for fixed number portability to facilitate one nation – one number including portability of toll-free number, Universal Access numbers and DID numbers

Again very encouraging but needs some boost up. Audiotex regime must go most speakers feel and all the players in Cloud telephony are treated as ASP. These provisions will help cloud telephony to deliver better value propositions in their offerings.

Page 15

2.2.(a) iv: – Encourage use of Open APIs for emerging technologies

2.2. (b) – Promoting innovation in the creation of Communication services and network infrastructure by Developing a policy framework for ‘Over The Top’ (OTT) services.

2.2.(f) ii. – Enabling a light touch regulation for the proliferation of cloud-based systems

2.2.(f).iii. – Facilitating Cloud Service Providers to establish captive fibre networks.

A welcome move to encourage Open APIs. However, licenses TSP should be given one standard that is governed by DOT to implement any APIs that let them monitor cloud telephony or ASPs on their network, instead of allowing them to create a regime of their own.

Generally, an OTT policy is recommended in reforming the sector. However, OTT framework should not be mixed with ASP or Cloud Telephony providers. It is better to keep a distinction between the two.

Page 17:

2.4.(a).ii: – Promoting participation of Start-ups and SMEs in government procurement

2.4.(b). – Reducing the entry barriers for start-ups by reducing the initial cost and compliance burden, especially for new and innovative segments and services.

Acceptance of these issues is very encouraging. The Government can be a very big user of the Cloud Telephony industry also. And we hope this will turn out to be a winning proposition for the Cloud Telephony industry in near future.

Conclusion

Whereas this policy announcement reflects a positive change, it is yet to be seen how DOT look at Cloud Telephony and provides it with a recognition as a sub-sector with easy and proper regulatory framework for same.

Note: The above article is co-authored by Gurumurthy Konduri of Ozonetel with Sudhir Singh of iSPIRT

02/09/201812/10/2018

Demystifying India’s Data Protection Bill By Supratim Chakraborty And Siddharth Shetty

Data protection and privacy have been a topic of hot debates and discussion in recent times in India. It had become extremely important as India is progressing to a be a “Digital economy” to address this issues relating to the use of personal data.

iSPIRT has been in forefront of developing Consent Framework and called as Data Protection & Empowerment Architecture (DEPA). The Account Aggregator Policy of RBI revolves around this consent architecture.

Whereas the bill is of interest to almost all the sectors of the economy, it is extremely important for businesses in Information Technology sector and especially in Software product Industry to understand the law as it is seeded and further as it evolves.

The bill has many aspects to it in the legal framework. It is not possible to cover the entire understanding of the bill in one blog. We have attempted to cover some salient features that may be important for the Software Product Industry as well as how it contacts with the techno-legal aspects of DEPA as it stands in financial sector, perhaps to be replicated in other important sectors of the economy.

A copy of the draft bill is given on the MeitY website at http://meity.gov.in/data-protection-framework

This blog is again posted in a Question and answer format both as a video and as a transcript of the video. You can use the one you like.

Questions have been asked by iSPIRT volunteer and Policy expert Mr Sudhir Singh and answered by Supratim Chakraborty (Data Privacy and Protection expert from Khaitan & Co.) and Siddharth Shetty (leading the DEPA initiative at iSPIRT).

What are the most important aspects of the bill?

Supratim answered, “What we have seen is through this draft bill, there is an attempt to establish the relationship of trust between the data subject and data controller. The nomenclature has been changed in this bill and It is data fiduciary and data principles. It puts a lot of onus on the data fiduciary to take care of data care protection.”

“There are several important aspects of the bill that needs attention such as localisation of data, cross-border transfer and also some other aspects such as privacy by design, transparency requirement, security safeguard, breach notification, grievance redressal mechanism, the requirement of Data protection officer, record keeping requirements”, as elaborated Supratim.

Is there some restriction on data fiduciary? Is the state exempted?

Supratim said, “this bill is equally applicable to private parties and the Government unlike earlier provisions of section 43A and 72A of IT ACT. 43A will be scrapped after this bill comes into existence. There has been a lot of debate on this aspect of bringing Govt. under the purview of the law.”

Is right to be forgotten covered in a similar way as GDPR?

Supratim explained, “Our Govt. has looked at this in a more business-friendly way by covering the right to be forgotten by provisioning that any further dissemination of data should be stopped, once the data principal chooses to withdraw the consent or ask for the right to be forgotten.”

He described four governing aspect that explains how to determine the aspect of keeping Data local, as described below.

You could have certain pockets of personal data that can be transferred outside.
There could be certain pockets of data that could be transferred outside but a serving copy of the data has to be within the country
The third category is sensitive personal data ambit of sensitive personal data which has been widened considerably compared to what we saw under the 43A of IT ACT. For this, if sent out of
The fourth category is data that cannot be sent outside country at all.

“On Cross border transfer of data in addition to ‘consent’ there has to be standard contractual clauses (approved/prescribed by authority) or the transfer to a jurisdictions is approved by the central government”, he further explained.

What is the Data Protection Authority?

Supratim answered, “In the draft bill this seems to be all encompassing all powerful authority from rulemaking to advisory to enforcement. Therefore it is important to see how this really shapes up. In “IT Act”, section 43 A and 72A were largely there to cover the aspects of data privacy but enforcement and implementation.”

What are other important aspects to consider?

“There are many aspects but let us touch upon two given below”, said Supratim.

One is the requirement of having notices in multiple languages, which is not a very hard obligation the way it has been put. But in a country like India for say an e-commerce platform imaging the cost that one has to incur for putting multiple language notices. Also, we need to see are we able to really address the point of informed consent through this, because you also have a section of people who may be illiterates. Justice Srikrishna report suggest that we should have short videos or graphical representation which make it very easy for someone to understand the critical aspects of privacy.

Another important aspect is applicability of the law. This law is applicable to all processing that is happening in India and also to foreign bodies. Section 2(2) talks about applicability to foreign bodies, the first part says that “in connection with any business carried out in India”. This means a global platform that is accessible from India has to have the entire requirement of this law.

Are we going in direction of GDPR?

Supratim answered, “Whereas we are trying to follow the Gold standard and many countries are trying to follow the path set by GDPR, India is quite different country and we are not following everything the way it is in GDPR, we have to be mindful of our requirements. But the idea is slowly and surely reach a zone where we can have our laws quite akin to laws of matured jurisdictions.”

How does Bill address iSPIRT DEPA initiative?

Siddharth, sees this draft bill as a unique India first approach. He feels that apart from addressing privacy and data protection aspects it empowers Indians on having control on the use of their data for better financial services, better health services, education etc.

Siddharth goes on to explain that at iSPIRT for past 3-4 years we have been working at Consent layer of IndiaStack or Consent framework and it is great to see that bedrock of draft bill is actually based on consent and in that way it is somewhat similar to GDPR. But, one of the biggest problem they are facing in EU today is it is very difficult to operationalise consent. It is for the first time India has a unique infrastructure to operationalise consent.

“DEPA is nothing but a set of two tools that helps to operationalise consent, explains Siddharth.

One is known as Digital Locker system which allows to the federated exchange of data and second is known as electronic data consent, which is nothing but an electronic representation of user Consent.

“This means, if you want to share or allow your data from some provider to say another consumer, then you must be able to express what date you want to share with whom for what time period in some codified manner. This codified information or consent is known as consent artefact”, says Siddharth further.

As explained by Siddharth, the ‘consent artefact’ became a national standard in 2016 adopted by four financial sector regulator RBI, PFRDA, IRDA and SEBI and they adopted it for their entire eco-system.

Based on consent artefact every individual has an access to financial data and has a mechanism to share that data to gain access to a loan or any other services provider. This has been through an institutional mechanism called Account aggregator.

Siddharth further elaborated that, “the ‘Account aggregator’ (AA) is a class of entities known as data access fiduciaries. The AA unlike other parts of world decouples the institution that collecting consent from an institution that either consuming data or providing data. In EU e.g. as per of PSP2 directive the account information service provider which consumes data is also responsible for collecting the data.”

In India, 3 AA have been approved. Technical standard drafts are also out for ecosystem. And through AA you actually have an entity that’s working toward creating an informed consent experience. Going forward just like UPI you receive your consent for a payment, through AA you will have an entity that helps you provide and control consent. Based on Financial sector we have proposed a similar concept to TRAI for the telecom sector and health sector to NITI Ayog.

Has the AA concept been addressed in the bill?

Siddharth explains further, “The bill makes bedrock of most processing of data based on consent. AA model is nothing but your consent collector or Consent manager. Every data principle they have outlined right to confirmation and access, right to correction, most importantly the right to data portability. As a data principle from data fiduciary, you have the right to request and port machine structured non-reputable transaction history or any other user-generated data to other service providers. AA is nothing but a framework to operationalise this right.”

He further explained that in the report preceding the bill, they talk about a concept consent dashboard. AA is nothing but a consent dashboard. They had 2 tech innovation consent dashboard and data dashboard. You can log consent flows and data flows.

Will, there be consent dashboards concept like AA in other sectors also or will there be one single point authority under DPA?

Siddharth, “it would be a combination of both. If you see the draft bill, it allows sectoral regulators to write rules. For data the falls under private data sets category such as data pertaining to social media etc, DPA would prescribe an standard.”

The report talks about that dashboard can be maintained by each data fiduciary or it can be a common dashboard that everyone else agrees and follows. If you look at the account aggregator dashboard it is a common dashboard for the entire financial sector. But for social media companies can follow their won dashboards.

For any Software product companies that does not lie in any of the regulated sector can create their own consent dashboards, where the user can come see their dashboard correct their data, port the data, manage their consent.

Unlike the IT act, this regulation will have a direct bearing on any businesses processing data irrespective of being in a Software product or other domain. And hence there is a need to be attentive. How right is this aspect?

“Yes, the ambit increases quite a bit. Wherever there is sensitive personal data interface involved, the level of compliance requirement has gone up several times. In the IT Act, there was a mention of personal data in section 72A. The present draft bill does not talk about the deletion of 72A. The draft bill have a parallel mechanism set out in the IT Act”, mentioned Supratim.

Siddharth, “it is just not limited to compliance, this law unlocks the whole host of business models around data sharing around consented data sharing that you haven’t yet seen in any other country and it will be really interesting to space to see what companies get a build out there.”

Question from Participants.

What is the definition of data processing? Or what is the differentiation between Data Storage and Data Processing. E.g. if you are an email service provider, is it Data Storage or Data Processing? (asked by Chintan)

Supratim answered, “definition of data processing is extremely wide enough to make businesses fall in to ‘data processing category’ without being a processor.”

What is the timeline? (Asked by Chintan)

MeitY has asked for public comments by 10^th of September on the draft bill, thereafter it will be presented to parliament and after promulgation, there will be more work in framing Authority, the rules by DPA etc. The law is not expected to be in implementable form only after 18 Months or so, minimum.

What happens to the Existing customer? Do we go back to them and get their consent? (Karthik)

Supratim answered, “whilst the it is not a retrospective legislation, if you continue processing without taking consent, you will fall foul of the requirement of law.”

Are there any fines defined here? (Karthik)

Yes, it has been taken care. Just like other aspects the draft bill he highly inspired by GDPR on this aspect also. We have 4% and 2% of annual turnover. There are 2 buckets 4% and 15 Cr and other is 2% and 5 Crore.

Do we need to appoint an DPO?

“There is a segregation which has been made of has significant Data Fiduciary under certain conditions will have to have DPO. Also, this law has an immense amount of significant rulemaking power, answered Supratim.

Hence, it will be seen in future how rules are framed by Authority. So, it has to be seen how business friendly the authority remains in rulemaking e.g. section 43A in IT ACT gave rule making power to define what is sensitive data and information and set out what is reasonable practices and procedure. In the rule made in future, we saw a plethora of requirements set out, over legislated and sometimes badly drafted.

The rules will go through an evolutionary cycle. Hence, the legislation has to be tested over a period of time as it unfolds, after crystallisation of this draft promulgation by parliament in to an ACT and rules being made after that on different aspects.

Disclaimer

PolicyHacks, and publications thereunder, are intended to provide a very basic understanding of legal/policy issues that impact Software Product Industry and the startups in the eco-system.

PolicyHacks, therefore, do not necessarily set out views of subject matter experts, and should under no circumstances be substituted for legal advice, which, of course, requires a detailed analysis of the relevant fact situation and applicable laws by experts in the subject matter on the case to case basis.

If you are facing an issue, we recommend you take expert professional advice on the case to case basis.

We intend to provide the best transcripts in the text part of the blog. However, it may not be an exact replica and maybe approximation, more standardised, normalised or moderated version of the expert view presented in the video.

24/08/201824/08/2018

Preferred Market Access Policy for Indian CyberSecurity Products

The government of India had announced a Preferred Market Access (PMA) policy for Cyber Security products through an order notifying the Public Procurement (Preference to Make in India).

MeitY shall be the nodal Ministry to monitor and administer this PMA policy.

The policy announcement is given at link given here. Public Procurement (Preference to Make in India) Order 2017- Notifying Cyber Security Products in furtherance of the Order

iSPIRT has been pursuing with MietY, application of PMA for all Indian Software Products to promote the Indian Software product industry and it is heartening to note that at least one important sub-sector of Cybersecurity has caught the Government’s attention.

iSPIRT organised a PolicyHacks session to understand this policy announcement with Ashish Tandon Founder & CEO of Indusface and Mohan Gandhi of Entersoftsecurity.

Ashish has been following the policy announcement and has earlier published a blog at https://pn.ispirt.in/cybersecurityproductsprocurement/

You can watch the discussion with Ashish and Mohan at below given YouTube video, in a question and answer format with Sudhir Singh.

What are the essential features of this Policy?

Ashish described the main features stating that this is a policy that is going to help boost Cybersecurity products in India. Govt. of India identified areas that require boosting ‘make in India’ products for the sensitive areas of cybersecurity.

Is there a way product companies can register or Government is going to keep a registry of ‘made in India’ products?

Ashish explains the policy has provided for the formation of a committee that will further provide for a process for empanelment of Indian Cybersecurity products and Indian Cybersecurity product companies with some defined key aspects that would qualify for empanelment.

Ashish further explained that as the empanelment aspects are decided there may also come up with a process for testing and meeting standards and quality norms etc.

Are there are enough product companies in ‘Cyber Security’ space for empanelment?

Mohan Gandhi answered that there are several product companies, but this policy should further strengthen the ‘make in India’ aspect and companies based out of India with deep tech product can look at getting this advantage of this policy.

Whether the Policy will be applicable to “productized services”?

Ashish answered, that this policy is applicable to the only product and at best give preference to made in India products in turnkey projects wherein a large project cybersecurity product is involved.

How will this policy help Start-up companies in Indian Market?

Mohan mentioned, that one interesting thing about this policy is that, it clearly talks about intellectual property. There is a need to register and prove that the IP belongs to India. It will encourage small companies to register the IP and leverage the Indian IP even when they are selling abroad.

Is there enough clarity exist on process and enplanement etc.?

Ashish feels the policy has already prescribed setting up of an empowered committee who will look at these aspects and it is MeitY that will be responsible for doing this.

Ashish further also elaborated that this Policy will get further push once some companies start getting empanelled and processes and rules are framed under MeitY by the empowered committee.

In concluding remarks, both Ashish and Mohan felt that Cybersecurity ecosystem will get a boost by this policy as the policy is furthering the cause by advising Government departments for preferring Indian products. With Digital economy on anvil, there should be a huge demand in Government and Public sector enterprises for cybersecurity. Cybersecurity product market is today dominated by players from the US, Europe and Israel.

The policy has to be pushed hard to further encourage and coupled with StartupIndia policy, there should be all-out effort to promote the Indian Cybersecurity product companies.