Discussion on “The Information Technology [Intermediaries Guidelines (Amendment) Rules] 2018”

Ministry of Electronics and Information Technology (Meity) has put up a new set of draft rules for the IT Act, and is inviting feedback.

The draft rules mostly relates to governing violations on social media.

The Draft is given at:

http://meity.gov.in/content/comments-suggestions-invited-draft-%E2%80%9C-information-technology-intermediary-guidelines

It contains a link to the new rules:

http://meity.gov.in/writereaddata/files/Draft_Intermediary_Amendment_24122018.pdf

This PolicyHacks recording was done on 2nd January 2018 at 5.30 pm covering a discussion on the proposed rules ( amendment ).

iSPIRT Volunteers, Sanjay Jain, Saranya Gopinath, Venkatesh Hariharan (Venky), Tanuj Bhojwani iSPIRT volunteers and Bhusan, a lawyer from IDFC participated in the discussions with Sudhir Singh.

The main aspects of the draft amendment and its impact on the Software product and Start-ups in tech world in India are covered in the discussions. A transcript of the discussion is given below for read. Or you could choose to listen to the recorded audio/video on you tube embedded below.

 

The draft rules mainly cover information published by users on intermediaries also referred to as platforms in this discussion. The three broad aspects that draft rules cover are :

 

  1. Putting higher onus on Intermediaries on objectionable content
  2. High level of compliance and penalties
  3. Enforcing traceability of objectionable content

With above introduction to topic floor was opened for discussions by host Sudhir Singh. Below is the transcript of contribution made by participants ( the transcript may not be complete word by word but follows the semantics of contribution made).

On Question on how the draft rules will impact industry

Sanjay Jain – “Two three element that you have highlighted in there.

First is the definition of the platform player. Intermediaries are broadly defined. They include everybody from  telecom players, ISPs, a Social network and even a site like apartment Adda, Baba-jobs, because all of these will have some kind of user generated content, which is being published and shared with others. While the law drafting may have had one type of intermediary in mind, but it actually applies to all of them and as such that is where some of the issue starts.

Second part is that by moving some of the Onus to the platform, and I actually think they have not fully moved the onus to the platform, which is very dicey situation because, they have moved and not moved at the same time. And because, the onus is primarily still on the Govt. to notify to the intermediary, that there is something objectionable and they have to remove it. But, at the same time they have said that intermediary shall develop technological means for identifying  all of this, as well. Sometimes there is an assumption that technology can do a lot, and in reality while you can have 99.9% accuracy, you still have those 0.1% and that becomes an issue.

Third part, I wanted to say is cost of compliance goes up considerably. They have put a limit 50 Lakh users in India, though we believe 50 lakh may either be little low. They should go little higher and depending upon type of user generated content they should allow for little graded form of compliance.”

Bhusan, from IDFC Institute –  “As a context, these rules have come about are drafted based on earlier rules of 2011 and have some new features like graded approach such as significant intermediary to non-significant intermediary. They have put time lines in terms of response from intermediary and so these rules are being built upon existing set of rules.

There is some short of tightening of the compliance on intermediary e.g. 72 hours of time line for response. If you are a significant intermediary, than you have to be incorporated in India and has to appoint a person who is available 24X7, and you also have to have proactive measure to screen content on your side. Some of this is coming from frustration of getting information from intermediaries.”

On issue of how much these numbers are practical for small players? How to save start-ups?

Sanjay Jain – “Differed assumption is that if you publish any content which is against the law, you are liable. Being an intermediary protects you. If you remember the case of Baje.com, the only protection they got was proving to be an intermediary. Hence, you want to call them (Start-ups) intermediaries but get a better procedural control to stop harassment at hand of low level law enforcement.”

Tanuj came in and quoted the the line after 72 hours, in section 5 it says”as asked for by any government agency or assistance concerning security of the State or cyber security; or investigation or detection or prosecution or prevention of offence(s); protective or cyber security and matters connected with or incidental thereto.”

According to Tarun, this statement is so broad that any junior level officer can say I got information that someone from Hissar in Haryana is harassing a person and give information of all users in Haryana.

Venky – “I agree with Tarun, we have the laws or the rule meant to be more sharply defined and have sharp implementation guidelines. In this case seems to be pretty loosely framed.”

Sudhir Singh – “There is another issue in draft rules on once in a month information to user, and taking their consent. Any hard compliance of rules is normally easier for large players, they may easily invest and handle with technology but small players and start-ups it is difficult situation to comply.”

Sanjay – “From technology experience we learn that if you make something automated, user ignore it. So, what will happen is this will be implemented by sending one email to every user, once in a month, stating if you don’t comply, we will delete your account from platform.

That’s an email that is going to get ignored. So, it is a very ineffective suggestion. Also, there is an implicit assumption that all users are identifiable, which is not the case always. So, just to implement it you will have to identify users. That may not be a valid requirement.”

Bhusan –  “On the point that you need to have more than 5 million users. My question is procedurally how do you even establish that?

Will platform will have to do GPS type of tracking to ensure that and does this not create a privacy risk in itself e.g. I do not know does platforms like Quora know that they have more than 5 million users in India or not. It seems, there is this focus on regulating Big Techs and this 5 Million number really come from that.”

Sanjay – “Basically, anybody can be hosting user generated content. So, lets us say we are on a common platform, and there is a message flowing from me to you. If I violate the law, and let’s say the message is liable of incitement or any other law, then I should be held liable and not the platform.

For that platform needs to be qualified as intermediary, put under safe harbour and intermediary takes on the responsibility of helping the law enforcement. So, we should not take up start-ups out of its ambit. What we have to do is make sure that, the conditions required is that conformance to the standard should not be so terrible that start-up should be excluded.

So, we need to sharpen the requirement they they should be conforming with and make it easy enough for somebody to confirm.”

It is being discussed that Govt. is aiming for higher level of Penalty. What should be our recommendation?

Tanuj – “If you take very young company any short of hit is bad, but if you can put proportion of revenue basis, it will be at least more forward thinking, even if it is not absolutely fair, in some sense more fair of not having that rule or having flat rule. The amendments of changes we should think about of moving the penalty would be not being in favour of arbitrary penalty.”

Tarun added – “Our recommendations should be around sharpening rules, like who can use it who cannot use, what are the accountability measures on them, more than magnitude of these numbers.”

Saranya – “Just to address the Data protection law vis-à-vis intermediary act. The subject matter of Data Protection law is ‘personally identifiable information’, whereas Intermediary act tries to cover ‘all communication in some sense’ and hence, Intermediary act has a longer leash with regard to the person who can take the intermediaries to task.

The criteria of what would be offensive under Intermediary act is very different e.g. encouraging consumption of narcotics. Hence, the criteria that a person can take intermediary to task is extremely wide and needs to be curtailed.”

Bhusan – “There is an inherent subjectivity in these rules and there is need to some short of standard procedures on how these rules are applied by law enforcement agencies across. All that these rules say is  – any request has to come in writing and intermediaries have to comply with.”

Venky –  “From an implementation perspective we need implementation guideline. Section 5 is so wide that anybody can drive a truck through it.”

How the numbers (e.g. 72 hours period to respond and 50 lakh users) should be defined in a manner that is suits Start-ups who are in the early phase.

Sanjay – “Broadly, we need to identify the places and various numbers to apply proportionally depending upon the size of entity and size of violation, in our feed back to the Government.”

Sanjay also brought in attention to the “Appropriate Govt”, needs to be defined well. He said,  “What we want is the Govt. agencies to be defined.”

Bhusan –  “This is very standard way of defining. I have not seen any precise definition on specifying agencies in general regulation and I do not see they will start with IT act on this.

Bhusan mentioned another important issue of end-to-end encryption is a more political point rather than national security issue. (refer section 5 last lines).

Sanjay –  “This is about tracking and tracing may not be about encryption. The fact, that I sent information to some body is about meta data, it’s not about information itself. This may be clarified better, but is not about end-to-end encryption but about meta data.”

Sanjay further added, “perhaps one clause you could add is to say that the ‘intermediary should be able to do this based on the information it has, if it does not have information, there should be not requirement to maintain information’ e.g. if you take business of mailinator, they don’t keep record of mails sent in and out.”

Bhusan, added “it should not lead to intermediaries having a requirement to do KYC on users.”

Is 50 lakh only to target large platform players?

Sanjay, “my read is they may have thought that way. But in reality a regional ISP or even a small newspaper will fall in to that category.”

“Bhusan, I don’t think it is a number generate by some study, but it seems like they just picked it.”

The discussion was rapped with thanks to all players.

Author note and Disclaimer:

  1. PolicyHacks, and publications thereunder, are intended to provide a very basic understanding of legal/policy issues that impact Software Product Industry and the startups in the eco-system. PolicyHacks, therefore, do not necessarily set out views of subject matter experts, and should under no circumstances be substituted for legal advice, which, of course, requires a detailed analysis of the relevant fact situation and applicable laws by experts in the subject matter on case to case basis.
  2. PolicyHacks discussions and recordings are intended at issues concerning the industry practitioners. Hence, views expressed here are not the final formal official statement of either iSPIRT Foundation or any other organisations where the participants in these discussions are involved. Media professionals are advised to please seek organization views through a formal communication to authorised persons.   

White Paper On The Analysis Of High Share Premium Amongst Startups In India

“High share premium is not the basis of a high valuation but the outcome of valid business decisions. This new whitepaper by our iSPIRT policy experts highlights how share premia is a consequence of valid business decisions, why 56(2)(viib) is only for unaccounted funds and measures to prevent valid companies from being aggrieved by it”

What lies beyond the horizon: Digital Sky & the future of drones in India

Drones have been around for a long time, going back as far as World War II. For most of their history, they were considered part of the military arsenal and developed and deployed almost exclusively by the military.

However, the past decade has seen a tremendous amount of research and development in the area of using drones for civilian purposes. This has led industry experts to predict that drones will be disrupting some of the mainstay industries of the global economy such as logistics, transportation, mining, construction and agriculture to name a few. Analysts estimate a $100 billion market opportunity for drones in the coming few years  [1]. In spite of the overwhelming evidence in favour of the value created by drones, it has taken quite a few years for the drone industry to take off in a commercial sense globally.

The main reason for this has been the regulatory challenges around what is allowed to fly in the air and where is it allowed to fly. A common theme around the world is the unconventional challenges that old governmental structures have to face as they try to understand and regulate new technologies. Hence the default approach so far for governments has been reactionary caution as they try to control what are, essentially, flying robots in the sky.

However, with electronic costs coming down, the hardware becoming more accessible and the software interpreting data becomes more powerful a number of humanitarian, civilian and industrial application have emerged and as governments across the world are realizing the potential of drones, we are starting to see the first version of regulations being drafted and adopted across the globe.[2]

Closer home India has a relatively adverse approach to drones or more lackadaisical rather. [3]

But as India continues to drive to become a more technology-oriented economy the role of drones in the worlds fastest growing economy and the potential benefits it can bring are hard to ignore.[4]

However, India’s approach to drone regulations cannot be that of other major economies that have the luxury of friendly neighbours and a large network of monitoring apparatus, India has had to take an approach that has to be novel and robust. Something that balances the security landscape while also being designed to allow maximum utilization of the potential that drones offer. Out of this need to both regulate secure how and where a drone can fly and keep multi-ministerial stakeholder interests accounted for was born the Digital Sky, India’s foundational framework for all things drones.

What is the Digital Sky and how does it work?

What the Digital Sky accomplishes beautifully is to fill the institutional void that needs to be collectively fulfilled by so many institutions and make it easier for the industry and consumers to interface with the government legally through one platform. Permission to fly drone no longer requires a 90-day intimation with an arbitrary number of NOCs to be approved by umpteen number of ministerial bodies at the central and federal level. The industry and the public now know one place to interact with in order to register their drone, get recognised as a certified operator and apply for permissions and all concerned government agencies ensure their overarching interests do not interfere with the large-scale adoption of drones.  

There are crucial components required for the Digital Sky concept to work, the most central being that drone operators should not be able to fly drones if they are not approved by the government. To accomplish this the Drone 1.0 regulations revolve around the concept of No-Permission-No-Takeoff (NPNT).

Our maven Tanuj Bhojwani explaining NPNT at the DigitalSky RoundTable on 4 Dec 2018 in Bengaluru

What this implies is that unless a drone has got valid permission for a particular flight through tamper-proof digitally signed permission tokens, it will not be able to take off. The Digital Sky is the platform to automate the processing of these permission tokens as they flow in from different parts of the country without overwhelming the authorities through a flight information management system (one of only three countries to build this nationally after China and the USA). In order for this vision to come true, there will be an enormous change in the way drones are manufactured and operated. Entire new industry verticals around getting existing drones compliant, developing interfaces that interact with the Digital Sky platform and making applications for India’s needs will develop. Hence this begs the question.

How are the current state of the industry are changing with 1.0 regulations

Until the introduction of the regulations companies especially in the UAV operations were doing non-restricted work and end up becoming the jack-of-all-trades. Companies in the manufacturing domain were unclear of who is their target customer and what they needed to build. All the companies in this domain were working with no clarity on the safety and permissions.

With the introduction of the Drone Policy 1.0, there is a buzz which has been created and efforts are being made to understand the regulations by all the entities who are set to gain from it. They understand that there will be a new aspect that needs to cater to i.e. the sense of accountability.

For manufacturer’s The NP-NT mandate will be the most immediate requirement, the most common route to implement the mandate will be through changes to existing firmware architecture. The changes themselves are being driven by open source initiatives with various operators, system integrators and manufacturers contributing to the shift to NP-NT for all major drone platforms in the country. The Digital Sky has inadvertently catalysed the first industry-wide initiative to bring together all members of the ecosystem. Other requirements such as ETA bring in much-needed standardisation in the hardware space, this allows benchmarking of products, easier availability of information about the standards to look out for end users.

For operators, a massive increase in the volume of business is expected as they can now focus on getting certified drones into the air, and not so much on getting approvals. The Digital Sky brings in much-needed certainty and predictability into an industry that will be focused on balancing demand and supply of drone-related operations in a market that has a huge need for drones and their data but limited expertise to acquire and process it. This also puts onus an industry to become security and privacy conscious and insurance agencies will play an important role in this regard. It will also immensely help in changing the thought process of the companies providing services and their customers. Customers will start understanding that they also need to have a defined plan, process and execution instead of a haphazard existing process of execution.

How industry/playground will change over the coming years?

With the introduction on the regulations and a platform like Digital sky enabling the ease of doing business for the companies who are serious stakeholders in this domain, there is no limit to what developments will occur in the coming years. It opens up possibilities for utilization of Drone and its related technologies in Agriculture, Medical, Energy and Infrastructure and transportation.

The existing players will become more mature and more focused. They will understand that with regulations in place a more focused approach is the key to scale. They will look at opportunities to compete with the global market also as the solutions that are developed around the Drone Regulations 1.0 and 2.0 will be key factors that contribute to the Indian ecosystem to becoming a global standard to test, adapt and innovate drone applications and management.

What are the opportunities? What does that mean for the current and new players?

UAV/ Drones as a business was a far-fetched thought for many entrepreneurs and has been a struggling industry in the past in India. Going forward it is guaranteed that it will be one of the biggest markets in the world for UAV as a business. What the regulations and Digital Sky platform will enable is a new levelled playground ground for the UAV companies to initiate good scalable business models both existing and the ones entering new to the sector.

The existing companies with the right resources can now plan to scale their operations and also have the added advantage of doing work for the private sector in India. Due to the restrictive method of operations adapted previously the solutions to private agencies was unavailable. Now going forward the companies will shift their focus from being a B2G entity to a B2B entity. Many new businesses for UAV air traffic management, surveillance, AI and ML-based UAV solutions and deliveries will emerge out of India with technology specific to India.

If you want to join our future roundtable sessions on Digital Sky and more, please register your interest here.

The blog is co-authored by Anurag A Joshi from INDrone Aero systems, Abhiroop Bhatnagar from Algopixel Technologies and Gokul Kumaravelu from Skylark Drones

Understanding National Digital Communication Policy For Startups And Cloud Telephony Players

iSPIRT has been actively engaged in pursuing the favourable policy for the Cloud Telephony sector in Telecom Industry, an amalgamation of the various IT and Communications technologies.

National Digital Communication Policy has been announced recently and it is encouraging to see the announcements in the policy on some common issues to do with Startup ecosystem and digital communication aspects of the Cloud Telephony Players.

We are expecting the Department of Telecom (DOT) to further work on implementation and framing of rules and regulation in light of policy in near future. Despite many positive directional changes, there is a need to develop a regulatory framework for the Cloud Telephony players. Cloud Telephony players are adding value to communication and hence to the economy in several innovative ways. In addition, they also add a good revenue stream to licenses Telecom Service Providers (TSPs).

This PolicyHacks session is devoted to the critical analysis of the NDCP for this sub-sectoral player. Some of the entrepreneurs involved in the discussion are Gurumurthy Konduri of Ozonetel, Ujwal Makhija of PhoneOn, Gaurav Agrawal of Exotel and Gaurav Sawhney of Knowlarity.

A recording of this discussion is given below. Please feel free to click and watch. (About 20 seconds lost in the opening frame, apologises for the error)

The main point covered in the discussion is summed up below as are the some of our recommendations and good work is done (while the Policy was in the draft stage and during various consultation processes), which have been reflected in the policy under respective sections as under:

Page 7

1.1.(f)   – Encourage and facilitate sharing of active infrastructure by enhancing the scope of Infrastructure Providers (IP) and promoting and incentivising the deployment of common sharable, passive as well as active, infrastructure

1.1.(g).iv.  –  Allowing benefits of convergence in areas such as IP-PSTN switching.

Both of these are encouraging moves however it is to be seen how further rules and framework make easy for Small and Startup companies to use them without licensed TSPs creating a barrier for them.

Page 8

1.1.(j) – By encouraging innovative approaches to infrastructure creation and access including through resale and Virtual Network Operators (VNO)

This is a very encouraging announcement for the Cloud Telephony startups.

Page 14

2.1. (c ) iv. – Improving the Terms and Conditions for ‘Other Service Providers’, including definitions, compliance requirements and restrictions on inter-connectivity

2.1.(c ).viii. – Creating a regime for fixed number portability to facilitate one nation – one number including portability of toll-free number, Universal Access numbers and DID numbers

Again very encouraging but needs some boost up. Audiotex regime must go most speakers feel and all the players in Cloud telephony are treated as ASP. These provisions will help cloud telephony to deliver better value propositions in their offerings.

Page 15

2.2.(a) iv:  – Encourage use of Open APIs for emerging technologies

2.2. (b) – Promoting innovation in the creation of Communication services and network infrastructure by Developing a policy framework for ‘Over The Top’ (OTT) services.

2.2.(f) ii.  – Enabling a light touch regulation for the proliferation of cloud-based systems

2.2.(f).iii. – Facilitating Cloud Service Providers to establish captive fibre networks.

A welcome move to encourage Open APIs. However, licenses TSP should be given one standard that is governed by DOT to implement any APIs that let them monitor cloud telephony or ASPs on their network, instead of allowing them to create a regime of their own.

Generally, an OTT policy is recommended in reforming the sector. However, OTT framework should not be mixed with ASP or Cloud Telephony providers. It is better to keep a distinction between the two.

Page 17:

2.4.(a).ii: – Promoting participation of Start-ups and SMEs in government procurement

2.4.(b).  – Reducing the entry barriers for start-ups by reducing the initial cost and compliance burden, especially for new and innovative segments and services.

Acceptance of these issues is very encouraging. The Government can be a very big user of the Cloud Telephony industry also. And we hope this will turn out to be a winning proposition for the Cloud Telephony industry in near future.

Conclusion

Whereas this policy announcement reflects a positive change, it is yet to be seen how DOT look at Cloud Telephony and provides it with a recognition as a sub-sector with easy and proper regulatory framework for same.

Note: The above article is co-authored by Gurumurthy Konduri of Ozonetel with Sudhir Singh of iSPIRT

Preferred Market Access Policy for Indian CyberSecurity Products

The government of India had announced a Preferred Market Access (PMA) policy for Cyber Security products through an order notifying the Public Procurement (Preference to Make in India).

MeitY shall be the nodal Ministry to monitor and administer this PMA policy.

The policy announcement is given at link given here.  Public Procurement (Preference to Make in India) Order 2017- Notifying Cyber Security Products in furtherance of the Order

iSPIRT has been pursuing with MietY, application of PMA for all Indian Software Products to promote the Indian Software product industry and it is heartening to note that at least one important sub-sector of Cybersecurity has caught the Government’s attention.

iSPIRT organised a PolicyHacks session to understand this policy announcement with Ashish Tandon Founder & CEO of Indusface and Mohan Gandhi of Entersoftsecurity.

Ashish has been following the policy announcement and has earlier published a blog at https://pn.ispirt.in/cybersecurityproductsprocurement/

You can watch the discussion with Ashish and Mohan at below given YouTube video, in a question and answer format with Sudhir Singh.

What are the essential features of this Policy?

Ashish described the main features stating that this is a policy that is going to help boost Cybersecurity products in India. Govt. of India identified areas that require boosting ‘make in India’ products for the sensitive areas of cybersecurity.

Is there a way product companies can register or Government is going to keep a registry of ‘made in India’ products?

Ashish explains the policy has provided for the formation of a committee that will further provide for a process for empanelment of Indian Cybersecurity products and Indian Cybersecurity product companies with some defined key aspects that would qualify for empanelment.

Ashish further explained that as the empanelment aspects are decided there may also come up with a process for testing and meeting standards and quality norms etc.

Are there are enough product companies in ‘Cyber Security’ space for empanelment?

Mohan Gandhi answered that there are several product companies, but this policy should further strengthen the ‘make in India’ aspect and companies based out of India with deep tech product can look at getting this advantage of this policy.

Whether the Policy will be applicable to “productized services”?

Ashish answered, that this policy is applicable to the only product and at best give preference to made in India products in turnkey projects wherein a large project cybersecurity product is involved.

How will this policy help Start-up companies in Indian Market?

Mohan mentioned, that one interesting thing about this policy is that, it clearly talks about intellectual property. There is a need to register and prove that the IP belongs to India. It will encourage small companies to register the IP and leverage the Indian IP even when they are selling abroad.

Is there enough clarity exist on process and enplanement etc.?

Ashish feels the policy has already prescribed setting up of an empowered committee who will look at these aspects and it is MeitY that will be responsible for doing this.

Ashish further also elaborated that this Policy will get further push once some companies start getting empanelled and processes and rules are framed under MeitY by the empowered committee.

In concluding remarks, both Ashish and Mohan felt that Cybersecurity ecosystem will get a boost by this policy as the policy is furthering the cause by advising Government departments for preferring Indian products. With Digital economy on anvil, there should be a huge demand in Government and Public sector enterprises for cybersecurity. Cybersecurity product market is today dominated by players from the US, Europe and Israel.

The policy has to be pushed hard to further encourage and coupled with StartupIndia policy, there should be all-out effort to promote the Indian Cybersecurity product companies.

Policy Hacks Session on GDPR & DEPA

Here are concerns and curiosity about European Union General Data Protection Regime (GDPR) and there is a related issue in India being covered under Data Empowerment and Protection Architecture (DEPA) layer of India Stack being vigorously followed at iSPIRT.

iSPIRT organised a Policy Hacks session on these issues with Supratim Chakraborty (Data Privacy and Protection expert from Khaitan & Co.), Sanjay Khan Nagra (Core Volunteer at iSPIRT and M&A / corporate expert from Khaitan & Co) and Siddharth Shetty (Leading the DEPA initiative at iSPIRT).

Sanjay Khan interacted with both Siddharth and Supratim posing questions on behalf of Industry.

A video of the discussion is posted here below. Also, the main text of discussion is given below. We recommend to watch and listen to the video.

GDPR essentially is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU.

Since it affects all companies having any business to consumer/people/individual interface in European Union, it will be important to understand this legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).

Supratim mentioned in the talk that GDPR is mentioned on following main principles.

  1. Harmonize law across EU
  2. Keep pace with technological changes happening
  3. Free flow of information across EU territory
  4. To give back control to Individual about their personal data

Siddharth explained DEPA initiative of iSPIRT. He mentioned that Data Protection is as important as Data empowerment. What this means is that individual has the ability to share personal data based on one’s choice to have access to services, such as financial services, healthcare etc. DEPA deal with consent layer of India Stack.

This will help service providers like account aggregators in building a digital economy with sufficient control of privacy concerns of the data. DEPA essentially is about building systems so that individual or consumer level individual is able to share data in a protected manner with service provider for specified use, specified time etc. In a sense, it addresses the concern of privacy with the use of a technology architecture.

DEPA is being pursued India and has nothing to do with EU or other countries at present.

For more details on DEPA please use this link here http://indiastack.org/depa/

Sanjay Khan poses a relevant question if GDPR is applicable even on merely having a website that is accessible of usable from EU?

Supratim explains, GDPR applicable, if there is involvement of personal data of the Data subjects in EU. Primarily GDPR gets triggered in three cases

  1. You have an entity in EU,
  2. You are providing Goods and services to EU data subjects whether paid for or not and
  3. If you are tracking EU data subjects.

Many people come in the third category. The third category will especially apply to those websites where it is proved that EU is a target territory e.g. websites in one of the European languages, payment gateway integration to enable payments in EU currency etc.

What should one do?

Supratim, further explains that the important and toughest task is data management with respect to personal data. How it came? where all it is lying? where is it going? who can access? Once you understand this map, then it is easier to handle. For example, a mailing list may be built up based on business cards that one may have been collected in business conferences, but no one keeps a track of these sources of collections. By not being able to segregate data, one misses the opportunity of sending even legitimate mailers.

Is a data subject receives and gets annoyed with an obnoxious email in a ‘subject’ that has nothing do with the data subject, the sender of email may enter into the real problem.

Siddharth mentioned that some companies are providing product and services in EU through a local entity are shutting shops.

Supratim, mentions that taking a proper explicit and informed consent in case of email as mentioned GDPR is a much better way to handle. He emphasised the earlier point of Data mapping mentioned above, on a question by Sanjay khan. Data mapping, one has to define GDPR compliant policies.

EU data subjects have several rights, edit date, port data, erase data, restrict data etc. GDRP has to be practised with actually having these rights enabled and policies and processed rolled out around them. There is no one template of the GDPR compliant policies.

Data governance will become extremely important in GDPR context, added Siddharth. Supratim added that having a Data Protection officer or an EU representative may be required as we go along in future based upon the complexity of data and business needs.

Can it be enforced on companies sitting in India? In absence of treaties, it may not be directly enforceable on Indian companies.  However, for companies having EU linkages, it may be a top-down effect if the controller of a company is sitting there.

Sanjay asked, how about companies having US presence and doing business in EU. Supratim’s answer was yes these are the companies sitting on the fence.

How about B2B interactions? Will official emails also be treated as personal? Supratim answers yes it may. Again it has to be backed by avenues where data was collected and legitimate use. Supratim further mentions that several aspects of the law are still evolving and idea at present is to take a conservative view.

Right now it is important to start the journey of complying with GDPR, and follow the earlier raised points of data mapping, start defining policy and processes and evolve. In due course, there will be more clarity. And if you are starting a journey to comply with GDPR, you will further be ready to comply with Indian privacy law and other global legal frameworks.

“There is no denying the fact that one should start working on GDPR”, said Sanjay. “Sooner the better”, added Supratim.

We will be covering more issues on Data Protection and Privacy law in near future.

Author note and Disclaimer: PolicyHacks, and publications thereunder, are intended to provide a very basic understanding of legal/policy issues that impact Software Product Industry and the startups in the eco-system. PolicyHacks, therefore, do not necessarily set out views of subject matter experts, and should under no circumstances be substituted for legal advice, which, of course, requires a detailed analysis of the relevant fact situation and applicable laws by experts in the subject matter on the case to case basis.

Software Exporters claim your GST Refunds

GST regime has brought a new dimension to treatment of Indirect taxation in Exports.

Prior to GST era, the export invoice had no Indirect tax mentions. So also, the indirect tax returns had nothing to do with Exports.

After GST implementation, to make the GST truly value added and consumption-based tax a concept of Zero-Rate supply was introduced. This made it necessary for exporters to account for indirect tax (GST) at time of exports.

An exporter has to adopt either of the two below given methods.

  1. Export with IGST Paid – include and pay IGST at time of export to Govt. on invoice value and later get refund or
  2. Export under LUT without payment of IGST – File a letter of Undertaking (LUT) with GST department and raise zero IGST export invoices and get refund of GST paid on inputs at later date.

Note: Before October 2017 there was also a requirement to sign a Bond (backed by bank Guarantee) if the value of exports for an enterprise in previous years were less than Rs. 1 Crore and sign a LUT if previous year exports were more than Rs. 1 crore. The requirement to sign a BOND has been done away with and all the BONDS signed until October 2017 will be treated as LUT, format and paper work being almost similar.

As working capital gets blocked if the IGST route is adopted (exporter pays IGST and then file for refund again and again on each billing cycle), not many may have adopted this route. Hence, A good number of Software exporters filed Bonds or LUTs with GST department early at start of GST regime.

The tax refunds can be claimed every month. However, for most small exporters it may be useful to file tax refund claims once at end of financial year. This will keep administrative burden low and also the cost of tax management low, while seeing a handsome refund amount in one go.

This write-up is meant to simplify issues of GST refund in exports for entrepreneurs i startups including SaaS and Software products.

Why is refund applicable on Exports?

First thing to understand is that under GST regime (unlike previous VAT and service tax) exports and imports are subject to IGST (in lieu of CGST+SGST), which is a tax applicable on Inter-state supplies. GST law treats exports and imports at par with inter-state trade to make exporters account for IGST.

Second thing to understand is whereas exports are covered under IGST (inter-state supplies), the exports are treated as “Zero Rates” supplies i.e. such supplies will have zero indirect tax incidence finally. The tax incidence of Indirect tax is normally on the final consumer of goods and services. Since, in exports the final consumer of goods or services is located outside India, the consumption happens outside the country. To maintain competitiveness of exports from country and to align with tariff structures in place before GST implementation, the indirect tax has to be zero (excepting a list of goods that are subject to tax). The exports and supplies to SEZ (deemed exports) have been treated as Zero-rate supplies.

Third thing to understand is the GST is a value added tax. This can be understood from old VAT regime, also. A supply of goods or service when passes from original manufacturer to end consumer through various trading channels, it’s value increases at every point. If A sales a good for Rs. 100 and charges GST of Rs. 18 the cost becomes Rs.118 to B, now B may sale same at Rs. 125 to C the final consumer. The GST will now be Rs. 22.5 and final cost to C will be Rs. 147.50. B however gets an input credit of Rs. 18 and pays Rs. 4.5 tax (Rs. 22.5- Rs. 18).

Now, if B is an exporter and C is a client abroad, B has an option to adopt one of the two routes described above.

Route 1 – B can raise an export invoice with IGST paid of Rs. 22.5. Client C is charged Rs. 125 (in equivalent foreign currency) but IGST of 22.5 is paid to GST department in India.  B then files for a claim of entire GST amount of Rs. 22.5.

Route 2 – B can file a LUT with GST department and raise an invoice with IGST zero and Rs. 125 (in equivalent foreign currency). Now either at month end or within a period of 2 years B can ask for refund of IGST that B has paid when procuring supplies from A of Rs. 18. This Rs. 18 is called unutilised input credit.

Refund of unutilised input is available as the final goods are consumer by client C in foreign territory and C is not subject to payment of indirect tax. Hence the tax accumulated by exporter B from his previous suppliers (can’t be born by the exporter) and should be refunded.

Had the consumer C been in domestic tariff area i.e. within the territory of India, the final value added tax on supplies would have been born by the consumer.

An exporter can claim unutilized input credit on all the inputs required in production of final product or service exported.

How can exporters claim utilised tax credit (GST) refund?

As per Section 54(3) of the CGST Act, 2017, refund can be claim of unutilised input tax credit can be done at the end of any tax period (tax return period) i.e. a taxpayer can claim refund on monthly basis.

As per the provisions of GST Law, Refunds to be granted to the dealer electronically on the basis of application in RFD-01. However, due to the non-availability online process, as per notification No.39/2017-Central Tax, dt. 13-10-2017 exporters can file manual refund claims to the jurisdictional officers.

A New form RFD-01A introduced to be filed manually by the exporters to facilitate early Refunds vide Circular no.17/2017 dated 15-11-2017.

For those adopting IGST paid route, the processes is more simpler and 90% of tax is supposed refunded within 7 days of filing. This writeup assume most exports barring petty exporters have adopted LUT route.

This write-up is not meant to describe a detailed process, but highlight the need to file for refunds by exporters if not filed yet, instead of letting the input tax credit to be passed on to next year. This will help channelize funds recouped in to business cycle for next year.

In order to file for refund an exporter needs to have filed all required returns on GST portal and should have records of all purchase invoices, export invoices raised, and the bank certificates of remittances received against export invoices.

For those who are suppling to Special economic Zones (SEZs) the process is similar to exports, except there will be documents and certification to be sought from SEZ units and local jurisdictional officer.

For a detailed understanding on these refunds one can refer to CBEC article given here on Refund of unutilised Input Tax Credit (ITC)

Conclusion

As the financial year end closes, all such exporters who have filed a LUT or BOND should be gearing up to seek GST refunds, if not done already.

GST regime started with lot of confusion for small exporter. Many issues have been resolved and many are yet to be resolved. GST is a much better regime in terms of taxation. However, a fully featured matured and fully digital GST regime will be much more beneficial for exporters. We hope in next financial year we can see roll out of a fully digital GST with near zero interference from officials and manual applications.

The History and Future of Angel Tax

“I propose a series of measures to deter the generation and use of unaccounted money. To this end, I propose:

Increasing the onus of proof on closely held companies for funds received from shareholders as well as taxing share premium in excess of fair market value.”

When ex-Finance Minister Pranab Mukherjee introduced angel tax in 2012, it created an uproar in the fledgeling startup and angel investor community. While the purpose of this section was to reduce money laundering by imposing the hefty tax rate of 30.9 percent, it had several inadvertent consequences.

There were several cases of money laundering by Jaganmohan Reddy that were caught by the Enforcement Directorate, who revealed that people had “paid bribes to Reddy in the form of investments at exorbitant premiums in his various companies to the tune of Rs 779.50 crores apart from making payment of Rs 57 crores to him in the guise of secondary purchase of shares and donation of Rs 7 crores to the YSR Foundation”.

To prevent such abuses of the law, the government clamped down and stated that any unjustified share premium given by a private company would be taxed as income in their hands. But to catch one culprit, they threw the book at many innocents. The relevant law known as section 56(2)(viib) of the Income Tax Act came to be known as the angel tax section. Many startups which are private companies and had issued shares at a premium to angel investors ended up facing notices from the tax authorities under this section. This premium is treated as income in their hands, classified as “income from other sources” and taxed at the maximum marginal rate of tax.

The ‘Startup India’ initiative changed all that. Under the stewardship of the Honourable Prime Minister, startups became a focus area. As per the ten points in the Action Plan, if a startup was registered post- April 1, 2016, then the angel tax was not applicable to the startups. The move had helped startups operating in that area, but a problem still existed for startups that were incorporated before 2016. In fact, in December 2017, many startups received notices and orders for the Financial Year 2013-14. A few entrepreneurs who faced income tax notice hassles launched an e-petition called Change.org in January 2018 so that the government could take some concrete action in Budget 2018.

iSPIRT has taken up the matter with MoF and DIPP on the same. We had made some representations to MoF specifically before the budget. In the budget, the Finance Minister made a statement on continued assistance to the Angel Ecosystem. Due to rigorous efforts that went into sharing of information by these startups, we have recently seen MoF making the welcome announcement.

As per the latest announcement, angel tax would not be applicable on startups which are incorporated before 2016, fulfil the criteria under Startup India Policy and have been granted angel funding up to Rs10 crores. It is believed that at least 300 startups will get a breather from angel tax. The government is also likely to establish a separate committee for the recognition of startups that meet these criteria.

In a further relief to startups, the Finance Secretary Hasmukh Adhia also announced that income tax officers would not take precipitate action and will proceed only after the first set of appeals decided in appellate cases. The exact phrase they used was “no coercive action”, which helped many startups heave a collective sigh of relief. All pending appeals by March 31, 2018, will be quickly addressed.

If you are a startup and need further guidance on angel tax, you should follow the steps below:

  1. Register at DIPP for a startup even if you were incorporated before 2016 and currently are still a startup as defined by DIPP by logging onto this site and filling up the form at https://www.startupindia.gov.in/registration.php.
  2. If you are a startup as per DIPP definition, then get your DIPP certification. All startups which may have raised funding post-April 2016 and are registered with DIPP will not have angel tax applicable to them.
  3. If you are a startup which has received income tax notices for years before 2016 and is still eligible to register as a startup, then please register yourself with DIPP. You can share the registration certificate and relevant notifications with the assessing income tax officer to get an exemption from angel tax.
  4. If you are a startup which has received income tax notices for years after 2016, then please repeat step 2 mentioned above and then appeal against the order. It is important that due process is followed so that the redressal measures taken by the tax authorities can come into effect.

These startups do not have to pay 20% of the tax order at the time of appeal as this has been a one-time exception granted till 31st March 2018 to avoid hurting the sentiments of the startup ecosystem. You can share the order with iSPIRT.

Also, pursuant to our meeting with MoF, we have been assured that the income tax officers in the various jurisdictions have been directed to exercise leniency on this till the new taxation regime for angel and venture capital investors comes into place, as announced by the Finance minister in his budget speech. The officers are aware of the hardships that startups now face and are doing their best to mitigate this within the ambit of the current law.

DIPP and MoF are also in the process of allowing a waiver to the earlier startups facing the angel tax issue, provided the investment made is under Rs 10 crores and subject to an Inter-Ministry board approving the same. This should happen in the next 5-10 days.

We will encourage all startups which have received notices and orders under Section 56 to follow the above steps to chart their way across the new announcements.  

Please forward your orders to [email protected] enabling us to use these orders to take a strategic view to policy to help with this issue in the long term.

Start up India.

Stand up India.

This post is co-authored by Nakul Saxena and Siddarth Pai, Policy Expert Council Members, iSPIRT Foundation

iSPIRT’s Response to Justice SriKrishna committee’s White Paper on Data Protection Framework for India

Read more about the Data Protection Law here: https://pn.ispirt.in/india-in-a-digital-world co-authored by Shrikant Karwa and Sarika Mendu.
For any query, Feel free to write to us: [email protected]

While Well-Intentioned, Budget 2018 Falls Short of Expectations

Starting nine years ago, Aadhaar, eKYC, UPI and the rest of India Stack laid the foundation for a formalization of the Indian MSME sector. With the introduction of Aadhaar for Business and the unlocking of GST data for lenders, we are poised to see an explosion in flow-based lending to MSMEs, ultimately having a multiplier effect on jobs and economic growth. This is great news for MSME focused digital lenders and the product startups serving them. Therefore, a significant digital dividend for the Bharat economy is finally in sight.

It is heartening to see government adopt the same digital-first approach when it comes to health and education. While this is a great start, much work remains. Laying the policy foundation alongside an India Stack inspired technology spine will ensure the rise of the Bharat focused tech-entrepreneur. We need India’s entrepreneurs to lift outcomes for patients and students not adequately served by our existing system.

On the startup and investor fronts, this budget is a missed opportunity to address the important near-term issues. We had hoped to see the resolution for Angel Tax and other such Stay-in-India Checklist issues. Slapping a Long-Term Capital Gains Tax on the previously untaxed sale of listed equities will adversely affect the List-in-India initiative. Additionally, the compliance overhang of listing will no longer be tempered by the promise of tax-free gains. The promised tax regime must incentivize and protect foundational (angel and domestic investors) as opposed to fleeting capital.

While well-intentioned, this budget falls short of our expectations. India’s complexity and diversity call for a much more responsive and action-oriented policy-making approach. Only then can we harness our entrepreneurial energy to address India’s most pressing challenges.

About iSPIRT
iSPIRT is a non-profit technology think tank that builds public goods for Indian product startup to thrive and grow. Learn more: www.ispirt.in

Sanjay Jain, Nakul Saxena, Sudhir Singh and Sanjay Khan Nagra Fellows from our policy team have issued a press release on 1st February 2018, a copy of it is here. Reach out to Sanjay Jain in case you would like to know more details.

Special thanks to our volunteers Sharad Sharma, Siddarth Pai, Tanuj Bhojwani, Sarika Mendu, Anukriti Chaudhari, Karthik KS. 

Economic Survey coverage on IT Sector and Exports

Every year we have two events in financial year end which attracts every one right from Industry, Agriculture to common man of this country. These are annual budget of Govt. of India and preceding the budget the Economic survey. The Chief economic adviser who keeps an eye on the Economy of the country round the year and advises the Govt. on right policy formulation, presents the Economic Survey year, which is both the stock of performance of the Economy as well as a guide to investigate future, especially setting the thought process for the budget.

This year’s Economic survey was very important from the perspective of having come after two consecutive events in short term, the Demonetization effect + GST. This year’s economic survey also moved ahead from “digital economy” theme. The word digital finds only a lip service in certain places in volume II.

The information technology sector has been an important sector of Indian economy for last 2 decades. This write up is a synopsis view of how Economic survey has projected the performance of this sector vis-à-vis the rest of economy.

On overall terms, Chief Economic Advisor(CEA) is very optimistic and has projected a 7+% growth in GDP in next one-year time frame. He has rightly quoted the positive indicators from International rating agencies of Moody’s upgrade of India’s ranking and a jump in world banks ranking on Ease of doing business.

The “Software” and IT is covered under “services” as the balance of payment accounting accounts “Software” under services and non-factor services balance. This accounting entry in current account balance has consistently performed for years for India. The following chart is self-explanatory on this.

Almost every Government record uses the terminology IT-BPM to aggregate both IT services and ITeS exports. Software forms part of IT exports and it is difficult to estimate the Software product exports in this category as it includes mix of various reporting.

In India there are two sources of data for Software exports. One from a RBI data based on remittances reported under specified codes and secondly from data and analysis reported by NASSCOM, STPI and Jurisdictional SEZ commissioners.

The interesting difference in this year’s Economic survey is the data reported by RBI and NASSCOM is in two different directions. Usually both do not match. This year RBI reported a negative (-)0.7% in 2016-17 growth in exports, whereas NASSCOM registered a 7.6% growth in exports.

Another interesting chart from economic survey reporting from this sector is a report from world bank data base. The chart given below depicts that India, Israel and Philippines as top players in ICT exports to the world. It is common knowledge that Israel’s exports are based on their competitive advantage in Software products, India in IT Services and Philippines in BPO. Israel a small country export levels using product as a base are higher than India’s in IT services. It goes without saying that India needs to shift its strategy in the sector and give emphasis to products in its ICT portfolio.

FDI inception in the sector can not be estimated separately from given data. However, FDI in overall services sector (of top 10 service sector) had a share of 65.8%. in April-October 2017-18.

The survey also reported a robust growth of services sector to 16.2% in April-September 2017 owning to major sectors like travel and Software.

Software services share was 45.2% of overall services exports in 2016-17. (The software however in report means complete IT sector).

GST in Economic Survey

On fiscal policy side, GST is a new entrant in the system. GST also treats every thing that is intangible in IT as service be it is a IT Service or a Software product. As per CEA there is a 50% increase in registration of tax payers after GST introduction. This is a healthy sign for the economy and for digital transformation of economy.

With indirect tax on Software having risen from 15% to 18% there will be a larger gross value addition in Domestic market by the Software sector. Plus, increased digital adoption is expected to boost the overall domestic trade in this sector.

GST system also effects how exports are done. On export front discounting the initial difficulties exporters had, GST is expected to ease the compliance on export front as well as complexities that affected many on Place of supply/provision of services rule.

Other general announcements on Exports

Many of the India’s states are much larger than some developed countries. However, it is for first time that a comparison or detailed data on the international exports of states has been included. Also this data shows a strong correlation between export performance of states and their standard of living and affluence.

A figure from Economic survey is reproduced below.

IT is said that there is no super star exporters in India. According to survey, top 1 percent of Indian firms account for 38 percent of exports; in all other countries, they account for a substantially greater share (72, 68, 67, and 55 percent of exports in Brazil, Germany, Mexico, and USA respectively). And this is true for the top 5 percent, 10 percent, and so on.

This analogy also helps us undertand that in IT sector also there is no superstar that is ruling the globe in international trade from India. Rather in IT the spread is much wider and open. India needs to build a Google is the dream that remains to be realised for this sector, to be a true Software power.

A chat below explains this in the survey.

Conclusion

There is a clear cut challenge on economic front for IT sectors. The share of IT exports in total Services export has also been going down for last few years. Survey says Govt. is taking several steps to boost this. However, the reality is that government has yet to take right steps in changing world scenario both to boost the exports as well as growth of domestic IT industry.

Government has failed to recognize formation of a sub-sector of SaaS products and bring up new programs and schemes for promotion of Software product as a sector with in IT. iSPIRT has been continuously working to influence the policy makers to come up with a Software Product policy which can lead to announcement of a Scheme for SaaS companies and boost morals of Indian Startup entrepreneurs to stay in India and run global business from India.

With this background now we look forward for a Budget 2018.

 

List of Startup Issues resolved Stay-in-India Checklist

iSPIRT has taken up a checklist of issues to be resolved for helping Startups stop relocating themselves abroad and stay in India, popularly called as Stay-In-India Checklist. These were taken up with Department of Industrial Policy and Promotion (DIPP) under Ministry of Commerce, Government of India. DIPP is also the administrative department for Startup India Policy.

There are a number of issues that have been resolved, till today.

A list of eight issues that have been resolved until now that directly effects the Startups on company law or their promotion and ease of doing business are given below.

1.  IPR Registration

A scheme for promoting IPR awareness has been brought out by DIPP with an objective of promoting IP awareness, conduct workshops and training to enable an innovation-driven environment. The details of the scheme are given on DIPP site like here.

2.  Conversion process of LLP into company

Conversion of an LLP into a company was allowed with an amendment to Section 366 of the Companies Act, 2013, as notified on 1 April 2014. This has further been simplified by bringing down threshold of member from 7 members to 2 members. Please refer to the amendment in section 266 of THE COMPANIES (AMENDMENT) ACT, 2017, published on 3rd January 2018. Refer the link http://www.mca.gov.in/Ministry/pdf/CAAct2017_05012018.pdf

3.  Incorporation process to be simplified

Rule 38 of Companies (Incorporation) Rules, 2014 provides for SPICe (Simplified Proforma for Incorporating Company electronically) form for incorporating a company. This is considered to be a welcome step as this simplified procedure would save the time of incorporation of a company.

The Fourth amendment rules notified on 1st October 2016 and Fifth amendment notified on 29 Dec 2016 came in to force from 1st January 2017 provides for much simpler SPICe form, now known as E-Form SPICe (Form INC-32).

SPICe now integrates into single application  – reservation of name, allotment of Directors Identification Number (DIN). It can be filled without having DIN already, by maximum three directors.

The company is allotted Permanent Account Number (PAN) and Tax Deduction Account Number (TAN) and Certificate of Incorporation (CIN) on completion of form and processing by ROC. The PAN number is printed on CIN.

For details visit MCA FAQ at http://www.mca.gov.in/MinistryV2/spice_faqs.html

4. Provisions permitting outbound or Cross-Border

MCA has notified Section 234 of the Companies Act 2013 (2013 Act) which permits cross-border mergers with effect from 13 April 2017. MCA has also notified relating amendments to the Companies (Compromises, Arrangements and Amalgamations) Rules 2016 (Merger Rules) by inserting a new Rule 25A to be effective on and from 13 April 2017.

The provisions now permit cross-border mergers both ways.

  1. Inbound – Foreign company merging into Indian company
  2. Outbound – Indian company merge into a foreign company.

This will help the intra-group situations and also open opportunities to raise capital, diversify ownership base and achieve other strategic objectives

5.  Regulation on Insider trading on private companies

Section 195 of the Companies Act, 2013 has been omitted by way of Companies (Amendment) Act, 2017 as it was deemed that the SEBI regulations on the same are wide enough to cover such instances. Currently, there is no provision under the Companies Act, 2013 which deals with insider trading in private companies

 6. Regulations governing TDS to be rationalized

Thresholds limits for TDS deductions under various sections has been increased and also the rate of tax rationalized in some cases in the Budget 2016. We may see some more changes coming in future.

7.  Single window agency for closure of failed startups

The Insolvency and Bankruptcy Code 2016, is a single legislation clubbing together the processes for resolution or liquidation of corporate persons.

Sec 12 of the Insolvency and Bankruptcy Code, 2016 provides for closure of failed startups within 180 days, which can be extended by another 90 days.

This provision removes the hindrance of long drawn procedures and timelines when it comes to the closure of such failed startups by capping the process at 180 days.

8. External commercial borrowing guidelines to be relaxed

A startup can borrow up to US$ 3 million or equivalent per financial year under ECB framework, either in Indian rupee or any convertible foreign currency or a combination of both. In case of borrowing in INR, the non-resident lender should mobilize INR through swaps/outright sale undertaken through an AD Category-I bank in India.

We have already covered this announcement in detail on our blog at https://pn.ispirt.in/external-commercial-borrowing-norms-for-startup-ecb/

iSPIRT will be further pursuing with DIPP and other Departments and Ministries of Govt. of India on the additional items in Ease of Doing Business for starts ups and furthering its agenda of Stay in India.

Software Exports – GST makes it difficult to do business

The GST was welcomed by all as a revolutionary measure. We had covered one earlier topic, “How GST will work for software exporters”. There have been many changes in last few weeks before GST was launched in the IGST law.

Please note that “GST law” treats Software as “Service”. Hence, there may be a mention on “Software” and “Services” in mixed manner in the write-up. This write-up is just focusing on problems and issues created for exporters by the GST process. On details of process there are many blogs on internet.

After launch of GST since 1st July 2017, we came across many questions and concerns on how GST on Exports. I have been trying to write a piece on how the process works for Software exports under GST. However, the policy and process for export of “Services” was not at all clear. I have myself struggled through,  and it has taken more than 6 weeks to understand the process, raise exports invoices and multiple documentations required.

GST has turned out to be nightmare, especially for Small and medium Software exporters and will continue to do so, unless corrective measures are taken up.

Let us look into how process required to be complied, caused problems.

Exporting Software under IGST law

IGST law on one hand treats exports as “Zero-rated” supplies and on the other hand treats exports as “inter-state” trade instead of “International trade”. These two corollaries of GST law are inherently paradoxical.

Being Zero-rated there is no tax or duty on export. However, being Inter-state trade (rather than being international trade) it requires payment of IGST under IGST law.

If one delves deep in to this application of IGST on exports, it clearly comes from concern of tax policy makers on “Goods”, moving in a container and a compliance assuring good reach port of export and gets exported finally. That this does not apply to services has not been thought over by the GST law makers. (the assumption may be services will adjust in due course of time)

Hence, as per IGST law an exporter is required to either

  1. Pay IGST 18% on Software export and get it refunded

Or Export without IGST by

  1. Filing a Bond if the exports in previous year were less than rupees one crore.
  2. Filing a LUT if the exports in previous year were more than rupees one crore.

Filing a Bond requires submitting a Bank Guarantee to GST department up to 15% of the amount of duty applicable on estimated exports value in a given (say a year). The jurisdictional office of GST has a discretion to decide bank guarantee amount anywhere from Zero to 15%.

If the office approves zero % (or nil) bank Guarantee, the department asks a set of declarations and data of past year.

Anything that is based on discretion in regulation, also brings in corruption with it. Whereas there is news from many places that jurisdictional GST office are waving bank guarantee clause for Software/IT exports. There is also news that GST department is randomly asking for bank guarantees.

Problems created by IGST law

Locking of working capital

A small software exporter or a startup not having more than 1 crore of “export turnover” in past year will have to opt for either option a) Or b) from above choices i.e. either the exporter has to pay duty and get a refund or has to sign a bond with bank guarantee.

If the bank guarantee is not waved by the jurisdictional officer, the exporter will have to keep the bank guarantee replenished continuously to support regular exports.

gst-workingcapital

In either of the cases the IGST law locks the working Capital of the start-up or small exporter.

The GST law therefore goes against policy of Government of India to promote startups. It also is going to be regressive measure for large number of small IT companies, IT consultants and freelancers.

Discretion causes corruption on ground

Anything that is based on discretion in regulation, also brings in corruption with it. For those who want to file bond, the jurisdictional office of GST has a discretion to decide bank guarantee amount anywhere from Zero to 15%.

Whereas there is news from many places that jurisdictional GST office are waving bank guarantee clause for Software/IT exports. There is also news that GST department is randomly asking for bank guarantees.

GST department’s manual intervention in Exports

Exports before GST were never allowed to report or get clearance from Indirect tax departments. Now, GST department has become a gateway for every exporter of Goods and Services, thus extending mandate from domestic tariff area to international trade also.

What is cause of concern is this intervention of GST department is manual as against the principle of making entire GST system end-to-end digital. This give power in hands of indirect tax officers to monitor exports.

This perhaps is a fundamental error that Government of India have made, against it’s public stance on “Ease of doing business.”

This is a problem for all exporters including those with “export turnover” more than 1 crore and eligible to sign a LUT with GST.

It is more of less like traffic policing the exports on regular basis and heavily increased compliance.

GST has no focus on Software exports

The entire GST law has been written with physical Goods in mind but applied equally to both Goods and Services. Once again Government of India has made a classical mistake. It is an irony that a nation that is known to be power house of Software has not focus of tax authorities on “Software exports”.

The concept of Bank-Guarantee is detrimental to Startup eco-system and SMEs

Startups and SMEs require removal of regulatory barriers for them to grow. GST law has done just the opposite. It requires small exporters and Startups to furnish Bank Guarantees.

GST for supplying to SEZ

SEZs are deemed to be considered outside the customs territory of India. Hence, supplies to SEZ units by exporters in India i.e. DTA will be treated in same manner as exports to clients located outside the country.

Therefore, if a Startup or a Software product company is selling to an SEZ unit, the process will be same as that of exporting.

Conclusions and Recommendations

Government of India has seriously lost focus on “Ease of doing business” agenda, startup policy, SMEs and supporting self-employed professionals while framing GST/IGST laws.

It is recommended that

  1. Government of India should notify a clearly stated policy for Services and Software exports and not mix or generalize with remaining Goods exports.
  2. The GST department should have no or minimum (limited to Digital medium) only in regulating exports of Services and Software
  3. IGST duty and refund mechanism and also Bank-Guarantee or LUT should be done away for Services and Software export. A quarterly and annual reports is enough on digital platform, regulated digitally. In order to bring or include Services exporter under DGFT regulation, IEC can be made mandatory and used to regulate Services trade. IEC is same as PAN now, hence, IEC can be used by all size of exporters.

Build On IndiaStack – Venture Pitch Competition

Announcing ‘Venture Pitch Competition: #BuildOnIndiaStack’

Dalberg and iSPIRT invite applications from early-stage ventures that are tech-
based solutions leveraging the India Stack platform at the core of their business
model to bring financial or transactional services to the underserved in India.
Pitch to some of the leading investors and thinkers in the Indian start-up ecosystem,
including the Bharat Innovations Fund, Omidyar Network and Unitus Seed Fund.
Winners will spend an hour of 'Think Time' – a mentorship session with
technology evangelist Nandan Nilekani.

Who are we looking for?

We are open to all innovations that use the India Stack to unlock new business
models or reach previously underserved new customer segments across sectors
such as financial services, education, healthcare and others. Some core focus areas
for the competition may include digital lending and supporting activities, such as
alternative credit scoring; sector specific affordable digital finance services such as
health insurance or education loans; sector specific digital services such as skilling
and certification, property registration agreements, patient-centric healthcare
management; and SaaS platforms “as a service” that support the development of
other India Stack based innovations such as Digi-locker or e-sign providers.

 

Who is eligible?
All applicants should:
1. Meet the 3-point criteria: tech enabled, leveraging India Stack Platform and
serving the underservedBe

2. Be a part of two (minimum) to four (maximum) members team including the
founder of the companyBe early stage start-ups that have received only seed (or limited angel)

3. Be early stage start-ups that have received only seed (or limited angel)
funding, if at all

 
What is in it for you?
The investor group, comprising of Bharat Innovations Fund, Omidyar Network and
Unitus Seed Fund, is a network of investors and operators, entrepreneurs and
technologists, designers and engineers, academicians and policy makers, with the
singular mission to solve some of India’s toughest problems.

Through this event you have an opportunity to receive:

-Exclusive focus on tech innovations that leverage the India Stack platform
and have the potential to address the underservedFlexible

-Flexible, insight driven, funding of up to Rs. 8 lakhs for early stage, innovative
modelsStrategic

-Strategic business support, through their specialists to support investees in
their strategy and growthA chance to be a part of the India Stack ecosystem through partnerships,

-A chance to be a part of the India Stack ecosystem through partnerships,
pilots, workshops, conferences and network building exercises

Visit www.buildonindiastack.in and send your pitch now.