INDIA
Since April 2015, as amended in March 2018
Pillar Quantitative trade restrictions for ICT goods and online services |
Sub-pillar Other import restrictions, including non-transparent/discriminatory import procedures
Foreign Trade Policy (2015-2010)
As per the Foreign Trade Policy, 2015-2020, India has distinguished between goods that are new and those that are second-hand, remanufactured, refurbished or reconditioned. The country allows the import of second-hand capital goods by end-users without an import license, provided the goods have a residual life of five years. In addition, users are required to present the certificate of an Indian chartered engineer attesting that such spare parts have at least 80% residual life of the original spare part, while second-hand domestic capital goods are not subject to this requirement. Problems reported by industry representatives include excessive details required in the license application, quantity limitations set at specific part numbers, and long delays between application and license issuance. According to a 2018 amendment (DGFT Notification No. 58/2015-2020), second-hand goods imported for repair, refurbishment, reconditioning or re-engineering purposes can be exported back under the customs notification provided that the waste generated during the repair or refurbishment of the imported items is treated in accordance with national environmental laws/regulations/rules/regulations/standards.
Coverage Refurbished computer spare parts
Sources
- https://web.archive.org/web/20211227075438/https://cpcb.nic.in/uploads/hwmd/June_Amendemnet_HOWM.pdf
- https://web.archive.org/web/20190212220509/https://www.eximguru.com/notifications/amendment-in-para-2-31-82672.aspx
- https://web.archive.org/web/20241216171302/https://www.teamleaseregtech.com/updates/article/3343/dgft-amends-import-policy-on-second-hand-goods-imported-for-the-purpose-of-repair-re-furbishing-re-cond...
- Show more...
INDIA
Since July 2020
Pillar Quantitative trade restrictions for ICT goods and online services |
Sub-pillar Other import restrictions, including non-transparent/discriminatory import procedures
Notification No. 22/2015-2020
On 30 July 2020, the Indian Directorate General of Foreign Trade, through Notification No. 22/2015-2020, amended the import policy of colour television sets from "Free" to "Restricted". According to the notification, a license shall be required for imports of these TV sets, including smart TVs.
Coverage Smart TVs
Sources
- https://web.archive.org/web/20230118030837/https://content.dgft.gov.in/Website/dgftprod/b1b48bd4-bcda-4a71-b96c-5ea3c3306760/Notification%2022%20English.pdf
- https://web.archive.org/web/20241128003707/https://www.globaltradealert.org/intervention/80549/import-licensing-requirement/india-imports-of-television-sets-restricted
INDIA
Since October 2012, last amended in July 2021
Pillar Quantitative trade restrictions for ICT goods and online services |
Sub-pillar Other import restrictions, including non-transparent/discriminatory import procedures
Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order, 2021
According to the Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order of 2021, and subsequent notifications, 76 ICT products must undergo registration and labelling prior to being launched in the market. In addition, no person shall manufacture or store for sale, import, sell, or distribute goods that do not conform to the Indian standard specified in the order and do not bear the Standard Mark with a unique registration number obtained from the Bureau of Indian Standards (BIS). BIS grants a license to the manufacturers to use or apply Standard Mark with a unique R-number through registration based on self-declaration of conformity for goods and articles as per Indian Standards. Examples of products subject to the scheme include set-top boxes, amplifiers, laptops/notebooks/tablets, scanners, printers, and mobile phones. It is reported that India has been tightening quality clearances for electronic products from China, which has ended up holding up products such as mobile phones from Chinese companies. While applications to the BIS are typically processed within 15 days, they now take more than two months.
Coverage ICT goods
Sources
- https://web.archive.org/web/20231031054948/https://www.crsbis.in/BIS/products-bis.do
- https://web.archive.org/web/20210126080530/https://gadgets.ndtv.com/mobiles/news/iphone-12-apple-xiaomi-smartphones-india-import-bis-delays-report-2330064
- https://web.archive.org/web/20230320115447/https://www.crsbis.in/BIS/about-crs.do
- https://web.archive.org/web/20220201093858/https://www.crsbis.in/BIS/app_srv/tdc/gl/docs/New_Gazette_Notification_2014_11_13.pdf
- https://web.archive.org/web/20220519064038/https://www.crsbis.in/BIS/app_srv/tdc/gl/docs/Gazette_notification_phase_3_CRO_1.pdf
- Show more...
INDIA
Since May 2019
Pillar Quantitative trade restrictions for ICT goods and online services |
Sub-pillar Other import restrictions, including non-transparent/discriminatory import procedures
Notification No. 5 (2015-2020), 2019
According to Notification No. 5 (2015-2020), the import of goods (new as well as second-hand, whether or not refurbished, repaired, or reconditioned) notified under the Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order of 2021 is prohibited unless they are registered with the Bureau of Indian Standards and comply with its labelling requirements, or on a specific exemption letter from the Ministry of Electronics and Information Technology (MEITY) for a particular consignment.
Coverage Electronic and IT Goods including second-hand computers and mobile phones
INDIA
Since April 2013, last amended in October 2020
Pillar Quantitative trade restrictions for ICT goods and online services |
Sub-pillar Local content requirements (LCRs) on ICT goods for the commercial market
Consolidated Foreign Direct Investment (FDI) Policy Circular of 2020
According to the Consolidated Foreign Direct Investment (FDI) Policy Circular 2020, for any single-brand retail, including e-commerce entities with physical stores in India, foreign investment exceeding 51% is only allowed when 30% of the value of goods purchased is done from India. This requirement was established by the Consolidated Foreign Direct Investment (FDI) Policy Circular 2013. It is reported that India has modified the requirements in recent years, including by allowing firms to offset the local sourcing requirement by sourcing products from India for global supply chains. In addition, despite these modifications, it is reported that the local content requirements remain prohibitive for certain retailers with highly specialised supply chains.
Coverage E-commerce sector
Sources
- https://web.archive.org/web/20230131002741/https://dpiit.gov.in/sites/default/files/FDI-PolicyCircular-2020-29October2020_0.pdf
- https://web.archive.org/web/20241125212008/https://www.mofpi.gov.in/sites/default/files/1-FDI_Policy.pdf
- https://web.archive.org/web/20230919071254/https://ustr.gov/sites/default/files/2022%20National%20Trade%20Estimate%20Report%20on%20Foreign%20Trade%20Barriers.pdf
- Show more...
INDIA
Since August 1992
Pillar Quantitative trade restrictions for ICT goods and online services |
Sub-pillar Export restrictions on ICT goods or online services
Foreign Trade (Development and Regulation) Act 1992
According to the Foreign Trade (Development and Regulation) Act, the export of dual-use items and technologies is either prohibited or permitted under a license. The list of dual-use items also includes electronics, computers, and information technology, including information security.
Coverage Several items including electronics, computers, and information technology (including information security)
Sources
- https://web.archive.org/web/20220620100719/https://content.dgft.gov.in/Website/Foreign_Trade_(Development_&_Regulation)_Act,_1992.pdf
- https://web.archive.org/web/20211130010542/https://content.dgft.gov.in/Website/append3_0.pdf
- https://web.archive.org/web/20191024001249/http://dgftcom.nic.in/exim/2000/scomet/2017/guidelines2017.pdf
- Show more...
INDIA
Since September 2017
Since October 2012, last amended in July 2021
Since October 2012, last amended in July 2021
Pillar Technical standards applied to ICT goods and online services |
Sub-pillar Self-certification for product safety
Telegraph (Amendment) Rules
Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order, 2021
Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order, 2021
In September 2017, India's Ministry of Communications introduced the Telegraph (Amendment) Rules, requiring testing and certification for all telegraph equipment. This led to the implementation of the Mandatory Testing and Certification for Telecom Equipment (MTCTE) procedures in 2019, which mandate local security testing for telecom products. In September 2021, the MTCTE program was expanded to include 175 products, prompting concerns from stakeholders regarding these in-country testing requirements.
Furthermore, the 2021 Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order mandates that manufacturers and importers register and certify their products with Bureau of Indian Standards-accredited laboratories, even if they have already been certified internationally. Expanded to cover 63 product categories, this order has faced criticism for insufficient government testing capacity, a complex registration process, and high compliance costs, including factory-level and component-level testing.
Furthermore, the 2021 Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order mandates that manufacturers and importers register and certify their products with Bureau of Indian Standards-accredited laboratories, even if they have already been certified internationally. Expanded to cover 63 product categories, this order has faced criticism for insufficient government testing capacity, a complex registration process, and high compliance costs, including factory-level and component-level testing.
Coverage Telecom equipment
Sources
- https://web.archive.org/web/20240302203505/https://usof.gov.in/en/act-rules
- https://web.archive.org/web/20231130233756/https://www.mtcte.tec.gov.in/phaseWiseproductsList
- https://web.archive.org/web/20241010042606/https://www.tuv.com/content-media-files/master-content/rs/Attachments/2498_Amendment%20to%20CRO-2021.pdf
- https://web.archive.org/web/20230921075157/https://www.meity.gov.in/esdm/standards
- https://web.archive.org/web/20240330123614/https://ustr.gov/sites/default/files/2024%20NTE%20Report_1.pdf
- Show more...
INDIA
Since May 2011
Since September 2017
Since September 2017
Pillar Technical standards applied to ICT goods and online services |
Sub-pillar Product screening and additional testing requirements
Amendment to the Unified Access Service License Agreement for Security-Related Concerns for the Expansion of Telecom Services in Various Zones of the Country No. 10-15/2011
Telegraph (Amendment) Rules, 2017
Telegraph (Amendment) Rules, 2017
The rules on security clearance for telecom equipment have required that telecom service providers (TSPs) use network elements that have been tested as per contemporary Indian or international security standards. Since April 2013, no certification of network equipment has been undertaken by authorised and certified agencies/labs in India.
Only resident-trained Indian nationals can be employed as executives responsible for certain security checks. There is also a possibility of extensive inspections of hardware, software, design, development and manufacturing facilities, as well as supply chains that might jeopardise intellectual property rights. High fines are imposed in case of non-compliance.
Additionally, since September 2017, India's Telegraph (Amendment) Rules require onerous in-country security testing on all telecom network equipment and products. Previously, such products could be tested and certified in laboratories globally or at manufacturers' in-house laboratories (self-certification). Mandatory testing and certification by Indian laboratories trigger additional costs and unnecessary delays for companies, especially given that the availability of suitable laboratories in India remains unclear. Furthermore, there are concerns about India's compulsory security certification scheme (CRS).
Only resident-trained Indian nationals can be employed as executives responsible for certain security checks. There is also a possibility of extensive inspections of hardware, software, design, development and manufacturing facilities, as well as supply chains that might jeopardise intellectual property rights. High fines are imposed in case of non-compliance.
Additionally, since September 2017, India's Telegraph (Amendment) Rules require onerous in-country security testing on all telecom network equipment and products. Previously, such products could be tested and certified in laboratories globally or at manufacturers' in-house laboratories (self-certification). Mandatory testing and certification by Indian laboratories trigger additional costs and unnecessary delays for companies, especially given that the availability of suitable laboratories in India remains unclear. Furthermore, there are concerns about India's compulsory security certification scheme (CRS).
Coverage Telecom equipment
Sources
- https://web.archive.org/web/20170505113747/http://www.tiaonline.org//sites/default/files/pages/1377%20Report%202013%20-%20TIA%20Submission%20-%20Final.pdf
- https://web.archive.org/web/20211026012142/https://www.ft.com/content/6e5f923a-53b8-11df-aba0-00144feab49a
- https://web.archive.org/web/20230320181616/http://www.tec.gov.in/mandatory-testing-and-certification-of-telecom-equipments-mtcte/
- Show more...
INDIA
Since June 2021
Pillar Technical standards applied to ICT goods and online services |
Sub-pillar Product screening and additional testing requirements
National Security Directive on Telecommunication Sector
The Indian government used to block purchases of telecom equipment from Chinese vendors on national security grounds. The Department of Telecommunications amended its license conditions for mobile service providers and required them to submit all plans for the procurement of telecom equipment from foreign vendors for screening and “security clearance” purposes. Although the amendment did not single out China, it is reported that, in practice, security agencies had been blocking applications involving Chinese vendors.
The aforesaid process is soon to be replaced with a new Directive, which will enter into force in mid-2021. The Department of Telecommunications will declare a list of trusted sources and products for installations in India's telecom network. The methodology to designate trusted products will be devised by the designated authority (National Cyber Security Coordinator). As per the directive, telecom service providers will be required to connect new devices from the list of trusted products. The list of trusted sources and products will be decided based on the approval of a committee headed by the deputy national security advisor. When announcing the directive, the Telecom and IT Minister said that measures will be taken to increase the use of equipment from trusted Indian sources.
The aforesaid process is soon to be replaced with a new Directive, which will enter into force in mid-2021. The Department of Telecommunications will declare a list of trusted sources and products for installations in India's telecom network. The methodology to designate trusted products will be devised by the designated authority (National Cyber Security Coordinator). As per the directive, telecom service providers will be required to connect new devices from the list of trusted products. The list of trusted sources and products will be decided based on the approval of a committee headed by the deputy national security advisor. When announcing the directive, the Telecom and IT Minister said that measures will be taken to increase the use of equipment from trusted Indian sources.
Coverage Telecom equipment
Sources
- https://web.archive.org/web/20230724161832/https://indianexpress.com/article/india/telecom-equipment-china-india-ban-7107663/
- https://web.archive.org/web/20231215214911/https://www.livemint.com/news/india/govt-announces-national-security-directive-on-telecom-sector-for-secure-networks-11608121644450.html
- https://web.archive.org/web/20221225201456/https://dot.gov.in/sites/default/files/Brief%20on%20launch%20of%20Trusted%20Telecom%20Portal-1.pdf?download=1
- Show more...
INDIA
Since January 2015
Pillar Quantitative trade restrictions for ICT goods and online services |
Sub-pillar Import ban applied on ICT goods or online services
Notification No. 107/(RE-2013)/2009-2014
According to Notification No. 107/(RE-2013)/2009-2014, GSM mobile handsets’ with duplicate International Mobile Equipment Identity Number (IMEI) or fake IMEI & ‘CDMA mobile handsets’ with duplicate Electronic Serial Number (ESN)/ mobile equipment identifier (MEID) or fake ESN/MEID are added to the list of ‘Prohibited’ items for import. The Government has taken over from a private agency to issue and manage IMEI allocation for mobile phones in India.
Coverage Mobile Phones - 4 digit code 8517
INDIA
Since July 2005, last amended in October 2023
Pillar Domestic data policies |
Sub-pillar Minimum period for data retention
The Prevention of Money-Laundering (Maintenance of Records) Rules, 2005
According to Section 3 of The Prevention of Money-Laundering (Maintenance of Records) Rules, banking information must be stored for 10 years "from the date of cessation of the transactions between the client and the banking company, financial institution or intermediary, as the case may be".
Coverage Banking companies and financial institutions
INDIA
Since December 2015
Pillar Domestic data policies |
Sub-pillar Minimum period for data retention
Securities and Exchange Board of India (Listing Obligations and Disclosure Requirements) Regulations, 2015
As per the Securities and Exchange Board of India (Listing Obligations and Disclosure Requirements) Regulations, a listed entity (i.e. an entity which is listed on the stock market) is required to have a policy for the preservation of documents. The SEBI Listing Regulations require that records, books, papers and documents of the company be preserved as per the following classifications:
- Schedule I - to be preserved permanently. Documents listed under this schedule include incorporation documents, share certificates, register of minutes of board meetings, register of members, etc.
- Schedule II – to be preserved for eight years. Documents listed under this schedule include books of accounts, attendance register of board meetings, register for debenture holders, etc.
- Schedule III – to be preserved for a minimum period of five years or such higher period as may be determined by the board of directors of the company. Documents listed under this schedule include a register of stock options, a register of directors and key managerial personnel, disclosures made under applicable company laws, etc.
As per the SEBI Listing Regulations, documents set out in Schedule I and II can be kept in electronic mode. The complete list of documents under each schedule is set out in the SEBI Listing Regulations.
- Schedule I - to be preserved permanently. Documents listed under this schedule include incorporation documents, share certificates, register of minutes of board meetings, register of members, etc.
- Schedule II – to be preserved for eight years. Documents listed under this schedule include books of accounts, attendance register of board meetings, register for debenture holders, etc.
- Schedule III – to be preserved for a minimum period of five years or such higher period as may be determined by the board of directors of the company. Documents listed under this schedule include a register of stock options, a register of directors and key managerial personnel, disclosures made under applicable company laws, etc.
As per the SEBI Listing Regulations, documents set out in Schedule I and II can be kept in electronic mode. The complete list of documents under each schedule is set out in the SEBI Listing Regulations.
Coverage Listed (Public) Companies
INDIA
Since February 2021
Pillar Domestic data policies |
Sub-pillar Requirement to perform a Data Protection Impact Assessment (DPIA) or have a data protection officer (DPO)
Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021
Under Rule 4 of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules of 2021, a "significant" social media intermediary (defined as a social media intermediary having number of registered users in India above 5,000,000) must appoint a Chief Compliance Officer who must ensure compliance with the Rules and will be liable in any proceedings relating to any relevant third-party information, data or communication link made available or hosted by that intermediary where he/she fails to ensure that such intermediary observes due diligence while discharging its duties under the Rules.
Coverage Significant social media intermediaries
INDIA
Since June 2000, as amended in October 2009, last amended in August 2023
Since October 2009
Since October 2009
Since October 2009
Since October 2009
Pillar Domestic data policies |
Sub-pillar Requirement to allow the government to access personal data collected
Information Technology Act, 2000
The Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009
Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic Data or Information) Rules, 2009
The Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009
Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic Data or Information) Rules, 2009
Under Section 69 of the Information Technology Act, both central and state governments are empowered to instruct any government agency to intercept, monitor, or decrypt electronic information. This authority can be exercised on the following grounds: in the interest of India's sovereignty or integrity; for the security of the State; to maintain friendly relations with foreign states; for public order; or to prevent or investigate the commission of an offence. Additionally, under Section 69B, the government is authorised to permit any agency to monitor and collect traffic data or information exchanged through a computer resource.
The Information Technology (Procedure and Safeguards for Interception, Monitoring, and Decryption of Information) Rules of 2009 and the Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic Data or Information) Rules of 2009, both promulgated under the Information Technology Act, provide procedural guidelines for carrying out such interception and monitoring. For example, Rule 3 of the latter Rules permits the collection and/or monitoring of traffic data or information via a computer resource for several purposes, including: forecasting imminent cyber incidents; monitoring network applications; identifying and determining viruses or computer contaminants; tracking cybersecurity breaches or incidents; identifying individuals who have breached or are suspected of breaching cybersecurity measures; conducting forensic analyses as part of investigations or internal audits of information security practices; accessing stored data for the enforcement of cybersecurity law; or addressing any other cybersecurity-related issues.
The Information Technology (Procedure and Safeguards for Interception, Monitoring, and Decryption of Information) Rules of 2009 and the Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic Data or Information) Rules of 2009, both promulgated under the Information Technology Act, provide procedural guidelines for carrying out such interception and monitoring. For example, Rule 3 of the latter Rules permits the collection and/or monitoring of traffic data or information via a computer resource for several purposes, including: forecasting imminent cyber incidents; monitoring network applications; identifying and determining viruses or computer contaminants; tracking cybersecurity breaches or incidents; identifying individuals who have breached or are suspected of breaching cybersecurity measures; conducting forensic analyses as part of investigations or internal audits of information security practices; accessing stored data for the enforcement of cybersecurity law; or addressing any other cybersecurity-related issues.
Coverage Horizontal
Sources
- https://web.archive.org/web/20211115020524/https://www.indiacode.nic.in/bitstream/123456789/1999/3/A2000-21.pdf
- https://web.archive.org/web/20231005133242/https://www.meity.gov.in/writereaddata/files/Information%20Technology%20(Procedure%20and%20Safeguards%20for%20Interception,%20Monitoring%20and%20Decryption%2...
- https://web.archive.org/web/20221223012141/https://upload.indiacode.nic.in/showfile?actid=AC_CEN_45_76_00001_200021_1517807324077&type=rule&filename=ru_cen_45_0_00028_1519711141735.pdf
- https://www.dataguidance.com/notes/india-third-country-assessment
- https://web.archive.org/web/20231221030143/https://www.gp-digital.org/world-map-of-encryption/
- Show more...
INDIA
Since July 1885, last amended in December 2015
Since October 1951, last amended in August 2023
Since October 1951, last amended in August 2023
Pillar Domestic data policies |
Sub-pillar Requirement to allow the government to access personal data collected
Telegraph Act, 1885
Telegraph Rules
Telegraph Rules
Pursuant to Section 5 of the Telegraph Act and the Telegraph Rules, the Government has the power to temporarily possess licensed telegraphs and order the interception or disclosure of messages sent through such devices. The definition of a telegraph is fairly wide: it means any appliance, instrument, material, or apparatus used (or that is capable of being used) for transmission or reception of signs, signals, writing, images, and sounds or intelligence of any nature by wire, visual, or other electromagnetic emissions, radio waves or Hertzian waves, or galvanic, electric, or magnetic means. It is not clear whether a court order is required to access the data.
Coverage Horizontal
Sources
- https://web.archive.org/web/20220214215829/https://dot.gov.in/actrules/indian-telegraph-act-1885
- https://web.archive.org/web/20191009060105/https://dot.gov.in/act-rules-content/2430
- https://web.archive.org/web/20211207203447/https://dot.gov.in/sites/default/files/358%20GI-2014%20dated%208.2.2014_6.pdf?download=1
- https://www.dataguidance.com/notes/india-third-country-assessment
- Show more...