Guidelines on OSP: Department of Telecommunications

The Government of India on 5th Oct 2020 issued a revised set of guidelines(“Guidelines”) pertaining to the working of Other Service Providers(“OSP”). The said Guidelines are issued in order to reduce the burden of compliances for the industries and to facilitate Work from Home(“WFH”) and Work from Anywhere(“WFA”) policies.

In pursuance to the WFH and WFA policy, the facility of extended agent/remote agent position shall be permitted with the following conditions:

• The agents working from home shall be treated as remote agents of the OSP centres and therefore the interconnection between them is permitted.
• The remote agent is also allowed to work from any place in India.
• The OSP shall be responsible for any violation or trespass pertaining to the toll-bypass.

Further, the types of industries covered by the Guidelines have now been restricted to those who carry out voice-based Business Process Outsourcing(“BPO”) services which is an absolute change from the previous elaborative definition that included the full purview of IT-enabled services.

Furthermore, please note that there are certain general and special dispensations for OSP which are worth mentioning and shall be taken into consideration:

• The most significant is the fact that now the OSP’s no longer require a Registration Certificate from the Department of Telecommunication.
• In lieu of the collection, conversion, carriage and exchange of the PSTN/PLMN/ISDN traffic over the VPN interconnecting different OSP centres is permissible.
• The international OSP’s are now permitted to carry out the aggregated switched voice traffic from their point of presence in a foreign country to their OSP centre situated in India over the leased line.
• Interconnectivity of 2 or more Domestic OPS centres of the same company or group of companies along with interconnectivity of remote agents to the OSP centre is hereby permitted.
• The requirement of furnishing bank guarantee has been eliminated under these guidelines whatsoever.
• Electronic Private Automatic Branch Exchange (“EPABX”) placed at a foreign location in case of international OSP will be allowed. However, the OSP will have to necessarily comply with the requirements of relevant laws of India.

It is pertinent to mention that the Guidelines also elaborates the procedure for sharing of infrastructure between the international OSP and the domestic OSP’s by using the distributed architecture of EPABX and Closed User Group(“CUG”). It is to be noted that sharing of infrastructure by the domestic and international OSP are allowed likewise sharing the EPAXB of international and domestic OSP centre and PSTN lines for office use are permitted subject to the rule that the OSP shall prevent the bypass of the network of the authorized telecom service providers.

Further, OSP’s shall preserve the CDR’s for all the voice traffic carried out by using the distributed architecture of EPABX. Moreover, the OSP’s are now permitted to use the CUG facility for their internal communication requirements.

Security Conditions:

The entities which come under the ambit of the definition of OSP need to comply with a few security conditions and also ensure prevention of toll by-pass at a high level. Set-out below are the major security conditions which need to be complied with.

• Electronic Private Automatic Branch Exchange(EPABX) shall be installed at locations different than the OSP centre and the remote access of all CDR’s, access logs, configurations of EPABX and routing tables shall be necessarily made available on demand of any law enforcing agencies or authorities from at least one of the OSP centres and also the location of EPABX and client’s data centre of domestic OSP shall be within India.
• OSPs shall support the law enforcement authorities in order to help them in tracing any nuisance, obnoxious or malicious calls, messages or communications transported through its equipment and network.
• In case of WFH and/or WFA, the OSP’s shall make sure that the system logs are tamper-proof and the CDR’s and/or logs of all the activities carried out by the extended agent shall be maintained for a minimum time frame of 1(one) year.
• In the event of any infringements such as carriage of objectionable, obscene, unauthorized messages or communication, infringement of Intellectual Property etc in any form on their networks, the OSP shall ensure immediate prevention of such material on the networks.
• OSP’s shall preserve the Call Detail Records(“CDR”) for all the voice traffic carried out using the EPABX. It shall be made possible to view the CDR data along with details of the agent manning the position of remote login to CDR server.