The Broadband India Forum (BIF), an influential industry body representing major technology firms such as Meta and Google, has raised significant legal concerns regarding the government’s recent SIM binding mandate. In a letter addressed to Amit Agrawal, the Secretary of the Department of Telecom (DoT), BIF referenced a senior counsel’s opinion that deemed the directive “ultra vires the parent legislation” and “unconstitutional.” This legal assessment specifically critiques the Telecommunications (Telecom Cyber Security) Amendment Rules, 2025, and the government’s recent SIM binding directives, arguing that they exceed the authority granted by the Telecommunications Act of 2023.
Legal Implications of SIM Binding
The crux of the matter lies in a directive issued by the central government last November, which mandates that app-based communication services—such as WhatsApp, Signal, and Telegram—must maintain a continuous link to a user’s active SIM card. Union Telecom Minister Jyotiraditya Scindia has reiterated that the decision regarding SIM binding will remain unchanged, emphasizing that national security issues warrant no compromise.
In its correspondence with the DoT, BIF articulated its position, stating, “While the intended objective of these amended rules is well understood and appreciated, any regulatory intervention must adhere to the principles of due process and proportionality, and must remain within the statutory framework of the governing legislation, namely The Telecommunications Act, 2023.” The industry body underscored that the legal opinion it received concluded that the amendment rules and corresponding directives are not only “ultra vires” but also unconstitutional.
BIF further elaborated that the introduction of Telecommunication Identifier User Entities (TIUEs), which are classified as non-authorized entities, significantly alters the scope of telecom regulation. This change, they argue, extends the statutory reach of the Act through delegated legislation, which is not permissible. The opinion suggests that allowing TIUEs to utilize telecommunication identifiers misinterprets the Act’s original intent, which restricts the lawful allocation and use of such identifiers to authorized entities only.
Moreover, the legal opinion points out that the amendment rules and directives create a regulatory convergence without the necessary statutory harmonization. This situation could lead to conflicts with existing legal frameworks, including the Information Technology Act and the Digital Personal Data Protection Act. BIF warns that extending telecom regulations to digital platforms via delegated legislation risks creating overlapping jurisdictions and inconsistent compliance burdens across sectors.
In its letter, BIF summarized the legal opinion’s findings, stating, “Taken cumulatively, the Amendment Rules and the Directions represent an impermissible enlargement of delegated authority under the Telecom Act and a departure from the authorization-centric architecture of the Act.” While acknowledging the importance of addressing digital identity governance and platform authentication, BIF insists that these issues should be managed within appropriate statutory frameworks rather than through an expansion of telecom law via subordinate instruments.
The industry body also emphasized that the application-level reference to a mobile number by a TIUE is derivative and does not fall within the scope of telecom services as defined by the Act. Therefore, it does not constitute a statutory ‘use’ of a telecommunication identifier as outlined in the relevant sections of the Telecom Act.
BIF concluded that the concerns raised in the legal opinion are not merely about combating cybercrime—an objective they fully support—but rather about the legal framework through which such measures are implemented. They advocate for a regulatory structure that is firmly anchored in the parent statute to avoid unnecessary legal ambiguities, particularly given the far-reaching technological and economic implications.
Despite these challenges, BIF remains committed to engaging constructively with the DoT and supporting initiatives that effectively combat digital fraud within a constitutionally sound framework. The government’s directive, if implemented, would fundamentally alter how users access messaging services like WhatsApp, Telegram, and others in India, requiring an active SIM card for functionality. The DoT has justified this directive by citing concerns over telecom cyber security and the misuse of telecommunication identifiers for cyber fraud, asserting that such measures are essential to safeguard the integrity of the telecom ecosystem.
