Governing Digital India: A Report on Institutions and Instruments

Executive Summary

Introduction

The digital ecosystem is complex, comprising both physical and virtual infrastructure as well as applications and services. The physical infrastructure includes connectivity—both wired and wireless—in the form of cables, mobile towers, and satellites; telephone exchanges and master switching centres (MSCs); data centres; and consumer equipment such as fixed-line phones, television (TV) sets, computers, closed-circuit television cameras (CCTVs), sensors, and mobile devices—both smartphones and feature phones. The virtual space encompasses digitised services, applications, and content in various forms, including emails, webpages, music, videos, instant messages, and more.

The governance ecosystem guiding its conduct is equally complex. A host of stakeholders—government ministries and departments, regulatory agencies, non-governmental and semi-governmental organisations, as well as individuals, communities, and associations—all influence its governance and regulation and, in turn, are impacted by the same.

The activities within and around the digital ecosystem can be classified under three broad categories: Carriage, Content, and Conduct—the 3Cs framework proposed in this report. Carriage refers to the underlying infrastructure over which content travels, using both wireline and wireless technologies. Wireline could be copper, optical fibre or coaxial cable, while wireless could be cellular, Wi-Fi, point-to-point links, and even satellite, among many other modes and technologies. Content includes data, voice and video, but could potentially also include touch, smell, and even taste. Conduct has multiple dimensions, such as competition, data protection, artificial intelligence (AI), cybersecurity, and sustainability, but could also include aspects such as quality of service (QoS) and data governance.

In the Indian context, multiple institutions govern conduct in distinct yet interconnected areas. Competition is governed by the Ministry of Corporate Affairs (MCA), the Competition Commission of India (CCI), and the Telecom Regulatory Authority of India (TRAI). Data protection and AI governance are primarily managed by the Ministry of Electronics and Information Technology (MeitY), although AI oversight is shared among several bodies, including the National Institution for Transforming India (NITI) Aayog, the Department for Promotion of Industry and Internal Trade (DPIIT), the Prime Minister’s Economic Advisory Council, and the Ministry of Consumer Affairs. Cybersecurity is governed by four key institutions: the National Security Council Secretariat (NSCS), the Department of Telecommunications (DoT), MeitY, and the Ministry of Home Affairs (MHA), reflecting its critical importance to national security. Sustainability considerations in the digital sphere fall under the Ministry of Environment, Forest, and Climate Change (MoEFCC), as well as MeitY. This multi-stakeholder framework highlights the complex and cross-cutting nature of digital governance in India.

The actions of the stakeholders concerning the digital ecosystem are naturally coming under increasing scrutiny due to their proximate, second- and third-order impacts within the broader political economy, societal context, and environmental concerns. A fragmented and unclear regulatory environment creates uncertainty for businesses, discouraging growth and potentially stifling the development of new digital services. A clear understanding of the institutional landscape helps assess how future-ready this ecosystem is for fostering innovation and serving the needs of a diverse society and rapidly growing economy with ever-evolving aspirations.

Contextualising India’s Digital Ecosystem

India’s digital ecosystem presents a fascinating mix of established traditional media alongside a rapidly growing digital landscape dominated by mobile connectivity, social media, and regional language content. As the nation embraces new technologies such as the Internet of Things (IoT), quantum computing, and AI, it also needs to address issues around the convergence of telecommunications, broadcasting, and information technology (IT), as well as newer challenges such as cybersecurity and competition concerns.

Institutions and instruments for the digital ecosystem have been evolving since their debut in the middle of the nineteenth century in response to technological advances and changes in the broader society, economy, and polity. While the Central government has enacted the Information Technology Act (ITA), 2000, and the Digital Personal Data Protection Act (DPDPA), 2023, every state government and Union Territory in the country has an IT Department and at least one IT policy or variant thereof. A range of entities regulate or oversee elements of the digital ecosystem, including the TRAI, the Reserve Bank of India (RBI), CCI, and the Unique Identification Authority of India (UIDAI), to name just a few. Many other ministries and departments in the Central government also have interests in this domain, including, but not limited to, the ministries of Home Affairs, Defence, Health and Family Welfare, External Affairs, and NITI Aayog. The division of responsibilities and activities has evolved, guided by historical factors, technological imperatives, and idiosyncratic influences stemming from the institutions and personalities involved in the process. Driven by the division of work across various ministries and departments, technological advancements, continuous changes within the political economy and socio cultural context, and globalisation, various institutions have been established or restructured all along. Similarly, different instruments have been introduced at various times.

Gaps and Overlaps

This situation inevitably leads to parallel, often uncoordinated efforts, resulting in incongruous and inconsistent outcomes. Besides the wastage of limited public resources, they may lead to confusion and occasionally prolonged litigation for the resolution of inter-agency contestations. Moreover, with rapid advancements in technology, business models, and the expanding role of the digital ecosystem in all aspects of life, it is crucial to examine whether the current institutional architecture and its framework of instruments are future-ready, given the rapid pace of digitisation and digitalisation with increasing breadth and depth everywhere. The digital economy thrives on the convergence of telecom, broadcasting, and IT. However, the blurring of boundaries across these previously distinct verticals is not only creating new and exciting opportunities but also a complex web of challenges. These challenges include inadequate state capacity, ambiguity around ownership and accountability of certain subject matter, difficulties in doing business, confusion for stakeholders, regulatory overreach, and the opportunity cost to the ecosystem.

Such regulatory gaps and overlaps cause uncertainty and confusion among stakeholders unless they are addressed in a timely, resolute, and skilful manner. Agile institutions and responsive instruments can minimise their adverse impact on the ecosystem, even if they cannot be completely mitigated. These gaps and overlaps are not unique to India, as other countries have also faced similar challenges with the rapid evolution of the digital domain.

Global Benchmarking

Policymakers’ approaches differ significantly across countries and over time with respect to institutions and instruments for the digital ecosystem. For example, the United States (US) has historically favoured a laissez-faire, market-first, techno-capitalist approach, encouraging its home-grown companies to become global leaders through a liberal trade policy on technology exports, which has led to wider global adoption. The European Union (EU), on the other hand, tends to prioritise individual rights within the context of digital sovereignty by adopting prescriptive regulations that allegedly impose a high compliance burden on foreign companies operating there. China is emerging as a strong technology innovator and a lynchpin in global value chains, adopting legislation and regulations that allegedly enable control and surveillance by the state. Although not explicitly articulated in any policy document, India seems to be adopting a fourth way, sometimes called “techno-nationalism”, using technology for inclusive, equitable, and sustainable development and exporting its model of digital public infrastructure. At the same time, it seeks to provide regulated flexibility and controlled freedom to global companies while retaining its global leadership as an outsourcing hub.

Notwithstanding several new pieces of legislation and regulations—some already enacted or enforced, others proposed or evolving—the existing governance and regulatory framework deserves a holistic review and necessary revision. This is essential to ensure that India does not miss out on potential benefits while adequately and effectively mitigating challenges. The time is therefore ripe to imbibe relevant lessons from global best practices and to reimagine public institutions and policy instruments within the Indian context.

Re-imagining Institutions and Instruments in India

The convergence of technologies presents significant regulatory challenges. The traditional boundaries between sectors such as telecommunications, broadcasting, and IT are blurring, creating overlaps and inconsistencies in existing regulatory frameworks. This convergence necessitates a re-evaluation of how different instruments and institutions, each with its specific mandate, interact and coordinate. The multiplicity of governing bodies, each with its sector-specific focus, can lead to fragmented regulation, hindering innovation and creating uncertainty for businesses operating in the converged digital space. This challenge is further complicated by the rapid pace of technological change, which often outstrips the ability of regulators to adapt and create appropriate rules.

Broadly, there are three options, and, of course, several possibilities in between, each with its promises and perils.

Status quo approach: This option maintains the current fragmented landscape by leveraging established systems and expertise within each agency dedicated to telecom, broadcasting, and IT. This approach preserves a system in which separate ministries and their departments or agencies oversee distinct or similar sectors. The DoT oversees wired and wireless infrastructure for telecom. The MIB oversees content on TV channels and over-the-top (OTT) content. MeitY regulates cybersecurity and data protection. For the continuation of this approach, it is critical to improve the information-sharing mechanism across the large and disparate ecosystems. Moreover, a coordinating mechanism is essential if challenges related to gaps and overlaps are to be addressed in a timely and resolute manner. Finally, when new opportunities arise, the establishment of a single unifying entity needs to be considered.

Separate ministries for carriage and content: Instead of the three incumbent ministries, another option is to create two vertical ministries—one dealing with “carriage” and the other with “content.” While policymaking should remain with the respective ministries, licensing or authorisation should be transferred to the statutory regulator, just as happens within the realm of financial services.

The benefit of this approach is that it eliminates the distinction between telecommunications and broadcasting. Furthermore, the regulation of content is consolidated into a separate, single entity. This has the potential to address challenges arising from parallel regimes in both carriage and content. The critical issue here would be the ability of the two power centres to work cooperatively, as any coordination-related stresses could quickly escalate into delays and gaps.

One ministry, one law, one regulator, one tribunal: The third option is to integrate telecoms, broadcasting, and IT under a single ministry, such as the Ministry of Digital Ecosystem (MoDE). Both carriage and content could be governed by a single piece of legislation. Additionally, there could be a single statutory regulator and a specialised tribunal dealing with all these domains. A single unified legislation covering both content and carriage would eliminate the confusion and potential conflicts arising from separate regulations. This could foster collaboration between content creators and carriers, potentially leading to faster innovation and more efficient service delivery.

However, such a comprehensive approach presents its challenges, as it could concentrate too much power in a single institution. Regardless of the path taken, the importance of the role of state governments requires a coordination mechanism. Moreover, local governments—both gram panchayats and urban local bodies—should be proactively leveraged for community engagement and for resolving local issues such as right-of-way, route alignment, network topology, and local prioritisation. This would require an enabling mechanism, which could be created at NITI Aayog.

Finally, it will not be easy to develop and implement pathways for transitioning to the new architecture for existing licences, registrations, and authorisations that are legally tenable and universally acceptable. However, they will need to be put in place, and the sooner this is achieved, the more rapid, robust and resilient India’s digital journey will be.