Public WiFi sucks in India. There are no two ways about it: whether it’s sign-in pages that don’t load, SMS OTPs that never arrive, or low speeds and high latency, using a public WiFi network is something most of us do reluctantly at best. Given that India is one of the most competitive telecom markets in the world, why haven’t innovative companies stepped up to provide great experiences that fill the gaps in cellular data connectivity? The answer lies in problematic regulations and, strangely enough, a series of bomb blasts in Ahmedabad and Delhi.

Current public WiFi regulations

Around the world, WiFi operates on unlicensed spectrum which is relatively lightly regulated. India is no exception. Until early 2009, there were no specific regulations attaching to what is commonly referred to as ‘public WiFi’, the provision of free or paid WiFi services in public places such as malls, airports, or restaurants. The 2008 bomb blasts in Ahmedabad and Delhi changed that – police traced emails taking responsibility for the attacks to unsecured WiFi connections in Mumbai. Despite the fact that in both cases the unsecured WiFi connections were home or office connections and not really public WiFi, the department of telecom (DoT) in January 2009 issued a set of directions on WiFi. This included a crucial requirement: public WiFi (including free services) had to be secured with a login and password and these could only be provided to a customer after a know-your-customer (KYC) process. The KYC required either collecting and retaining a copy of a person’s photo ID, or providing an SMS OTP on the customer’s mobile number.

The WiFi directions were unfortunately silent on a number of operational details. How long would such a login be valid? Could the user’s KYC and login on one public WiFi network automatically be used to authenticate on another network, allowing for basic interoperability? What about new automatic authentication standards for WiFi that rely on a device’s SIM card or MAC ID?

Separate from the issue of KYC, there are other issues that dog the expansion of public WiFi. Crucially, reselling of telecom services is generally prohibited, which effectively means that anyone who wants to make money by offering public WiFi services effectively needs to obtain an expensive ISP licence, or partner with an ISP. This applies regardless of whether it’s the case of a massive theatre chain allowing moviegoers to connect through its commercial leased line, or merely a kirana store owner operating off her regular BSNL broadband connection. Apart from this, restrictions on sharing of ‘active telecom infrastructure’ left ambiguity about how WiFi routers and access points would be treated even though they operate on unlicensed spectrum.

These regulations have added up to a broken user experience and high barriers to entry, leaving public WiFi in India far below its potential.

What are TRAI and DoT doing about it?

In this case, a lot. A consultation process started by TRAI in 2016 on proliferation of public WiFi was quickly followed by another in the same year on building ‘interoperable and scalable’ public WiFi networks. (For context, nearly 90% of data consumed in India is on mobile data networks and not wired broadband, which is almost the inverse of how it is in the rest of the world.) These processes yielded a flurry of initiatives, including:

– Final TRAI recommendations on proliferation of public WiFi calling for simplified KYC, clarity on sharing of ‘active infrastructure’, and mooting a new commercial model revolving around “public data offices (PDOs)” similar to the erstwhile PCOs, and PDO aggregators, both of which would require a mere registration instead of a cumbersome licence. TRAI’s recommendations on PDOs have subsequently been accepted by the Telecom Commission.
– A ‘public open WiFi pilot’ testing out the PDO model and associated technical architecture.
– The WiFi Access Network Interface (WANI) architecture and specifications, which implements the idea of unbundling KYC, billing, and hardware/software for WiFi access points.
– A Rs 10,000 crore tender for WiFi access points is reportedly going to be issued, to provide last-mile connectivity in villages as part of the BharatNet fibre backbone program.

Taken together, these seem to directly tackle the triple threat of KYC, interoperability and reselling that have hitherto hobbled public WiFi in India. They hold the promise of unleashing entrepreneurship in the form of PDOs, which could be today’s answer to the PCOs of the 1980s and internet cafes of the 1990s. They could form the hub of new electronic service delivery mechanisms, spread digital literacy in rural areas, and also serve as an additional income stream for small businesses. Ubiquitous public WiFi could allow for a seamless experience where a WiFi user at a railway station can cross the street and have her device seamlessly handed over to a neighbouring coffee shop’s WiFi network, all the while being billed automatically and transparently through her mobile wallet or telco. At least one company has already released a WiFi hotspot discovery app that states that it is WANI compliant.

Ambitions versus reality

Taken together, these initiatives lay out a compelling vision. There are a number of issues that would still need to be tackled and potential pitfalls ahead, though.

Traditional telcos are unsurprisingly strongly opposed to the whole idea, citing security issues and “unfair” competition to services over licensed spectrum from those using unlicensed spectrum, in their responses to TRAI’s consultations. They don’t appear to have made much headway though, with TRAI going ahead with pilots and DoT tendering for WiFi access points despite their opposition. After recent amendments to the telco licence allowing for voice-over-WiFi, they also now stand to benefit through the possibility of cellular WiFi offload (allowing cellular voice and data traffic to flow over WiFi networks and their associated fibre broadband connections), which can help relieve the burden on their wireless networks. Their arguments on security and lawful interception appear to ring hollow as well – as long as WiFi access points are required to be secured and maintain logs, lawful interception requirements could likely be fulfilled at the level of the ISPs which ultimately provide the upstream connectivity used by PDOs. However, the battle isn’t over yet: major telcos have taken their battle to the Prime Minister’s Office. This, coupled with a lack of clarity on whether PDOs can resell telecom services, means there is still a chance that telcos could block or hobble the efforts to open up public WiFi.

Separately, the relatively new Virtual Network Operator (VNO) licence was supposed to allow for innovation in last mile connectivity, and resale of telecom services. Companies which have paid for these expensive licences may feel shortchanged at the idea of PDOs and specifically PDO aggregators, who are allowed to do this (albeit only for WiFi) without the need for a costly licence and the heavy burden of spectrum usage charge, annual licence fees, and other telecom levies.

There are technical issues too. Newer and faster WiFi access points run on the 5 GHz wireless band. India, however, is yet to make enough delicensed spectrum available in the 5 GHz band, unlike many other countries. While TRAI has recommended delicensing more 5 GHz spectrum, DoT is yet to accept and implement the proposal. On the commercial side, consumers in India have grown used to free WiFi. Breaking this implicit assumption and convincing them to pay for WiFi could be a challenge.

Typically, technical standards are evolved by technical organisations or industry bodies such as IEEE, the IETF, W3C, or the GSMA. This ensures that standards achieve consensus within the technical and commercial community, and are rigorously tested for flaws and implementation challenges. This process can, of course, be slow, and in some cases beholden to powerful global technology and hardware companies and their commercial interests. The WANI framework, championed directly by the government, is a departure from this process of standard setting, and it remains to be seen how it will function technically and commercially in the real world.

TRAI in this case is directly pushing a specific commercial model in the form of PDOs and PDO aggregators, and specific technical standards and implementations. In an ideal world, the job of a regulator is to set up a neutral regulatory framework that is technology agnostic and allows market forces maximum leeway in evolving commercial models that work. Our world is far from ideal though, and the current approach short-circuits this process in order to achieve quick proliferation, which is a high-risk high-reward strategy. If it works out TRAI will rightfully receive acclaim for a bold initiative, but if it doesn’t it may have to shoulder most of the blame rather than be able to point to market forces or technical problems.

Overall, the trajectory of public WiFi in India over the next few years is worth tracking carefully, especially if TRAI’s regulatory roadmap for the sector is fully cleared. It will be an important indicator to judge the success of the new model for technology innovation and regulatory intervention that appears to be emerging in India (embodied in platforms such as UPI) which aims to foster interoperability, increase competition, and avoid the winner-takes-all dynamic inherent to the technology sector.

---