Bridging Innovation with Integrity: Mr. Shahabaz Khan¹ on Telecom Law, Technology Transfer, and Vigilance

The future of IPR in Indian telecom lies in building Standard Essential Patents and being part of global standard-making.

1. You have progressed quickly in your career, advancing to a leadership role in a relatively short time. What do you think contributed most to your growth, and how did you handle the transition to greater responsibilities?

I started off working with one of the pharma companies based out of Hyderabad. I got first-hand experience as to how a private company works within the regulatory compliance framework (in that case, pharma regulatory framework). That experience helped me when I transitioned into a Government Research and Development (R&D) Organisation predominantly working in the telematics/telecom field.

Working in the government sector is quite different from private set up. It took some time for me to settle down. The transition to greater responsibilities has been quite smooth and seamless to be honest. I already started working on high impact projects quite early in my career and therefore the transition to higher grades was seamless for me. My senior colleagues and supervising authorities were particularly helpful in this continuous career growth.

2. As Manager — Legal & Vigilance, you focus on fortifying legal frameworks in the telecom sector. Can you walk us through a significant challenge you faced in aligning these frameworks with regulatory requirements?

The legal and policy frameworks, inter alia, are set out at the apex level by the Digital Communications Commission (Erstwhile Telecom Commission of India). The policies set out there are crucial for realising the socio-economic development of the country. As Manager — Legal in Centre for Development of Telematics (C-DOT), I aim to strike a balance between the rights and obligations of all stakeholders, to be in line with the policies and legal framework set out at the apex level. The interest of the organisation is considered both from a short term as well as in a long-term scenario to ensure the same.

In addition to this, the regulatory regimes of data protection, competition law, procurement guidelines and general principles of law also plays a role in fortifying legal frameworks within the organisation.

3. Your work involves technology transfer and compliance. How do you balance the technical complexities of telecom advancements with the legal and regulatory considerations?

As an R&D Organisation of Department of Telecom, it is devoted to building the nation through development of state-of-the-art indigenous technology. For proliferation and mass deployment of such technology at grass root level, C-DOT enters into “transfer of technology” agreements with several stakeholders.

The technical complexities of the products and solutions are understood from a regulatory perspective and compliance, if any are ensured accordingly. For instance, say a product whose technology has been transferred is required to be produced within the territory of India or that its export is to be strictly monitored as per export control laws and regulations. Accordingly, the obligations are passed on to the technology manufacturing partner.

Thus, the legal and regulatory aspects of the transfer of technology (ToT) agreement(s), is reviewed thoroughly, in terms of rights and obligations of the parties. We also try to take into consideration issues faced by our technology partners to ensure smooth technology transfer without affecting the essential legal framework.

Technology transfer facilitates manufacturing of indigenously developed products and solutions thus facilitating self-sustainable model of innovation and interoperability which in turn boost economic growth of the nation. It encourages indigenous research and development, bridges technology gap and encourages self-reliance within the country’s resources.

4. Given your involvement in IP valuation and licensing, what trends do you see shaping the future of IPR in India, particularly in the telecom sector?

The telecom sector is a highly standardised industry primarily driven by the requirement for interoperability between communication devices. It is intellectual property rights (IPR) intensive in nature and forms the digital backbone of the country, along with information technology.

Accordingly, the intellectual property (IP) valuation and licensing within the telecom sector holds special relevance in shaping the future of IPR in India.

There is no dearth of talent or capability in India with respect to creation of IPR within the telecom sector. While India is among the nations making rapid technological advancements, within the telecom sector, the increase in standard essential patents originating from India is the next trend to catch up on.

It is the right time for Indian telecom ecosystem to create, standard essential patents (SEPs) in the telecom domain. We have already been building indigenous technology, however the trend which can shape the future of IPR in India in the telecom sector is when our Indian organisations will be a part of global standard making process. Presence of India in standards shall not only ensure inflow of royalty in the country but shall establish India as one of the key players in shaping the telecom technologies worldwide.

5. In a vigilance role, maintaining procedural integrity is essential. How do you foster a culture of transparency and compliance within your organisation?

A “procedure” which is fair, just, reasonable and free from arbitrariness goes into the roots of establishing itself as a well-defined “procedure”. Procedure integrity entails that such procedures are established for necessary public functions or are established in public interest and are uniformly applied without any bias.

The vigilance functions in government organisation(s) is overseen by the Central Vigilance Commission (CVC) through its Chief Vigilance Officers (CVO). Other organisation/Commission such as Chief Information Commission (CIC) and Comptroller and Auditor General also ensures a culture of transparency within the government organisation.

I feel that transparency and compliance within an organisation is first and foremost an internal function and it is truly possible only when the organisation itself puts systems such as proactive vigilance, preventive vigilance, punitive/corrective vigilance in place. Organisations should also ensure that no arbitrariness or bias should prevail in implementation of the aforesaid systems.

The culture of transparency is very much possible within government organisations through awareness of staff. The employees themselves should appreciate that the culture of transparency and compliance is not only preferable but necessary in the interest of public at large and in the interest of the organisation itself.

6. Your education at NALSAR, a premier law university, must have played a key role in shaping your legal acumen. What specific skills or values from your time there do you find most useful in your current role?

My education both at Dr Ram Manohar Lohiya National Law University, Lucknow and National Academy of Legal Studies and Research (NALSAR), Hyderabad was instrumental in understanding the law, both in theory and practice. I opted for LLM in NALSAR because of the choice of specialisation(s) it offered (back then). I ended up postgraduating from NALSAR with a dual specialisation in IPR and corporate laws. I am indebted to my teachers in both these law schools. The pedagogy required us to develop research-oriented mindset and to my understanding, it is the most crucial skill in the field of law and has been particularly useful in my current role.

7. Privacy and cybersecurity are growing concerns in telecom. How do you address these challenges while ensuring compliance with both domestic and international standards?

Cybersecurity and privacy in Telecom is an ongoing challenge that requires constant innovation and vigilance. The privacy and cybersecurity concerns require a multilayered approach taking into account the security, compliance and operational efficiency. In the Indian context, it would require regulatory compliance to regulatory laws and rules such as the Digital Personal Data Protection Act, 2023³ along with the recently released Digital Personal Data Protection Rules, 2025; the Information Technology Act, 2000⁴, Indian Computer Emergency Response Team (CERT-In) guidelines, etc.

Within the cybersecurity domain, the organisations have to ensure principles of Zero Trust Architecture, data localisation, data minimisation and end-to-end encryption. The regulatory compliance would include adherence to General Data Protection Regulation (GDPR), Central Consumer Protection Authority (CCPA), the Digital Personal Data Protection Act, 2023 (DPDP), the Information Technology Act, 2000, Telecom Regulatory Authority of India (TRAI) Regulations, Department of Telecom (DoT) directives, CERT-In guidelines, etc. (as and when applicable). In addition to the same telecom network provides some inherent protection such as enhanced encryption, network slicing security, etc.

Some of the initiatives of DoT such as Aadhaar based electronic know your customer (e-KYC), spectrum related reforms, development of dedicated portals such as the “Sanchar Saathi” are proving to be instrumental addressing challenges of cybersecurity at grass root level.

The Digital Personal Data Protection Act, 2023 along with its rules also seems to be promising in safeguarding the privacy rights of stakeholders.

Further, these domains are dynamic in nature and would require a continuous intent of the Government to evolve and ensure appropriate regulatory framework.

8. As a leader in a dynamic sector, how do you mentor and guide your team, especially in navigating the complexities of telecom law and compliance?

The requirement of “regulations”, so to speak, generally do not arise in a sector which is simple and non-dynamic. The nature of the sector being dynamic itself makes it necessary to set up a regulatory system in place.

The telecom sector is certainly dynamic, ever evolving and entails various stakeholders within its domain. Interactions of these stakeholders among each other would itself necessitate regulations from the Government. Not to mention that, “telecom service” provided directly or indirectly to public would require regulation of public services.

The telecom related laws enacted by the Parliament, rules and regulations frame thereunder, the telecom policies (from time-to-time) recommendations of Telecom Regulatory Authority of India, decisions of the Telecom Disputes Settlement and Appellate Tribunal (TDSAT), courts, etc. all form part and parcel of the larger telecom regulatory framework. Of course not all regulations are for everyone to follow. However, it is imperative for anyone who wishes to understand the telecom law landscape in India, that a holistic view of the entire system is to be kept in mind.

There is no other way to navigate the complexity of telecom law and compliance but to go through each such set of law or rule and understand the purpose and intent it purports to achieve. Subsequently, how this purpose fits into the overall architecture of the telecom regulatory set up. If we bring the pieces together, we may as well see the full picture.