India AI Impact Summit Insights
All sessions

Building India’s Digital and Industrial Future with AI

Contents

Executive Summary

This GSMA summit panel explores how telecom networks are evolving from passive connectivity providers into intelligent, trustworthy infrastructure layers that power India's Digital Public Infrastructure (DPI) at scale. The discussion centers on three interlocking challenges: ensuring networks become genuine DPI contributors through AI integration, defining data sovereignty pragmatically in a globalized AI era, and establishing standards and blueprints that allow emerging economies to adopt India's proven model without technological isolation or imperial dependency.

Key Takeaways

  1. Telecom networks are now active participants in governance, not just pipes. Their role in DPI extends beyond connectivity to providing real-time contextual intelligence for fraud prevention, lending, and identity verification at scale. This makes them critical strategic infrastructure requiring genuine sovereignty.

  2. Data sovereignty is multidimensional and cannot be solved by data residency alone. True sovereignty requires control of the control plane, operational autonomy, jurisdictional immunity, and strategic choice about which data is critical. Operators must build capabilities to manage sensitive data independently, not outsource it to foreign hyperscalers.

  3. India's open, IP-free DPI model is a credible, non-extractive alternative for the Global South. Unlike proprietary technology solutions, India's approach enables genuine sovereignty through interoperable, adaptable frameworks. This soft power advantage requires sustained institutional capacity-building and multilateral engagement.

  4. Avoid creating parallel digital infrastructure through siloed public and private systems. Integration through open APIs, collaborative platforms, and clear governance structures builds trust, efficiency, and innovation. Fragmentation creates regulatory arbitrage and security vulnerabilities.

  5. Regulatory frameworks must shift from prescriptive standards to adaptive blueprints and playbooks. Given AI's rapid evolution, regulators should co-create flexible frameworks with industry that embody principles (explainability, accountability, reasonableness) rather than prescribe specific technical implementations.

Key Topics Covered

  • Telecom Networks as DPI Infrastructure: Evolution from connectivity to intelligent, decision-making platforms; network capabilities in identity verification, fraud prevention, payments, and emergency response
  • Data Sovereignty Redefined: Distinction between data localization, digital control, operational control, and jurisdictional sovereignty; practical implications for cloud adoption and AI systems
  • Standards vs. Blueprints: Difference between prescriptive standards (necessary for network interoperability) and flexible blueprints (adaptable for country-specific DPI implementation)
  • Avoiding Parallel Infrastructures: Preventing duplication between operator-built capabilities and government DPI layers through open APIs and collaborative governance
  • AI-Driven Networks & Regulation: Emerging policy frictions around explainability, accountability, and reasonableness in AI systems; need for playbooks and frameworks rather than rigid standards
  • India's Global DPI Model: How India's open, non-proprietary, IP-free DPI approach differs from commercial technology solutions and serves as soft diplomacy for the Global South
  • Public-Private Convergence: Building trust, efficiency, and innovation through integration of public sector DPI and private sector telecom capabilities
  • Contextual Data Enrichment: Using telecom-generated contextual data (location, call patterns, behavioral signals) to improve fraud detection, lending decisions, and service delivery without violating privacy

Key Points & Insights

  1. Telecom Networks Are Now Decision-Making Infrastructure: Networks no longer sit passively in the background. They now provide real-time context for authentication, fraud prevention, and lending decisions—processing 28 lakh crores (~$3.3B USD) daily through UPI alone, underpinned by over 1 million cell sites and 500 lakh kilometers of fiber.

  2. Data Sovereignty Has Four Dimensions, Not One: True sovereignty requires control across data residency (physical location), digital control (control plane within country), operational control (ability to patch/upgrade locally), and jurisdictional sovereignty (immunity from foreign legal claims like the US Cloud Act). No single hyperscaler cloud meets all four.

  3. Operators Are Building Sovereign Cloud Alternatives: Telecom operators (Airtel, Deutsche Telekom) are launching proprietary sovereign cloud offerings specifically because they already manage sensitive citizen data (KYC, health records, defense data) and recognize that critical national data should not reside with foreign entities, even if housed physically in-country.

  4. Open APIs and Collaborative Platforms Prevent Fragmentation: The three-four major Indian telecom operators work on converged platforms (e.g., Digital Intelligence Platform, Fraud Risk Indicators exposed via open APIs) to enrich data context for banks and financial institutions, avoiding siloed systems that create vulnerability and inefficiency.

  5. India's DPI Model Is Non-Proprietary and IP-Free—A Soft Power Advantage: Unlike commercial technology solutions, India's DPI (UPI, Aadhaar, digital identity frameworks) has no IPRs, licensing fees, or vendor lock-in, making it genuinely adoptable by the Global South. This is backed by institutional capacity-building through think tanks (RIS, ICWA) and active multilateral engagement.

  6. Standards and Blueprints Serve Different Purposes: Standards (like those from GSMA, ISO, ITU) are prescriptive and necessary for network interoperability; blueprints (like World Bank's DPI Development Report) are principle-driven and adaptable, allowing countries to apply best practices contextually without imposing one-size-fits-all solutions.

  7. Regulatory Frameworks Must Evolve Faster Than AI Deployment: Existing telecom licenses, data privacy laws, and digital intermediary rules don't adequately address AI-driven decision-making. Regulators need to co-create playbooks and adaptive frameworks (not rigid standards) that balance explainability, security, innovation, and reasonableness.

  8. Contextual Data Enrichment Requires Collaborative Governance: Telecom operators can provide behavioral context (e.g., call location, transaction frequency) that enables banks to make faster lending and fraud decisions, but this requires transparent data-sharing agreements and clear purpose limitation—not unilateral operator monetization.

  9. India Cannot Be Both a Global Outsourcing Hub and a Data Fortress: There's a "datomy" (data autonomy paradox): if India expects global data to be processed domestically but refuses to allow Indian data to flow outward for business, growth, and innovation purposes, it creates an asymmetry that stunts economic potential and contradicts India's 30-year success as a data processing hub.

  10. AI Commons and Efficiency-Focused Development Are Emerging Priorities: Beyond responsible/reasonable AI, the Global South is also focused on resource efficiency (energy, water, materials) and ecological footprint. India's DPI philosophy aligns with "Life for Environment" principles—designing digital systems for minimal environmental cost and maximum inclusion.

Notable Quotes or Statements

"It's not the problem of your data being insecure with Aadhaar. The problem is how the government is managing the data. For example, telecom operators are required to share subscriber data every month in physical copies—that's the problem, not the digital aspect." — Rahul (Airtel, Chief Regulatory Officer)

"Data sovereignty is not about controlling standards; it's about contributing to standards. Rather than controlling, the effort should be to contribute as a participant and evolve it collaboratively. You can't have everything your own way in a globalized world; there's always give and take." — Deepak Maheshwari (CSEP, Center for Social and Economic Progress)

"Walls are two-way isolations. If we create walls saying 'India's data cannot go outside' but expect outside data to continue coming in, there's a datomy—a contradiction. In fluid dynamics, walls allow one-way traffic, not two-way." — Deepak Maheshwari

"India's DPI has no IPRs, no licensing fees, no vendor lock-in. Countries can adopt it and change it the way they wish. That's a very strong distinction compared to companies offering proprietary technology solutions." — Deepak Maheshwari

"AI rests on data. We cannot make the right decisions on data if we cannot really control it in the proper sense. That's why operators are building sovereign cloud offerings—to maintain control over critical national datasets." — Rahul (Airtel)

"When you're building systems, you want to bring operational ideas and principles but not be prescriptive about how they need to work. Standards are prescriptive; blueprints are flexible." — Mani (World Bank)

"For too long, India has been in a sphere where it's supposed to give and not take anything. On data embassies and reciprocal data frameworks, that has to change. It cannot be just India leading this." — Deepak Maheshwari

Speakers & Organizations Mentioned

Core Panelists

  • Julian Gman – Head of APAC, GSMA (Global System for Mobile Communications Association)
  • Rahul – Chief Regulatory Officer, Airtel (Bharti Airtel Limited)
  • Matan – Vphone Ideas / Boron Idea (regulatory and business perspective)
  • Deepak Maheshwari – Center for Social and Economic Progress (CSEP); former member of MeitY AI Committee (2018)
  • Mani – World Bank; works on Digital Public Infrastructure, G2P, and fast payments

Organizations & Institutions Referenced

  • GSMA – Global organization representing mobile operators and ecosystem
  • Airtel (ATL, Bharti Airtel) – Indian telecom operator; launched sovereign cloud offering 6 months prior
  • NPCI (National Payments Corporation of India) – UPI operator; Matan's previous affiliation
  • World Bank – Developed DPI Development Report and DPI frameworks; working on digital development strategies
  • RIS (Research and Information Systems) – Think tank under Ministry of External Affairs
  • ICWA (Indian Council of World Affairs) – Soft diplomacy and intellectual framework development
  • CCP (Canadian Contemporary People) / CGIP – Publishing policy briefs on Global South AI pivot
  • Department of Telecom (DoT) – Indian government regulator; recently began exploring mobile data utilization for planning and mobility
  • IRCTC (Indian Railway Catering and Tourism Corporation) – Mentioned as example of unnecessary data collection (marital status fields)
  • DPDP Act – Data Protection and Privacy law in India (recently enacted); clarifies data purpose and localization
  • BIS (Bank for International Settlements) – Collaborating on fintech and fast payment systems
  • ISO, ITU, CGPP – International standards bodies referenced for participation and contribution

Technical Concepts & Resources

Frameworks & Models

  • Digital Public Infrastructure (DPI): Open, interoperable, scalable digital systems enabling identity, payments, and citizen services at population scale
  • Three DPI Principles: Scale, innovation, public purpose
  • DPI "C" Framework (from Deepak's report): Carriage (networks), Content (data flowing), Conduct (how things are done)
  • EOSS Framework – Proposed framework for global DPI interoperability focusing on security and interoperability (Deepak Maheshwari, 2021)
  • Blueprints vs. Standards: Blueprints are principle-driven and adaptable; standards are prescriptive and universally applicable
  • DPI Inbox – Airtel solution bundling hardware, software, and air-gapped cloud to enable DPI implementation in African contexts

Technical Infrastructure Components

  • UPI (Unified Payments Interface): Processed 28 lakh crores rupees (~$3.3B USD) in January alone; built on telecom connectivity layer
  • Aadhaar-Enabled Payment System (AePS): Over 500 million rupees transacted; enabled through sub-2-millisecond latency connectivity
  • Digital Intelligence Platform (DIP): Converged telecom operator data provided to financial institutions via open APIs
  • Fraud Risk Indicators (FRI): Exposed via open APIs to enable banks to assess credit and fraud risk
  • Spam/Scam Protection Solutions: Three-layer approach—suspected spam warnings, fraudulent link blocking (using Google, OpenFish, Mavenir databases), and friction-based OTP interception alerts

Regulatory & Data Governance

  • Digital Personal Data Protection Act (DPDP) – India's privacy law; clarifies data purpose and localization requirements; designated TSPs as Significant Data Fiduciaries
  • Unified License (UL) – Framework governing telecom service providers
  • Digital Intermediary Regulations – India; applies to platforms intermediating user-generated content
  • US Cloud Act – US legislation allowing government to demand data from US companies; cited as example of jurisdictional sovereignty risk
  • Data Sovereignty Dimensions (Rahul's framework):
    1. Data residency (physical location)
    2. Digital control (control plane location)
    3. Operational control (patch/upgrade authority)
    4. Jurisdictional sovereignty (legal immunity)

Technology & Standards Referenced

  • GSMA Open Gateway APIs – Open, standardized interfaces for mobile network capabilities; many now certified
  • Quantum Computing – Mentioned as emerging area Aadhaar is exploring for cryptographic resilience
  • Blockchain – Referenced in audience question on privacy-preserving identity (Aadhaar Ring concept)
  • AI Explainability & Accountability – Key regulatory requirement; linked to "reasonable AI" and "responsible AI" concepts
  • Edge Computing & AI at the Edge – Networks shaping AI model performance through edge optimization

Key Metrics & Scale Indicators

  • 1 million+ BTSs (Base Transceiver Stations) powering India
  • 500 lakh kilometers (50 million km) of fiber across India
  • 1,000+ edge and hyperscale data centers in Indian telecom ecosystem
  • 140 crore (1.4 billion) transactions per second capacity of Airtel's sovereign cloud infrastructure
  • 28 lakh crore rupees (UPI, January transactions)
  • 500 million+ citizens using Aadhaar-enabled services
  • 1,100+ member banks in India's financial system

Historical References

  • 1854: India's first telegraph law (Telegraph Act)
  • 1858: India received first submarine cable—same year as US; 4 years after UK-France first submarine cable
  • 1968: Current traffic light standard adopted globally (red-amber-green)
  • 2019: India's draft e-commerce policy with tagline "India's data for India's development"
  • 2018: Government established MeitY AI Committee

Additional Context

Format Note: This transcript contains audio artifacts (repetitions of phrases, incomplete sentences) typical of live conference transcription. The analysis preserves substantive content while consolidating redundancies for clarity.

Thematic Arc: The discussion progresses from operational/technical (how networks support DPI today) → policy/regulatory (data sovereignty and control) → strategic/global (India's model as soft power for the Global South).

Underlying Tension: India seeks strategic autonomy and data control while remaining a global partner in interoperable systems—a balance requiring pragmatism about which data is critical (defense, health, KYC) vs. which can benefit from global scale and efficiency.