India’s Department of Telecommunications (DoT) has introduced stricter security guidelines for satellite communication (satcom) services in India, adding new conditions related to data localization, website blocking, metadata collection, and the integration of the indigenous NavIC (Navigation with Indian Constellation) positioning system.
The updated norms are applicable to both existing license holders—such as Eutelsat OneWeb and the Jio-SES joint venture—and prospective players like Starlink and Amazon’s Project Kuiper.
In light of evolving satellite technologies, including inter-satellite communication and mobility-enabled services, the DoT has revised the security framework under the GMPCS (Global Mobile Personal Communications by Satellite Services) license.
Officials emphasized that any company applying for a license, including Starlink, will need to meet all specified security requirements. According to sources, Starlink has already agreed to most of the conditions, moving closer to gaining regulatory approval.
Interesting Read: India Mandates Certification for Satellite Communication Equipment
Under the revised rules, satcom firms must establish local data centers or Points of Presence (PoPs) exclusively or non-exclusively for satellite services within India’s borders. They are also required to enable domain name system (DNS) resolution domestically. Additionally, licensees must pledge not to transfer or decrypt telecom data outside of India.
The department has also mandated a phased indigenization plan, requiring companies to localize at least 20% of the ground segment of their satellite networks within five years of commercial launch. This measure aims to boost domestic manufacturing capabilities in the sector.
Officials noted that the updated guidelines reflect heightened national security concerns, particularly amid ongoing tensions with neighboring countries and the advent of technologies allowing satellites to bypass ground infrastructure. The DoT has made it clear that satellite-to-satellite communication must not circumvent Indian gateways under any circumstance.
Also Read: DoT Blocks 90% of International Spoofed Calls in Cybercrime Crackdown
For user terminals with mobility features, location tracking is now compulsory, either every 2.6 kilometers moved or at one-minute intervals, whichever occurs first. The network must also be able to shut off access when a mobile terminal enters restricted areas. Moreover, a 50-kilometer special monitoring zone must be established near international borders.
In total, satcom operators will now be subject to 29 to 30 specific security conditions. These include ensuring blocked websites in India remain inaccessible via GMPCS services, preventing terminals from connecting to gateways outside Indian territory, and avoiding any form of location spoofing. The regulations also reinforce that sensitive user data should not be accessible from foreign locations.
The DoT said these measures were finalized after consultations with key stakeholders and reflect the government’s intent to strengthen oversight in the growing satcom sector.
