The Nepali authorities have come up with a plan to regulate the Internet of Things (IoT) and machine-to-machine (M2M) communication by prioritizing data security.
The draft regulatory framework unveiled by the Nepal Telecommunications Authority (NTA) on Friday covers the issuance of licenses to IoT and M2M service providers, spectrum distribution, and data security.
The move came after the agency in late November permitted Nepal Telecom, a leading telecommunications service provider in the country, to conduct 5G network trials, a new technology that enables IoT and M2M services.
"We're introducing the regulation to promote a responsible use of IoT and M2M services," Pradip Poudel, deputy director of NTA's regulation department, told Xinhua on Saturday. "These technologies are in an early stage globally and proper regulation would help avoid various risks."
In order to ensure data security, the NTA has proposed that IoT service providers must host all servers and store all data within the territory of Nepal.
Under the proposed regulation, an IoT service provider will be responsible for a data breach and should report to the NTA within five workdays if it occurs. "It should comply with all the laws, regulations, and requirements issued by NTA concerning data management, including the security, privacy, and protection of IoT user's data," states the proposed regulation.
The IoT/M2M service provider cannot install or connect any terminal equipment unless it is approved by the NTA.
"As data security has become very important for national security in the digitized world, we proposed a number of measures that help ensure the security of data about Nepali citizens," said Poudel.