This guide walks through what the rules actually do: the four kinds of captive authorisation they create, who can apply for each, what they cost, and the security and data-localisation obligations that come attached. We have flagged the points that matter most in practice along the way.
What "Captive" Means Here
A captive network is one an organisation builds and runs for its own use, not to sell connectivity to the public. The rules are emphatic on this throughout: a captive network may serve only the entity's own bona fide users, and may not be used to provide any commercial or public telecom service. Interconnection with public networks (PSTN, public mobile, internet telephony, the public internet) is broadly prohibited, with narrow, controlled exceptions.
The Four Captive Authorisations
Rule 4 sets out four distinct authorisations. An applicant chooses the one matching the kind of captive network it wants to run.
| Authorisation | What it covers | Geographic scope |
|---|---|---|
| Captive Mobile Radio Trunking (CMRTS) | Two-way land mobile radio for captive use via repeater stations and temporarily allocated frequency pairs | A geographical area within the national service area |
| Captive Non-Public Network (CNPN) | Private networks (e.g. private 5G) confined to the entity's own owned or leased premises | National service area |
| Captive VSAT | Satellite network for captive use via VSATs or earth-stations-in-motion, plus data links between the entity's own sites | National service area |
| Captive General Service (CGS) | Wireline and wireless captive networks generally, excluding anything that has its own separate authorisation | A geographical area within the national service area |
Every authorisation is granted on a non-exclusive basis, with no cap on how many entities can be authorised in any service area, and runs for up to twenty years, renewable for up to a further twenty.
Who Can Apply, and the One Big Restriction
Under Rule 5, an applicant must be either a company (with FDI in line with policy and a sound management track record) or a government body, a Central or State Government department, a legislative body, a Court, an administration of Scheduled or Tribal Areas, or any other Government-controlled entity. In every case, the applicant must have no pending dues.
For the Captive General Service authorisation, the applicant cannot be a private limited company, or in fact any company other than a government company.
In effect, CGS is reserved for government companies and government bodies. A private enterprise wanting a broad captive network must structure around the other three authorisations, most often CNPN for an on-premises private network. The Central Government may relax any eligibility condition in public interest.
Getting Authorised: the Process
- Applications are filed entirely on an online portal, with a non-refundable processing fee and, for companies, an auditor's certificate confirming eligibility.
- An applicant holding any overlapping license or authorisation must relinquish it. The rules do not allow an entity to hold both.
- CNPN and CGS are granted to eligible applicants without any prior Letter of Intent, a lighter-touch route.
- CMRTS and VSAT go through a Letter of Intent requiring an entry fee, a guarantee, and an undertaking to relinquish overlapping licenses. VSAT applications may additionally undergo security vetting through the satellite-network clearance authority before grant.
An authorisation does not by itself confer any right to spectrum. Spectrum has to be applied for separately under applicable law, subject to its own eligibility conditions.
What It Costs
The Schedule sets out the one-time fees and initial guarantees.
| Authorisation | Processing fee | Entry fee | Initial guarantee |
|---|---|---|---|
| Captive Mobile Radio Trunking (CMRTS) | ₹10,000 | Nil | ₹20,000 |
| Captive Non-Public Network (CNPN) | ₹10,000 | Nil | Nil |
| Captive VSAT | ₹10,000 | ₹7.5 lakh | ₹3 lakh |
| Captive General Service (CGS) | Nil | Nil | Nil |
On top of these, annual authorisation fees apply to two of the four:
- CMRTS: ₹300 per user terminal, minimum ₹5,000. From the fourth year onwards, the higher of ₹300 per terminal or ₹25,000. Police, fire and government security services are fully exempt from this fee.
- VSAT: ₹10,000 per VSAT (including earth-station-in-motion), with no minimum fee. M2M / IoT devices are not counted as VSATs for fee purposes, even in direct-to-satellite setups.
- CNPN and CGS: no authorisation fee at all.
Annual fees are paid quarterly, with the final quarter paid in advance by 25 March and trued up by 15 April. Late payment carries interest at SBI's one-year MCLR plus 2%, compounded annually. DoT may assess or reassess fees for up to four years, extendable to six where the escaped amount is ₹10 lakh or more.
Ongoing Obligations Once Authorised
The general conditions in Chapter III run for the life of the authorisation. The recurring ones to plan for:
- Annual auditor's certificate on Indian and foreign equity (direct and indirect), control, and continuing eligibility.
- Change reporting: shareholding changes from an acquisition within 15 days; a name change within 30 days; other material changes within 15 days.
- Nodal person: an India-based contact must be nominated to DoT for reporting and support.
- Insolvency: if a CIRP is admitted against the entity under the IBC, DoT must be informed in writing within 48 hours.
- Transfer: an authorisation can be assigned or transferred only with prior written DoT approval, and only pursuant to a merger, demerger, acquisition or restructuring.
Authorisations can be revoked for false representations, liquidation or winding-up, or on a TRAI recommendation (with a hearing in the first and third cases). Revocation, surrender and breach orders all take effect on the 31st day from publication on the portal, and unpaid dues are recoverable as arrears of land revenue.
Technical Conditions and Data Localisation
An authorised entity may build, operate and expand its network and hold radio equipment without a separate network authorisation, but it must arrange its own right of way, and right-of-way delays are explicitly no excuse for missing obligations. Two location conditions stand out:
- Systems within the service area: all network systems must sit within the authorised service area, with prior approval needed for security-sensitive areas and restrictions near international borders, the LoC and the LAC.
- Hard data localisation: all data, logs and information associated with the network must be stored within India, with no copies routed, shared or made available outside India.
DoT, or a designated agency at the entity's cost, has rights to inspect sites and audit systems on reasonable notice, with carve-outs protecting confidential, commercially sensitive, trade-secret and fiduciary information.
Security Obligations
Chapter V is the most demanding part of the rules. The headline requirements:
- Indian management: a majority of board directors must be Indian citizens, and the chief network officer plus security and system administrators must be resident Indian citizens. Foreign nationals in CXO roles need annual MHA security vetting.
- Record retention: CDRs, IPDRs, subscriber data and similar records must be maintained as DoT directs.
- Trusted sources and products: the National Cyber Security Coordinator is the designated authority, maintaining lists of trusted sources, trusted products, and entities from whom no procurement may occur. Entities must register and follow the prescribed procurement process.
- Use restrictions: captive use only, for bona fide users; no transmission of illegal or copyright-infringing content; no offences under the Act or the Bharatiya Nyaya Sanhita, 2023.
- General security: facilities to respond to espionage or sabotage, the ability to suspend service in specified areas, monitoring facilities at the entity's own cost, and adherence to Survey of India border maps.
Service-Specific Conditions
Chapter VI layers additional, type-specific rules on top of the general conditions, and overrides them in case of conflict.
Mobile Radio Trunking (Part A)
- Strictly captive, never public trunking. No interconnection with public networks or with other captive networks.
- A rollout obligation applies: at least one repeater station must be established within 12 months of spectrum assignment (with a 30-day grace window), failing which it is treated as a breach.
Non-Public Network (Part B)
- Confined to the geo-coordinates of the logical perimeter of the entity's own premises (owned or leased), with radio signals required to stay within that perimeter.
- Multiple sites across the country need only one CNPN authorisation. Sites may be linked via domestic leased circuits from authorised providers.
- Access spectrum can be leased from an access licensee or obtained directly from DoT, separately for each area. The lease must allow lessor inspections and 24-hour reporting of any detected misuse.
- This is the route most private enterprises will use for private 5G.
VSAT (Part C)
- Satellite or space-segment capacity must be authorised by the Department of Space; the satellite earth-station gateway must be located in India; and all India-originating or terminating traffic must route through that India gateway, no foreign-gateway routing, no inter-satellite bypass, and no mirroring of traffic outside India.
- Add to that lawful-interception systems at the entity's own cost, mandatory NavIC positioning compliance, a ban on location-spoofing tools, service cut-off in restricted areas, and a tightly conditioned regime for any remote access from abroad (with a six-month audit trail held in India).
General Service (Part D)
- Wireline and wireless captive networks generally, excluding anything separately authorised, with no authorisation fee and no public-network connection.
- Read with the Rule 5 eligibility bar, this is effectively a government-sector instrument.
Practical Takeaways
- Private enterprises should look to CNPN. It carries no authorisation fee, covers all the entity's sites under a single authorisation, and is granted without a Letter of Intent, the cleanest path for on-premises private networks.
- CGS is off-limits to private companies. If your plan assumed a broad captive wireline / wireless network under a general authorisation, that route is reserved for government companies and bodies; restructure accordingly.
- Data localisation is absolute. The India-only storage rule, and for VSAT the India-gateway and no-mirroring rules, will drive network and cloud architecture decisions early in any project.
- Much detail still lives on the portal. Forms, thresholds, the reporting turnover exemption, security-sensitive-area lists and procurement procedures will only crystallise as DoT publishes portal specifications, worth tracking against project timelines.
Sources & Further Reading
This brief is based on the notified rules and the parent statute, including:
- Telecommunications (Authorisation for Captive Telecommunication Services) Rules, 2026, G.S.R. 511(E), Department of Telecommunications, notified 23 June 2026 and in force on publication
- The Telecommunications Act, 2023 (44 of 2023)
- The Schedule to the Rules (processing fees, entry fees and initial guarantee amounts)
- The Bharatiya Nyaya Sanhita, 2023, referenced in the use-restriction conditions
This article summarises the rules as notified in June 2026 and is provided for general information, not as legal advice. Provisions should be read with the full text of the notification and any portal specifications issued thereunder.