Here is the text of the concerned part of the license - I was wrong about some things, and it's worse than I remember:
34. Security Conditions:
34.1 The LICENSEE shall provide necessary facilities depending upon the specific situation at the relevant time to the Government to counteract espionage, subversive act, sabotage or any other unlawful activity.
34.2 The LICENSEE shall make available on demand to the person authorized by the LICENSOR, full access to the switching centers, transmission centers, routes etc. for technical scrutiny and for inspection, which can be visual inspection or an operational inspection.
34.3 LICENSEE will ensure that the Telecommunication installation carried out by it should not become a safety hazard and is not in contravention of any statute, rule or regulation and public policy.
34.4 In the interests of security, suitable monitoring equipment as may be prescribed for each type of system used will be provided by the LICENSEE for monitoring as and when required by LICENSOR. The specific orders or directions from the Government, issued under such conditions, shall be applicable.
34.5 The precise delineation of geographical borders taken by the LICENSEE for the purpose of defining service area across International borders, if any, shall have prior approval of the Government of India. The terrestrial boundaries of India shall be as depicted in the maps issued by Survey of India.
34.6 The designated person of the Central/ State Government as conveyed to the Licensee from time to time in addition to the Licensor or its nominee shall have the right to monitor the telecommunication traffic in every node or any other technically feasible point in the network set up by the LICENSEE. The LICENSEE should make arrangement for monitoring simultaneous calls by Government security agencies. The hardware at LICENSEE’s end and software required for monitoring of calls shall be engineered, provided/installed and maintained by the
LICENSEE at LICENSEE’s cost.
34.7 The Licensee shall install necessary infrastructure in the service area with respect to Internet telephony Services offered by the Licensee for processing /routing / directing / managing / authenticating the internet telephony calls including the generation of Call Details Record(CDR). CDR shall contain calling / called IP address, called numbers, date, duration, time and charges of internet telephony calls.
34.8 Each ISP must maintain a log of all users connected and the service they are using (mail, telnet, http etc.). The ISPs must also log every outward login or telnet through their computers. These logs, as well as copies of all the packets originating from the Customer Premises Equipment (CPE) of the ISP, must be available in REAL TIME to Telecom Authority. Type of logins, where the identity of the logged-in user is not known, should not be permitted.
34.9 The Government through appropriate notification may debar usage of mobile terminals in certain areas in the country. The LICENSEE shall deny service in areas specified by designated authority immediately and in any case within six hours on request. The LICENSEE shall also provide the facility to carry out surveillance of Mobile Terminal activity within a specified area.
34.10 The LICENSEE shall be responsible for ensuring privacy of communication on its network and also to ensure that unauthorized interception of message does not take place.
34.11 LICENSOR shall have the right to take over the SERVICE, equipment and networks of the LICENSEE (either in part or in whole of the service area) in case any directions are issued in the public interest by the Government of India in the event of a National emergency / war or low intensity conflict or any other eventuality. Any specific orders or directions from the Government of India issued under such conditions shall be applicable to the LICENSEE and shall be strictly complied with.
34.12 The complete list of subscribers shall be made available by the LICENSEE on their website (having password controlled access), so that authorized Intelligence Agencies are able to obtain the subscriber list at any time, as per their convenience with the help of the password. The list should be updated on regular basis. Hard copy as and when required by security agencies shall also be furnished. The LICENSEE shall ensure adequate verification of each and every customer before enrolling him as a subscriber; instructions issued by the licensor in this
regard from time to time shall be scrupulously followed.
...
34.22 The Licensor or its representative(s) will have an access to the Database relating to the subscribers of the LICENSEE. The LICENSEE shall also update the list of his subscribers and make available the same to the Licensor at such intervals as may be prescribed. The LICENSEE shall make available, at any prescribed instant, to the Licensor or its authorized representative details of the subscribers using the service.
34.23 The LICENSEE shall maintain all commercial records with regard to the communications exchanged on the network. Such records shall be archived for at least one year for scrutiny by the Licensor for security reasons and may be destroyed thereafter unless directed otherwise by the licensor.
34.24 The LICENSEE shall provide to the LICENSOR, location details of the equipment provided by ISP. Implementation of any installation of the concerned equipment and execution of the concerned project shall be taken up only after the approval by the LICENSOR and locations of these centres shall not be changed without prior approval of the LICENSOR. This requirement shall be applicable only to such areas as are sensitive from security point of view, as may be notified from time to time by the LICENSOR. In the interest of national security or public interest, the ISPs shall block Internet sites and / or individual subscribers, as identified and directed by the Licensor from time to time.
34.25 The LICENSEE shall not use any hardware/software which are identified as unlawful and/or render network security vulnerable. The LICENSEE shall make available, on demand, to the agencies authorised by the Government of India, full access to the equipment provided by the ISP for technical scrutiny and detailed inspection.
34.26 The traffic of Internet nodes on places of security importance would be routed as per directions issued from time to time by Licensor. Interconnection of these nodes to other nodes within the country directly is not permitted.
34.27 Monitoring facilities.
(a) At each - International Gateway location and / or ISP node with a
router/switch having an outbound capacity of 2 Mbps or more:
(i) Every international gateway location and/or the ISP node with a router/switch having a capacity of 2 Mbps or more shall be equipped with a monitroing Centre at the cost of the ISP. Suitable appropriate monitoring system is to be set up by ISPs carrying Internet telephony traffic through their Internet gateways and /or ISP nodes at their own cost, as per the requirement of the security agencies and the cost of maintenance of the monitoring equipment and infrastructure at the monitroing centre located at the premises of the licensee shall be borne by the ISP.
(ii). Office space of 10 feet x 10 feet with adequate uniterrupted power supply and air-conditioning which will be physically secured and accesible only to the monitoring agencies will have to be provided by the ISP at each location, free of cost.
(iii). In addition to the equipment, one local exclusive telephone line is to be made available by the ISP at the monitoring centre, the cost to be borne by the ISPs.
(iv). The cost of maintenance of the equipment and infrastructure mentioned above at monitoring centre located at the premises of the ISP is to be borne by the ISP.
(v) Each router/switch of the ISP should be connected by the LAN operating at the same speed as the router/switch, the monitoring equipment will be connected to this network.
(vi). For a national ISP or an ISP having multiple nodes/point of presence, if it is possible to monitor the traffic in all the Routers/switches from a central location, a central monitoring centre would be acceptable. However, in such a case, the ISP would, at the outset, be able to demonstrate to the Licensor that all routers / switches are accessible from the central monitoring centre. Moreover, the ISPs would have to inform the Licensor of every change that takes place in their topology /configuration, and demonstrate that all routers/switches continue to be
accessible from the central monitoring centre. The decision of Licensor will be final on the issue.
In short:
1. The government can spy on users whenever they want.
2. The government can find out any and all information we hold on subscribers whenever they want.
3. We have to log everything you visit for a year, including logins (passwords and such, probably as well).
4. The government has the right to take over or kill our network at any time if anything happens, such as the declaration of a state of emergency.
5. We have to block individual subscribers if the government says so.
6. We have to pay for the lot, including monitoring equipment which they will install.
...all this plus we still have to give them 6% of our revenue every 3 months.
See? I told you it was draconian. It certainly doesn't look like a policy from the world's largest democracy.
