NEW DELHI: India has proposed sweeping new cybersecurity requirements for smartphones, including mandatory sharing of source code with the government and prior notification of major software updates, triggering strong but largely behind-the-scenes opposition from global tech giants such as Apple and Samsung.
Sri Lanka Beat Pakistan by 14 Runs to Level T20 Series in Dambulla
According to sources familiar with the discussions and a Reuters review of confidential documents, the Indian government has outlined 83 proposed security standards aimed at strengthening user data protection amid a surge in online fraud and data breaches. India is the world’s second-largest smartphone market, with nearly 750 million users.
The proposals are part of Prime Minister Narendra Modi’s broader push to enhance digital security. However, technology companies argue that several of the measures lack global precedent and could expose proprietary and sensitive intellectual property.
IT Secretary S. Krishnan said the government was open to addressing “any legitimate concerns of the industry,” adding that it was premature to draw conclusions while consultations were ongoing. A ministry spokesperson declined further comment.
Among the most contentious provisions is a requirement for smartphone makers to provide access to source code for analysis and testing at designated Indian laboratories. Industry representatives say such access is unprecedented and not mandated in major markets such as the European Union, North America or Australia.
The proposals would also require companies to modify software to allow users to uninstall pre-installed apps, restrict background access to cameras and microphones, and conduct periodic malware scans. In addition, firms would need to inform the National Centre for Communication Security in advance of major software updates and security patches, which the authority could test before public release.
The Mobile and Electronics Association of India (MAIT), which represents Apple, Samsung, Google and Xiaomi, has formally urged the government to drop several provisions. In a confidential response, MAIT warned that regular malware scans could drain battery life, advance approval of updates could delay critical security fixes, and storing system logs for 12 months on devices may not be technically feasible.
Industry executives and government officials are expected to hold further talks this week as New Delhi considers whether to make the proposed standards legally binding.
