India’s proposed smartphone security rules have triggered quiet resistance from global technology companies, including Apple and Samsung, over plans that may require them to share sensitive source code with the government.
The proposals are part of a broader push by the Modi government to strengthen data security as online fraud, hacking and data breaches rise sharply in India, the world’s second-largest smartphone market with nearly 75 crore users. However, industry executives argue that some of the proposed measures have no global precedent and could expose proprietary technology, reports Reuters.
At the heart of the dispute is a draft set of 83 security standards, known as the Indian Telecom Security Assurance Requirements, prepared in 2023. The government is now considering making these rules legally binding, according to people familiar with the discussions.
One of the most controversial proposals is a requirement for smartphone makers to allow government-approved Indian laboratories to access and review their source code — the core programming instructions that make devices function.
Technology companies argue that source code is among their most closely guarded assets. They fear that sharing it could compromise intellectual property and user privacy.
According to a confidential document prepared by the IT ministry after meetings with Apple, Samsung, Google and Xiaomi, industry representatives told officials that “no country globally mandates such security requirements”.
Apple has previously refused similar demands from China between 2014 and 2016. Even US law enforcement agencies have failed to gain access to Apple’s source code in the past.
IT Secretary S. Krishnan said the government is open to discussions and stressed that concerns raised by the industry would be examined carefully. “Any legitimate concerns of the industry will be addressed with an open mind,” he said, adding that it was too early to draw firm conclusions as consultations are ongoing.
Apart from source code access, the draft rules include several software-related requirements. These include allowing users to uninstall pre-loaded apps, blocking apps from accessing cameras and microphones in the background, and enabling automatic malware scans on devices.
Companies would also be required to inform the National Centre for Communication Security in advance about major software updates and security patches, giving the authority the right to test them before public release.
Industry representatives argue that this could delay urgent security updates. According to the industry body MAIT, which represents smartphone makers, frequent malware scans could also drain battery life significantly.
Another contentious proposal requires smartphones to store system activity logs for at least 12 months on the device itself.
MAIT has warned that most phones do not have sufficient storage capacity to retain such extensive logs for a year. “There is not enough room on the device to store one year of log events,” the industry group said in its submission to the government.
This is not the first time India’s regulatory approach has unsettled Big Tech. Last month, the government withdrew an order that would have required a state-run cyber safety app to be installed on phones, following concerns about surveillance.
However, in other cases, the government has stood firm. Last year, it pushed ahead with strict testing requirements for security cameras despite heavy lobbying by manufacturers, citing fears of foreign surveillance.
Xiaomi and Samsung together account for more than one-third of India’s smartphone market, while Apple holds about 5 percent, according to Counterpoint Research.
Officials and technology executives are expected to meet again this week to continue discussions. Industry sources say companies are urging the government to drop the source code review requirement entirely.
Whether New Delhi softens its stance or presses ahead could shape the future relationship between India and global technology firms — and set a new benchmark for digital regulation in one of the world’s fastest-growing smartphone markets.
