Report: As reported by Reuters, the Indian Government is initiating a comprehensive security overhaul for smartphone manufacturers, introducing stricter regulations and mandating the sharing of proprietary source code.
The Indian Government is considering significant security regulation enhancements that could compel smartphone manufacturers to reveal their proprietary source code, according to reports from Reuters. This proposal, stemming from a draft of over 80 new security standards, has raised immediate concerns among major global technology corporations, such as Apple, Samsung, and Xiaomi.
The Pursuit of Digital Sovereignty
Under the anticipated Indian Telecom Security Assurance Requirements (ITSAR), manufacturers might be required to present their essential programming instructions (the source code) to government-sanctioned laboratories for vulnerability examination and analysis. This initiative is part of Prime Minister Narendra Modi’s broader efforts to safeguard the nation’s 750 million smartphone users from an increase in sophisticated data breaches and online fraud.
Strong Resistance from Global Tech Leaders
The industry has shown significant behind-the-scenes resistance to these proposals. The Manufacturers’ Association for Information Technology (MAIT), an organisation representing major manufacturers, has reportedly stated that these requirements are “not feasible” due to the extreme sensitivity surrounding intellectual property and international corporate privacy guidelines. Tech companies contend that these measures lack international precedent, pointing out that major markets, including the European Union and the United Kingdom, do not enforce such intrusive access to core software.
The Challenges of Implementation
In addition to the requirement to share source code, the draft regulations propose several other measures that have alarmed the industry. One suggestion entails obliging manufacturers to inform the government of major software updates and security patches prior to their release, potentially allowing authorities to conduct preliminary tests. Moreover, the draft mentions that devices should carry out regular, automatic malware scans, a proposal that experts warn could severely affect battery life and performance.
The government also aims to require devices to keep system activity logs for a minimum of 12 months. However, manufacturers have argued that most handsets do not have adequate internal storage capacity to accommodate such extensive data records.
Official Consultation and Future Outlook
In light of the reports, India’s IT Secretary, S. Krishnan, has indicated that the government will address “valid industry concerns” with an open mind, suggesting that it is “premature” to reach definitive conclusions. India’s Press Information Bureau has clarified that no final regulations have been established and that the process continues to be a standard consultation with stakeholders. A high-level meeting involving IT ministry officials and technology executives is anticipated to occur this week to deliberate further on the framework.