- India’s draft mobile security overhaul could require major smartphone makers to share device source code with government labs, triggering opposition from global tech firms Apple, Samsung, Google and Xiaomi over privacy and intellectual property concerns.
- The proposed framework also includes alerts before major software updates and malware scanning requirements, although the government says industry consultations remain underway and no final rules are set.
What happened: India’s security plan could mandate source code access
The Indian government has outlined draft proposals that could overhaul smartphone security requirements. Under consideration are rules that would require major manufacturers such as Apple, Samsung, Google and Xiaomi to provide access to the underlying source code of their devices to designated government laboratories. This measure would form part of a broader package of roughly 83 technical standards aimed at strengthening user data protection and combating rising cases of online fraud and cybercrime.
The proposals also include requirements for smartphone makers to notify Indian authorities ahead of releasing major software updates and to implement periodic malware scanning on devices. In addition, manufacturers might have to ensure that digital logs of system activity are retained on the device for up to 12 months for potential security audits.
Industry representatives have raised significant concerns. In internal responses seen by Reuters, the Manufacturers’ Association for Information Technology (MAIT) argued that mandatory source code access lacks global precedent, could expose proprietary details and undermine device performance, particularly around battery life and update delivery.
Information Technology Secretary S. Krishnan has indicated that the government will consider legitimate industry feedback as consultations continue. A final regulatory decision has not yet been made, and the draft remains under review.
Also Read: India proposes new smartphone security rules
Also Read: India heralds $4.6B investment in home-grown electronic components under ECMS
Why it’s important
If enacted, these proposals would mark a significant shift in how mobile devices are regulated in India, the world’s second-largest smartphone market with nearly 750 million devices in use. The requirement to share source code could reshape the balance between national security objectives and commercial intellectual property rights.
For consumers, the plan aims to bolster protections against fraud and unauthorised access. For global tech firms, however, it introduces complex challenges around safeguarding trade secrets and software integrity, potentially influencing future product strategies in India.
