Governance
India proposes new smartphone security rules
India proposes draft rules for smartphone security that would require source code access and other software measures amid industry pushback.
Headline
India proposes draft rules for smartphone security that would require source code access and other software measures amid industry pushback.
Context
India has put forward draft smartphone security rules that, if enacted, would require device makers to share their proprietary source code with government-designated labs as part of a major security overhaul. The proposals are intended to strengthen protections for user data in the world’s second-largest smartphone market, where nearly 750 million handsets are active and online fraud and breaches have risen. According to sources familiar with the matter and internal documents reviewed by Reuters, the 83-point regulatory package would not only include source code access but several other stringent software requirements. These include mandatory notification to authorities of major software updates before release, automatic malware scanning on devices, and controls to prevent apps from accessing cameras and microphones in the background without explicit permission.
Evidence
Pending intelligence enrichment.
Analysis
The draft standards are part of the so-called Indian Telecom Security Assurance Requirements , which have been discussed with leading phone makers including Apple, Samsung, Google and Xiaomi. Industry representatives have told officials that forcing source code disclosure is unprecedented globally and could risk revealing commercially sensitive information. They also cited concerns that requirements such as on-device malware scanning could negatively affect battery life and device performance. India’s IT Secretary, S. Krishnan , acknowledged that industry concerns would be addressed with an open mind and noted that it was premature to make definitive interpretations of the plans. Government consultations with manufacturers are ongoing as regulators weigh how to balance security goals with commercial practicality. Also Read: Optus CTO departs after critical 000 emergency call report Also Read: UK turns to Google for public sector AI delivery If adopted, these proposals would mark one of the most robust smartphone-specific regulatory regimes globally, raising complex questions about intellectual property, platform security and government access to commercial technology. Smartphone source code forms the foundation of operating systems and user experiences, and manufacturers guard it as proprietary. Even historically, firms such as Apple have resisted similar demands from other governments.
Key Points
- The Indian government has outlined draft regulations that would obligate smartphone manufacturers to provide source code access and implement a suite of security measures.
- Major global vendors have privately raised concerns that the proposals lack precedent and could expose proprietary technology, while officials say consultations continue.
Actions
Pending intelligence enrichment.
