India has proposed sweeping security measures requiring smartphone makers to share source code and implement multiple software changes, prompting pushback from major global tech firms including Apple, Samsung, Google, and Xiaomi.
The proposals, part of the Indian governmentโs efforts to strengthen user data security amid rising online fraud, would require manufacturers to allow pre-installed apps to be uninstalled, block background use of cameras and microphones, and conduct automatic malware scanning.
A key and sensitive requirement is that device makers submit their source codeโthe underlying programming instructionsโfor analysis and potential testing at designated labs in India.
Companies argue this is unprecedented globally, risks revealing proprietary information, and may compromise device secrecy and user privacy. Industry representatives, including the Manufacturers Association for Information Technology (MAIT), have highlighted that no other major market mandates such measures, and that full source code review is โnot possible.โ
The proposals would also require smartphone logs to be stored for at least 12 months on devices, and for manufacturers to inform the governmentโs National Centre for Communication Security of major software updates before release. Firms warn that such requirements could drain battery life, delay updates, and be impractical for devices with limited storage.
Indiaโs IT ministry said it will consider legitimate industry concerns, while consultations with the smartphone makers are ongoing. The government has previously pursued strict security rules, including mandatory testing of cameras and cyber safety apps, though some orders were revoked following industry complaints.
With India hosting nearly 750 million smartphones, the government views these measures as a step to mitigate cybersecurity threats and data breaches. Discussions between the IT ministry and tech companies are scheduled to continue, as authorities weigh whether to make the proposals legally binding.
