India is proposing sweeping new smartphone security regulations that would require manufacturers to share source code with the government, notify authorities about major software updates, and comply with 83 security standards. The measures are part of Prime Minister Narendra Modi’s push to strengthen data security as online fraud and data breaches rise in the world’s second-largest smartphone market, which has nearly 750 million devices.
The proposed Indian Telecom Security Assurance Requirements have triggered strong resistance from global tech giants including Apple, Samsung, Google, and Xiaomi. Industry executives argue that mandatory source code review and vulnerability analysis have no global precedent and risk exposing proprietary information. According to industry group MAIT, no major markets in Europe, North America, Australia, or Africa impose such requirements.
Under the proposals, smartphone makers would also need to enable removal of pre-installed apps, restrict background access to cameras and microphones, conduct periodic malware scans, and store device logs for at least 12 months. Companies warn that constant malware scanning could drain battery life, while long-term log storage may exceed device capacity. They also say seeking government clearance for software updates could delay urgent security patches, Reuters news report said.
India’s IT Secretary said the government remains open to addressing legitimate industry concerns, noting that consultations are ongoing. The draft standards, prepared in 2023, are now under renewed scrutiny as the government considers making them legally binding, setting the stage for a continued tug of war between regulators and smartphone makers.