India Weighs Smartphone Source Code Access in New Security Push
India is considering a sweeping set of security regulations that could compel smartphone manufacturers to share their source code with the government, a move that has drawn sharp resistance from major global technology firms. The proposal, part of Prime Minister Narendra Modi’s broader campaign to strengthen mobile data security, has raised concerns over intellectual property, privacy, and feasibility.
Tech Firms Push Back over Source Code Clause
According to documents reviewed by Reuters and sources familiar with the discussions, India’s draft plan includes 83 proposed security standards. Among them is a requirement for companies such as Apple, Samsung, Google, and Xiaomi to grant government access to their source code—the fundamental software that powers smartphones—for testing and analysis at designated Indian laboratories.
Industry representatives argue that the proposal lacks international precedent and could expose proprietary information. In a confidential response, the Manufacturers’ Association for Information Technology (MAIT), which represents several major firms, called the plan “not possible due to secrecy and privacy,” noting that no country in Europe, North America, Australia, or Africa mandates similar access.
The proposal also includes requirements for automatic malware scanning, the ability to uninstall pre-installed apps, and measures to prevent apps from using microphones or cameras in the background. Smartphone makers would need to alert the government to major software updates before releasing them to users, a move that companies say would delay essential security patches.
Government Seeks Balance amid Industry Concerns
IT Secretary S. Krishnan told Reuters that authorities would address “any legitimate concerns” from the industry and that it was too early to draw conclusions. In a later statement, the IT ministry said it was holding consultations to develop a “robust regulatory framework for mobile security.” The ministry also denied that it was formally seeking access to smartphone source code, without commenting on the internal documents cited.
India, home to nearly 750 million smartphone users, has tightened oversight of digital technology and communications infrastructure in recent years. While the government revoked a plan in 2025 to pre-install a state-run cyber safety app amid surveillance concerns, it has maintained strict testing requirements for security devices, citing national security risks.
Industry Warns of Technical and Privacy Risks
MAIT and industry executives have warned that source code analysis could endanger proprietary software and create significant operational challenges. Their concerns include battery drainage from constant malware scanning, storage limits for mandatory year-long system logs, and delays in software updates that could affect user security.
Apple, Samsung, Google, and Xiaomi have not publicly commented on the proposal. Further consultations between the IT ministry and industry representatives are expected this week as debate continues over how to balance security imperatives with privacy and innovation.
with inputs from Reuters