Key Points
- India’s draft security overhaul would require smartphone makers to provide source code and meet new software security standards.
- Apple, Samsung, Google and Xiaomi oppose the proposals, calling them unprecedented and risky for proprietary technology.
- Regulators plan to continue consultations, saying no final regulation has been enacted and concerns will be considered.
India has proposed an extensive overhaul of smartphone security regulations that could require global device makers to share underlying software code with authorities and meet tough new software requirements. The draft rules aim to strengthen user data protection as online fraud and breaches rise in the country’s huge mobile market.
The proposals form part of an expanded Telecom Security Assurance Requirements framework that India is considering making legally binding after consultations with tech companies. Industry players sharply criticised the idea of forcing companies to hand over source code — the proprietary programming that makes devices work — saying it would be unprecedented and could compromise trade secrets and intellectual property.
Major manufacturers such as Apple, Samsung, Google and Xiaomi voice opposition in confidential industry discussions, saying similar mandates do not exist in the EU, North America, Australia or Africa and are impractical for their business models.
The government also proposes requiring firms to inform regulators about major software updates before they roll out and to make software changes so users can uninstall pre-installed apps and stop background access to cameras or microphones by third-party apps.
Critics argue these requirements could slow security patches, drain device batteries and burden device storage with long-term security logs, adding operational challenges. Smartphone makers maintain that full code review and analysis is not feasible due to secrecy and privacy concerns, and have asked authorities to remove or adjust the most sensitive elements.
The plan is part of efforts to enhance mobile device safety and reduce risks of abuse, but industry resistance underscores tensions between regulatory ambitions and the technical realities of global platform development.
Government officials say consultations will continue and legitimate concerns will be addressed, stressing that no final rules have been formalised and further discussions are planned on how best to balance security with innovation.
The debate comes as India is home to nearly 750 million smartphone users and is intensifying efforts to shield citizens from cyber threats while attracting technology investment.
