India's Strict Smartphone Security Plan Sparks Privacy Backlash From Tech Giants

Government's Security Push

India's IT Ministry has put forth a new set of security standards for smartphones, a move aimed at bolstering user data protection amid a surge in online fraud and data breaches. The proposals include demanding smartphone manufacturers share their source code and mandate retaining device logs for a full year. These measures are part of Prime Minister Narendra Modi's broader strategy to secure digital infrastructure in a market with nearly 750 million mobile phones.

Industry and Privacy Concerns

Global tech giants, including Apple Inc. and Samsung Electronics, have privately voiced strong objections to the proposed security package. Privacy advocates and technology experts echo these concerns, fearing the requirements could lead to heightened state surveillance and undermine user privacy. The Internet Freedom Foundation (IFF) strongly condemned the proposals, stating they "effectively grants the state access to confidential source code and embeds persistent controls into devices." They argue the proposals micromanage user interaction with their devices.

Regulatory Hurdles

Experts warn that demanding source code access is a significant step backward for India's goal of improving the ease of doing business. Akash Karmakar, a partner at Panag & Babu specializing in technology law, noted that such demands erode trust. The ministry had previously revoked a mandate for a state-run cybersecurity app following public opposition. Furthermore, the proposal requires tech companies to notify officials before releasing security updates and allows state testing, creating potential conflicts of interest and opportunities for exploitation, according to Raman Jit Singh Chima of Access Now.