The central government is planning to introduce strict new security rules for smartphones, including a proposal that would require mobile phone makers to share their source code with government agencies. The move has triggered strong resistance from major global companies such as Apple and Samsung, according to people familiar with the discussions and confidential documents reviewed by Reuters.
The proposed framework includes 83 security standards and would also require companies to inform the government in advance about major software updates and security patches. Technology firms argue that these demands have no global precedent and could expose sensitive and proprietary information.
The plan is part of Prime Minister Narendra Modi’s push to strengthen data security as cases of online fraud and data breaches continue to rise in India, which is the world’s second-largest smartphone market with around 750 million users.
IT Secretary S Krishnan said the government was open to dialogue with the industry. “Any legitimate concerns of the industry will be addressed with an open mind,” he told Reuters, adding that it was “premature to read more into it.” A spokesperson for the ministry said no further comment could be made as consultations with technology companies were still ongoing.
Companies including Apple, Samsung, Google and Xiaomi, along with the industry body Manufacturers’ Association for Information Technology, did not respond to requests for comment.
This is not the first time government technology rules have upset global firms. Last month, the Centre withdrew an order requiring smartphones to carry a state-run cyber safety app after concerns were raised about surveillance. However, the government ignored lobbying last year when it introduced strict testing rules for security cameras over fears of foreign spying.
According to Counterpoint Research, Xiaomi and Samsung together control more than one-third of India’s smartphone market, while Apple has about five percent.
One of the most controversial proposals is giving government-designated labs access to smartphone source code, which contains the core instructions that make devices work. Documents show that the code could be analysed and tested as part of what the government calls vulnerability analysis.
The proposals also require software changes that would allow users to uninstall preloaded apps and stop applications from accessing cameras and microphones in the background to prevent misuse.
A December document from the IT Ministry summarising meetings with companies said industry representatives argued that such security standards are not mandated anywhere else in the world.
The standards were drafted in 2023 and are now under consideration to be made legally binding. Government officials and technology executives are expected to meet again on January 13, 2026, to continue discussions.
Smartphone makers have long resisted sharing source code. Apple previously refused similar demands from China, and even US law enforcement agencies have failed to gain access.
In a confidential response to the proposals, MAIT said that full source code review was not possible. “This is not possible due to secrecy and privacy,” the document said, adding that countries in Europe, North America, Australia and Africa do not impose such requirements.
A source said MAIT has asked the ministry to drop the proposal. The document also raised concerns about mandatory and regular malware scanning, warning that it would drain battery life. It said requiring government approval before releasing software updates was impractical because security fixes often need to be rolled out quickly.
Another proposal requires phones to store system activity logs for at least 12 months. MAIT said this was unrealistic, stating, “There is not enough room on the device to store one year log events.”
As talks continue, the proposed rules have highlighted a growing tension between the Indian government’s push for tighter digital security and the global technology industry’s concerns over privacy, feasibility and intellectual property.
