The Centre is considering a significant overhaul of India’s digital security framework that could require smartphone manufacturers to submit their source code for official scrutiny. The proposal, aimed at strengthening national cybersecurity, reflects growing concerns over data privacy, surveillance risks, and foreign software vulnerabilities embedded in consumer devices.
Why Source Code Is Under the Scanner
According to officials familiar with the discussions, access to source code would allow Indian authorities to verify whether smartphones sold in the country contain hidden backdoors, malicious instructions, or undocumented data-sharing mechanisms. With smartphones now central to banking, governance, and personal communication, the government views device-level security as a matter of national interest.
Focus on Imported Devices and Supply Chain Risks
The move is particularly relevant for smartphones manufactured or assembled outside India. Policymakers are reportedly wary of opaque software supply chains that could expose Indian users to cyber espionage or unauthorized data transfers. By examining source code, regulators hope to ensure compliance with Indian laws and security standards.
Industry Concerns Over Intellectual Property
Smartphone makers are expected to raise concerns about intellectual property protection, trade secrets, and competitive advantage. Source code is considered a core asset, and companies may seek strong legal safeguards to prevent misuse or leaks. Government sources suggest that mechanisms such as secure audits and restricted access may be explored to balance security needs with commercial interests.
Link to Broader Digital Governance Efforts
This proposal aligns with India’s broader push for digital sovereignty, which includes stricter data localization norms, tighter oversight of apps, and enhanced cybersecurity mandates. If implemented, the rule could mark a shift from reactive cyber policies to proactive prevention through deeper technical oversight.
What Comes Next
While no final decision has been announced, consultations with industry stakeholders are expected in the coming months. Any formal mandate would likely be phased in, giving manufacturers time to adapt their compliance frameworks. The outcome could reshape how global smartphone brands operate in one of the world’s largest mobile markets.