India Proposes Forcing Apple and Other Smartphone Makers to Share Source Code [Report]

Apple and other tech giants are opposing a new proposal in India that would force smartphone makers to share their source code with the government. While the measures are intended to tighten data security, the industry warns that handing over such sensitive information poses a major risk to proprietary technology and user privacy.



The draft regulations, known as the Indian Telecom Security Assurance Requirements, reportedly contain 83 different security standards. According to a report from Reuters, the most contentious provision would compel companies to submit their source code—the fundamental programming instructions that make the operating system work—to designated Indian labs for vulnerability analysis. The government argues the measures are necessary to curb rising data breaches in the world's second-largest smartphone market.


Major players like Apple, Samsung, and Google are voicing strong opposition behind the scenes. Through the MAIT industry group, the companies have argued that such requirements lack any global precedent and would compromise trade secrets. In a confidential document reviewed by Reuters, the group stated that handing over source code is "not possible" due to privacy and secrecy concerns. Apple has historically guarded its code fiercely, having famously refused similar requests from China and U.S. law enforcement in the past.

Beyond source code access, the proposal seeks to mandate specific software behaviors. The government wants manufacturers to allow users to uninstall any pre-loaded application and to implement hard blocks on apps accessing the microphone or camera in the background. The rules would also require companies to notify the National Centre for Communication Security about major software updates and security patches before they are released to the public, giving the agency the right to test them first.

This is the latest in a series of regulatory tug-of-wars between New Delhi and Silicon Valley. Just last month, the Indian government dropped an order that would have required smartphone makers to preload a state-run cyber safety app after Apple reportedly prepared to resist the mandate. Before that, the companies protested a proposal regarding mandatory always-on location tracking, warning it could turn phones into surveillance devices.

The industry group also flagged technical hurdles with the new proposal, noting that mandating continuous malware scanning would significantly drain battery life. Another requirement to store system logs on the device for 12 months was deemed impractical, with manufacturers arguing there simply isn't enough storage space to retain that volume of data locally.


While an IT ministry official stated that "legitimate concerns" would be addressed with an open mind, the government is currently considering making these drafted standards legally binding. Executives are expected to meet with officials for further discussions this week.