India's smartphone security proposal sparks privacy concerns and industry backlash
In a move that has sparked debate and concern among privacy advocates and technology experts, the Indian government's plan to require smartphone makers to share source code and maintain phone logs for a year has been met with criticism. The proposal, part of Prime Minister Narendra Modi's efforts to enhance user data security, has raised fears of heightened surveillance and micromanagement of user interactions with devices.
The Indian IT ministry has canceled a scheduled meeting with tech giants, citing ongoing consultations and the need to address legitimate industry concerns. However, the ministry refutes considering seeking source code, despite confidential government and industry documents suggesting otherwise. The Internet Freedom Foundation, a privacy and free speech rights organization, strongly opposes the proposal, warning of the state's potential access to confidential source code and the embedding of persistent controls into devices used by millions.
The proposal's potential conflict of interest has been highlighted by experts. Allowing the state to act as a regulator while potentially exploiting vulnerabilities for surveillance raises concerns. This is particularly significant in a market with nearly 750 million phones, where online fraud and data breaches are on the rise. The Indian government's decision to revoke a previous order mandating a state-run cybersecurity app on phones following opposition from privacy advocacy groups further underscores the delicate balance between security measures and user privacy.
Akash Karmakar, a technology law specialist, emphasizes the erosion of trust and the setback to India's business goals that could result from seeking source code. The proposal's impact on the ease of doing business and the potential for state surveillance has sparked a heated debate, with companies like Apple and Samsung privately protesting the proposed security standards.
