India proposes requiring smartphone makers to share source code with the government and make several software changes as part of a raft of security measures, prompting behind-the-scenes opposition from giants like Apple and Samsung.
. . .
The plan is part of Prime Minister Narendra Modi’s efforts to boost security of user data as online fraud and data breaches increase in the world’s second-largest smartphone market, with nearly 750 million phones.
The Indian proposals also require companies to make software changes to allow pre-installed apps to be uninstalled and to block apps from using cameras and microphones in the background to “avoid malicious usage”.
“This is not possible … due to secrecy and privacy,” MAIT said in a confidential document drafted in response to the government proposal, and seen by Reuters. “Major countries in the EU, North America, Australia and Africa do not mandate these requirements.”
The Indian proposals would mandate automatic and periodic malware scanning on phones. Device makers would also have to inform the National Centre for Communication Security about major software updates and security patches before releasing them to users, and the centre would have the right to test them.
MAIT’s document says regular malware scanning significantly drains a phone’s battery and seeking government approval for software updates is “impractical” as they need to be issued promptly.
India also wants the phone’s logs - digital records of its system activity - to be stored for at least 12 months on the device.
“There is not enough room on device to store 1-year log events,” MAIT said in the document.