New Delhi: Smartphone manufacturers have been asked to share their source code as part of a security overhaul proposed by the Centre, claimed a news report that was denied by the government on Sunday.

“The Government of India has NOT proposed any measure to force smartphone manufacturers to share their source code,” the Press Information Bureau posted on X.

“The Ministry of Electronics and Information Technology has started the process of stakeholders’ consultations to devise the most appropriate regulatory framework for mobile security,” the post said, adding that it is “part of regular and routine consultations with the industry for any safety or security standards”.

“Once a stakeholder consultation is done, then various aspects of security standards are discussed with the industry,” the post said. “No final regulations have been framed, and any future framework will be formulated only after due consultations,” the PIB said.

The statement came after Reuters said the government had asked smartphone makers to share source code and make several software changes as part of a raft of security measures.

The tech companies countered that the package of 83 security standards, which would also include a requirement to alert ‌the government to major software updates, lacks any global precedent and risks revealing proprietary details, Reuters reported, citing four people familiar with the discussions and a review of confidential government and industry documents.

IT Secretary S Krishnan told Reuters that “any legitimate concerns of the industry will be addressed with an open mind”, adding it was “premature to read more into it”. A ministry spokesperson said it could not comment further due to ​ongoing consultation with tech companies on the proposals.

Among the most sensitive requirements in the new Indian Telecom Security Assurance Requirements is access to source code - the underlying programming instructions that make phones work, Reuters reported, adding this would be analysed and possibly tested at designated Indian labs. The proposals, the report said, also require companies to make software changes to allow pre-installed apps to be uninstalled and to block apps from using cameras and microphones in the background to “avoid malicious usage”.

“Industry raised concerns that globally security requirement have not been mandated by any country,” said a December IT ministry document detailing meetings that officials ‌held with Apple, Samsung, Google and Xiaomi.

The security standards, drafted in 2023, are in the spotlight now as the government ‌is considering imposing them legally. IT ministry and tech executives are due to meet on Tuesday for more discussions, Reuters said citing sources.

MAIT asked the ministry last week to drop the proposal, a source with direct knowledge said.

The Ministry of Electronics and Information Technology also issued a statement, saying it “routinely conducts consultations on various aspects such as safety compliance”. “Following stakeholder consultations, detailed discussions are held with industry on different dimensions of security requirements. The Government remains committed to working closely with industry stakeholders and addressing their concerns in a constructive manner,” the statement read.

The India Cellular & Electronics Association (ICEA), the apex body for the electronics industry, clarified that this is not a new issue. 

“It is completely normal for the government to engage industry in such discussions — to ask technical and compliance questions and for the industry to respond with international practices and what might be possible or not,” said Pankaj Mohindroo, Chairman of ICEA, in a statement.