The Indian government cannot seem to let technology giants catch a break. After the giants recently pushed back against a recently proposed law that required brands to enable satellite surveillance, the Indian government is back with another law. This time, the new proposed rules could force brands like Apple and Samsung to share their proprietary source code with the government.
The Indian Government wants access to proprietary source code
Reported first by Reuters, as a part of a broader effort to crack down on digital fraud and data breaches, the government has drafted 83 security standards under the Indian Telecom Security Assurance Requirements.
This would allow the government to force big tech like Apple, Google and Samsung to share the source code of its products for further vulnerability analysis and device control. Here's what the Indian government wants big tech to do:
- Source code Review: Requiring companies to submit source code for vulnerability analysis in Indian labs.
- Update Oversight: Mandating that manufacturers notify the government about major software updates and security patches before they are released to users.
- Device Control: Forcing changes that allow users to uninstall pre-loaded apps and strictly block apps from accessing the camera or microphone in the background.
- Surveillance: Devices need to store system logs for 12 months and run automatic "malware scans".
Now, tech giants have already pushed back hard, arguing these demands have no basis and do not make sense. In internal documents, the industry said it's not possible to share the source code due to secrecy and privacy risks.
As for the constant malware scanning, brands said it's not feasible as it would constantly drain batteries, and the storage would not be enough to share a year's worth of logs. A pushback was also reported by MAIT, India's industry body for the electronics and hardware sector, as it declared the Indian government's wants as impractical.
While the IT Ministry initially stated it would address industry concerns, it later issued a statement denying that it is seeking source code access. However, the language in the proposal documents clearly stated they wanted source code access.
The discussions are set to continue until both the government and tech giants find a middle ground between national security and industry feasibility. For those unaware, the IT Ministry lately seems to be infatuated with the idea of gaining access to location, following its other recent wants that were also denied by the tech giants.
The current government had also asked manufacturers to pre-install a government app called Sanchar Saathi, which it later pulled back. It should be interesting to see the middle-ground that the government and tech giants arrive on, and we hope the end decision doesn't compromise user privacy.
