The Indian government is considering a sweeping new set of cybersecurity rules that could significantly reshape how smartphone makers operate in one of the world’s largest mobile markets. According to two Reuters reports, the proposal would require every smartphone manufacturer selling devices in India to provide government-designated laboratories with access to their proprietary source code for security review. The objective is to identify operating system–level vulnerabilities that could potentially be exploited by hackers, as part of a broader national push to strengthen digital security.

This source code review requirement is only one element of a much larger framework. In total, Indian officials have outlined 83 proposed security standards covering both hardware and software aspects of smartphones. By examining source code directly, authorities believe they can more effectively detect hidden flaws, backdoors, or weaknesses that traditional certification methods might miss. Given India’s rapidly expanding digital economy and the increasing reliance on smartphones for payments, identity, and government services, policymakers argue that stricter oversight is necessary to protect users and national infrastructure.

However, the proposal has already triggered strong pushback from the global tech industry. MAIT, an industry body representing major smartphone brands such as Apple, Samsung, Google, and Xiaomi, has reportedly told government officials that sharing proprietary source code is not feasible. The group argues that such a requirement conflicts with global privacy standards, intellectual property protections, and long-standing corporate secrecy practices. For companies that operate worldwide, creating a special exception for one market could also introduce legal and security risks elsewhere. In response, the Indian government has acknowledged these concerns and stated that it will work with industry stakeholders to address them during upcoming consultations.

Beyond source code access, the proposed standards include several user-facing and regulatory changes. Smartphone makers may be required to notify the government ahead of major software updates, give users clearer controls to block apps from accessing the camera, microphone, and location data in the background, and allow most pre-installed apps to be uninstalled, except those essential for core phone functionality. Together, these measures suggest a dual focus on national security oversight and stronger consumer privacy controls.

For now, the proposals are not legally binding. The Indian government is expected to enter detailed discussions with key smartphone OEMs to refine the requirements and assess their practicality. Whether the final rules will mandate source code sharing, or settle on a less intrusive alternative, remains uncertain. What is clear is that India is signaling a more assertive approach to smartphone security regulation, one that could have far-reaching implications for manufacturers, users, and the global mobile industry.