Government Access to Source Code

By /

Syllabus: Government policies and interventions for development in various sectors and issues arising out of their design and implementation

Context

  • Media reports suggested the Indian government considered seeking smartphone source code access.
  • Reports also mentioned prior government notification before major software updates.
  • The Union government refuted claims of mandating public disclosure of source code.

What is Source Code

  • Source code is the core set of instructions operating software and digital systems.
  • Smartphone manufacturers modify base software, including open-source Android, for proprietary functions.
  • Companies guard source code for commercial competitiveness and cybersecurity protection.
  • Full visibility of source code can expose vulnerabilities to malicious cyberattacks and data breaches.

Why the Issue is Controversial

  • Disclosure of source code outside companies is globally uncommon, except in limited defence contexts.
  • Even countries like China have not received Apple’s complete source code, despite regulatory pressures.
  • Mandatory exposure of internal code significantly increases risk of exploitation by attackers.
  • Previous controversy arose when the Department of Telecommunications sought pre-installation of the Sanchar Saathi app.
  • That order faced criticism for potential surveillance risks and third-party security vulnerabilities.
  • Source code disclosure is seen as far more intrusive than application-level compliance requirements.

Government’s Position and Regulatory Background

  • In 2023, the National Centre for Communication Security finalised ITSAR standards for consumer telecom equipment.
  • ITSARs operate under the Mandatory Testing and Certification of Telecommunication Equipment (MTCTE) framework.
  • MTCTE originates from the Indian Telegraph (Amendment) Rules, 2017.
  • After the Telecommunications Act, 2023, smartphones were shifted away from MTCTE oversight.
  • Certification responsibility moved to the Ministry of Electronics and Information Technology and Bureau of Indian Standards.
  • MeitY stated it is maintaining an open mind, with no final decision taken.

Concerns Raised by Civil Society

  • The Internet Freedom Foundation questioned lack of transparent consultations.
  • It highlighted that draft ITSAR documents remain publicly available.
  • IFF demanded disclosure of meeting records and open public consultations.

Conclusion

  • The debate reflects tensions between national security, digital sovereignty, industry confidence, and user privacy.
  • Transparency and proportional regulation remain central to maintaining trust in India’s digital governance framework.

Related Posts

This will close in 0 seconds

Scroll to Top