Cyber ​​Security: The government is cracking down on cyber security, and apps will no longer be able to arbitrarily use cameras and microphones..

The Indian government is preparing to tighten its grip on mobile phone manufacturers to combat cybercrime and digital espionage. Under new communication security norms, the use of cameras and microphones by phone companies' apps will be controlled to prevent misuse of these technologies.

According to proposed confidential documents, mobile companies will have to provide the government with source code and programming information related to the phone's operation. This will be analyzed in a lab located in India, and can be investigated if necessary. Additionally, changes to the software will be mandated to allow for easy removal of pre-installed apps on phones.

What else will be regulated?
The government wants to prevent apps from having unnecessary access to the phone's camera and microphone. Although apps currently request permission before accessing these features, the government's proposal will require regular warnings related to app permissions. This will allow users to know which app is accessing what.

In addition, there will be numerous efforts to combat cyber threats. Automatic malware scanning will be conducted periodically. Companies are now required to provide complete information to the National Centre for Communication Security before launching any software update or security technology. This will give the government the right to test these technologies at any time.

Eight key objectives of the proposal:
1. Periodic automatic malware scanning
Under this provision, smartphones will automatically scan for viruses and malicious software. This will help in quickly detecting Trojans, spyware, and apps involved in banking fraud. Users will also not need to install a separate antivirus app.

2. Information on all software updates
Under this, phone companies will now have to provide the government with complete details of every major and minor software update. This includes what changes were made in the update, what new permissions were added, and what new security features are included. This will prevent any hidden threats from being introduced through updates.

3. Mandatory notification before update launch
Companies will not be able to release any new software or security features without informing the government. They will have to notify the government before launching anything. The update will then be made live, as rushed, insecure, or risky updates often pose a threat. This will make it easier to prevent them.

4. Central Government's Right to Testing
The government will have the right to independently test any mobile software, its security features, or system updates. This will help identify vulnerabilities related to national security.

5. Phone Activity Data to be Stored for One Year
Technical activity data (log data) related to the phone must be stored for at least one year. This will allow investigative agencies to analyze it if needed.

6. Regular Warnings on App Permissions
Users will be repeatedly informed about which apps are using the camera, microphone, location, or storage. They will be asked whether these permissions are necessary or not. This will make users aware and help them identify hidden threats.

7. Alerts Regarding Tampering and Remedial Measures
If any tampering or unauthorized changes are detected in the phone's software or system, the user will receive an immediate warning. Remedial measures and security instructions will also be provided.

8. Restriction on Installation of Older Software Versions
The installation of older, insecure, or vulnerable software versions will not be allowed on phones. This will help prevent users from intentionally making their phones insecure by removing security patches.

Tech Giants Opposing the Standards
According to sources, the draft of this proposal was prepared in 2023, but now the government wants to implement it legally. The Ministry of Electronics and Information Technology may hold a meeting with representatives of tech companies regarding this. The government has also set 83 security standards, which the companies are opposing. This plan is among Prime Minister Narendra Modi's priorities. Its objective is to strengthen the cybersecurity system and protect people's personal information. India is the world's second-largest smartphone market, with approximately 750 million smartphones in use.

Tech giants are strongly opposing this government plan. They say that the confidentiality of source code is extremely important to them. There have been similar cases in the past that mobile companies have opposed. For example, Apple rejected demands from Chinese and US agencies between 2014 and 2016.  MAIT (Manufacturers' Association for Information Technology) stated that providing source code would not be possible due to privacy concerns. MAIT also urged the government to withdraw the proposal.

MAIT argues that continuous malware scanning would drain the battery quickly. Furthermore, phones do not have sufficient storage to retain a year's worth of phone log data. Companies also argue that obtaining government approval for every update is not practical.

Disclaimer: This content has been sourced and edited from Amar Ujala. While we have made modifications for clarity and presentation, the original content belongs to its respective authors and website. We do not claim ownership of the content.