India's move to mandate smartphone source code sharing has sparked legal and tech concerns. Analysts warn it could affect IP protection and foreign investment. The government clarifies discussions are ongoing, not finalised.

India’s reported move towards mandating source code sharing by smartphone manufacturers has triggered concern across the legal and technology ecosystem. Analysts warn that any rigid requirement could undermine intellectual property protection and weigh on foreign investment sentiment. Currently, the government maintains that no such mandate has been finalised and that discussions remain consultative in nature.

The issue gained traction after a report by Reuters suggested that Indian authorities were considering access to smartphone source code as part of enhanced mobile security standards. The government has since clarified that this is part of an ongoing consultation process rather than a binding directive.

'Source code is everything for OEMs'

Faisal Kawoosa, Founder of analyst firm TechArc, was categorical about the industry’s likely response. “Source code is everything for OEMs. It is their secret recipe and IP. How can they share it with the government or anyone else,” Kawoosa said. He added that no original equipment manufacturer is likely to agree to direct source code disclosure.

Kawoosa suggested that a more workable alternative already exists. “At best, OEMs will be open to scrutiny by a third-party testing facility or through a government standards agency which can certify. We already have CERT to keep an eye on internet vulnerabilities. Maybe that can be engaged to validate the source code and certify devices before they are allowed in India,” he said, referring to Indian Computer Emergency Response Team.

Legal and IP concerns take centre stage

From a legal standpoint, Tony Verghese, Partner at JSA Advocates & Solicitors, described the proposal as a significant regulatory development that raises multiple red flags. “While such measures may be intended to strengthen security oversight, it raises important legal concerns relating to protection of proprietary technology, intellectual property rights and confidentiality obligations,” Verghese said.

He also pointed out that even a consultative move towards accessing manufacturers’ software source code would require careful legal framework analysis. According to him, the challenge lies in balancing national security objectives with investor confidence and contractual obligations tied to global technology platforms.

Impact on India’s smartphone hub ambitions

India has positioned itself as a major smartphone manufacturing hub under its production-linked incentive programmes. However, Verghese cautioned that compulsory disclosure could affect this trajectory.

“From a manufacturing and investment perspective, compulsory disclosure of source code could impact India’s attractiveness as a smartphone manufacturing hub, particularly for multinational companies operating on globally standardised platforms,” he said. He added that such a move may also influence foreign investment decisions at a time when India is competing with other Asian manufacturing bases.

Scope for a balanced outcome

Prachir Singh, Senior Research Analyst at Counterpoint, believes the final outcome may not be as disruptive as initial reports suggest. “If it is enforced rigidly without global precedent, it could deter further localisation and slow supply chain shifts,” Singh said. “However, the government’s openness to address concerns suggests a balanced outcome.”

Consumer privacy and security questions

Beyond industry and investment concerns, analysts note that any framework involving source code access must also address consumer privacy and data security. Verghese emphasised the need for robust safeguards to ensure that increased oversight does not introduce new vulnerabilities or misuse risks.