- The concern is that information could be sent to third-party servers in foreign locations.
- 21 mobile makers including Samsung, Apple, Micromax, Karbonn and Lava and majority Chinese vendors like Xiaomi, OPPO, Vivo.
- Based on the response of the companies, the Ministry will initiate verification and audit of devices where required.
The government has asked all smartphone companies, majority of them Chinese manufacturers, to outline the procedures and processes adopted by them to ensure security and privacy of users’ data. The directive comes amid standoff between India and China over Doklam, as also rising concerns over imports of Chinese IT and telecom products.
The concern is that information could be sent to third-party servers in foreign locations, which would raise security concerns and violate user privacy. According to The Times of India report, citing a source, an official said government is particularly concerned about the role of Chinese companies in this "activity" such as Xiaomi, Vivo, Oppo, and Gionee. But, the notice has also been sent to 21 mobile makers including Samsung, Apple, Micromax, Karbonn and Lava.
“The ministry has given time till August 28 to all companies to furnish their responses,” a senior IT Ministry official said. The official pointed to international and domestic reports about data leaks from mobile phones and said that in the first phase, devices and preloaded software and apps will be under scrutiny.
Based on the response of the companies, the Ministry will initiate verification and audit of devices where required. It has also warned of penalties under provisions of IT Act 43 (A) in case stipulated processes are not being followed. The official said the objective of the exercise is to ensure that required data security measures are being taken with regard to hardware and software in mobile phones.
In all, the IT ministry has written to 21 smartphones makers and majority of these companies are Chinese device manufacturers, the official said. “Any device sold in the country should be compliant with global security standards. If companies fail to comply, further action will be taken,” said the official who did not wish to be identified.
IT Minister Ravi Shankar Prasad had called a meeting of senior officials in the department, and representatives of Cert-In and others on August 14 to take stock of the situation, the official added. The official added that the issue was critical given surge in e-commerce transactions and digital payments.
With inputs from PTI
Last Updated 31, Mar 2018, 6:50 PM