21 smartphone companies under scrutiny; Indian government asks for security info

After multiple reports of data leakage and theft online across different platforms, the Indian government is asking several smartphone makers to share security related information. The government is asking these smartphone makers to share the security procedures that they follow to ensure data security on their phones.

The Ministry of Electronics and Information Technology said that it has asked 21 smartphone makers to share information regarding the steps they are undertaking to ensure security on their smartphones.

Among the 21 companies that were sent this notice, there are several Chinese companies like Xiaomi, Oppo, Vivo and Gionee. The list also includes popular tier-1 companies like Apple and Samsung. Some Indian companies like Micromax also figure in this list.

The government has asked the 21 smartphone companies to file their security compliances by August 28. Additionally, the sources also mention that security audits may be undertaken to ensure compliance.

In case any company is found to be in violation of the security norms, the government will levy penalties on them.

An official was quoted as saying,

“The first step in that direction is that we have asked the mobile companies to inform us what are the security procedures and processes that have been taken by them to ensure the security of the data of the users and their privacy... We want to make sure that any device that is sold in the country should be safe.”

While the source did not reveal the quantum of penalties, according to Sec 43(a) of the IT Act, any company found to be in violation of rules can attract penalties of up to Rs. 5 crore along with a provision for unlimited compensation.

This move comes at an extremely important time. With the government’s push for digital payments seeing a good amount of reception, data security becomes that much more crucial. Additionally, with the recent data leaks and malware attacking users worldwide on different platforms, a security compliance check is required.