The ministry of electronics and IT has asked 21 smartphone making companies share the security procedures and processes they follow to ensure the security of mobile phones, following national and international reports of data leakage and theft.
The government has given the companies, a large majority of which are Chinese, time till August 28, to revert with the details of processes they follow. The ambit of ensuring security will include the device, its operating system, the browser on the device and pre?-loaded apps.
“There’s a need to ensure safety and security of mobile phones or smartphone… that hold valuable information of users as they use the phone to make digital payments and have personal data,” a senior official in the ministry said.
“Action will be taken against the devices that fail the verification, and audit if needed,” the official added. “We cannot ignore that data is being leaked to a third country… Data is a big resource now and it’s important to us to ensure it is safe.”
As per the IT Act, section 43 (a), a company is responsible to make sure that it keeps the data of users safe, and the rules have to be complied with. There’s a provision of unlimited compensation and penalties of Rs 5 crore through state level arbitrators.
The official added that cases of contact lists, text messages being leaked have surfaced internationally and locally, while there was an issue of data on remote servers. A number of companies selling phones in India are Chinese and most of their servers are not in India.
The official added that testing and verification of devices will be done in India, and the government was upgrading the testing facility in existing labs.