Government set to release guidelines for smartphone makers to protect user data from data theft and abuse

In a bid to combat data theft, the government is set to release a set of guidelines and standards to device-makers. These especially include Chinese handset makers. [caption id=“attachment_3444748” align=“alignleft” width=“380”] Representational image. Thinkstock[/caption] In a report by The Economic Times, cybersecurity standards may be announced in a few weeks aiming at data and information protection. Sources in the IT Ministry suggest that the move comes in order to avoid abuse of information especially to servers which are not based in India. The move has come post the Indo-China tension which has become intense, off late. As per a report by the Business Insider, the Chinese browser called UC browser has come under the **government’s scanner** , since the Alibaba-owned browser has 50 percent of India’s market share. According to the report, recommendations to form the guidelines shall be taken from two governmental bodies, the Reserve Bank of India and Department of Telecom. They may also take suggestions from the ISO standards. Data stored in these smartphones vary from financial transactions, user location, emails, and medical records. Since it keeps user’s private information it can come in violation to the user’s privacy. The government has already **issued notices to 21 smartphone makers** out of which Chinese brands like Xiaomi, Vivo, Oppo, Huawei, OnePlus, Gionee have been notified. Meanwhile, companies like Apple and Samsung have also been notified. One notification has been pressed to Indian manufacturers like Lava and Micromax, as per ET. By 28 August, the smartphone-makers have to send their compliance. Meanwhile, the government is focussing on the smartphone’s operating system, its native apps, and the browser used by these companies. In its notification, it has asked the smartphone makers to list the steps it would take to guard user’s data. Infact the government will look into the devices for verification of their security claims if and when required. It has also warned of penalties under provisions of IT Act 43 (A) in case stipulated processes are not being followed.