In a world where data are extracted from individuals with or without informed consent, data and AI experts have called for building awareness and underscored the importance of extracting only relevant data at The Hindu Tech Summit 2026, hosted by The Hindu, presented by VIT, and co-presented Sify Technologies, in Chennai on Friday.

The session, ‘Data Privacy as a Pillar of Resilience: Building Trust in a Digital Age’, featured B. Jegadeeswaran, senior general manager-IT, TVS Automobile; A.N. Srinivasan, senior vice-president-IT, SRF Ltd.; Shivashanmugam Muthu, senior director, Capgemini Technology Services India Limited; and M. Sivasubramanian, VP and CDIO, Jk Fenner. It was moderated by Nagaraj, VP-Data and Analytics, The Hindu.

Underscoring the need for ascertaining whether the data being collected are necessary, Mr. Srinivasan said, “They [those who collect data] need to tell us the purpose of data collection. I have been part of one of the State government’s digital meetings… Some of the apps [used by that government] have 25-30 fields. But it is trying to reduce the number to 10. There is an effort not to capture unwanted, unnecessary data. My view is that the awareness exists at the governmental level itself. We need to be aware of why a website is seeking a particular piece of data and the purpose. Members of the public should be conscious of the data that they are giving.”

Speaking about the working of the Digi Yatra application, which ensures paperless travel at airports, Mr. Shivashanmugam Muthu said, “The Digi Yatra application works on the basis of consent. The data are stored in the local device and encrypted. All the protocol standards are well maintained. We made it possible. Let the AI be hungry for data but gather the right data.”

Mr. Sivasubramanian argued that it would be difficult to ensure privacy in a world that extracts so much data. “Googles and Youtubes know about you better than what you know about yourself. Your photos, videos, eating habits, search history… Data is like oxygen.”

As for building trust among senior citizens who find it difficult to navigate mobile applications and hesitate to give data, Mr. Jegadeeswaran said, “It can only be done through creating awareness. Their sons and daughters have to play a role.”

The story so far: The newswire agency Reuters reported that the Indian government was contemplating a requirement for smartphone makers to disclose their source code to third party testing agencies, and make this code open for review. A further requirement the agency reported was that phone makers would have to notify the government before pushing major software updates to user devices. The Union government has downplayed the nature of these conversations, and refuted the source code demand allegation.

What is source code?

Source code is the core repository of software programmes and their associated digital assets that drives a digital system. While some parts of the code, especially of Android phones, is open to begin with, there are significant modifications and adaptations that phone manufacturers make to that codebase. Also, each firm jealously guards the technology driving these respective changes. Source code is kept secret not just for commercial reasons, but also as a security measure. If a software system’s complete inner workings are visible to a malicious attacker, then the system is at risk of being probed for weaknesses that can be exploited, and can lead to data breaches and other types of cyberattacks.

Why is such a demand controversial?

It is highly unusual for source code of any kind of system to be disclosed outside a company, except perhaps in sensitive fields like defence, and that too in specific countries. Apple Inc., for instance, has not disclosed its source code to the Chinese government, even as the firm has carved out policies specific to that country to make user data stored on the cloud potentially more accessible in response to legal requests.

These reports have come shortly after a bruising episode for the government; just weeks before, the Department of Telecommunications (DoT) was at the receiving end of massive political and public pushback due to an order it sent to smartphone manufacturers to “pre-install” the spam reporting app Sanchar Saathi. There were widespread concerns that the app could be used for snooping at worst, and represent a security threat by a third party attacker at best. This was also a demand global smartphone makers generally don’t entertain.

But source code disclosure would be a far more intrusive demand, as it would require smartphone makers to essentially expose their entire code base to a third party. Cyber attackers that find and take advantage of software vulnerabilities often do so with aspects of computer systems that are visible externally; internal visibility would greatly amplify the risks of such vulnerabilities being found, especially if the source code includes detailed documentation on a system’s inner workings. As such, mobile phone operating systems, even if they are running on open source Android, do not expose every detail of their actual implementation.

Is the Indian government demanding that source code be made public?

In 2023, the National Centre for Communication Security (NCSS), under the DoT, finalised a document called an Indian Telecom Security Assurance Requirement (ITSAR) for “consumer equipment”. ITSARs are technical standards used in the Mandatory Testing and Certification of Telecommunication Equipment (MTCTE) framework, a key bureaucratic step for importing telecom gear into India.

The MTCTE framework stems from the Indian Telegraph (Amendment) Rules, 2017. However, shortly after the Telecommunications Act, 2023 was passed, the DoT and the Ministry of Electronics and Information Technology (MeitY) decided that the MTCTE regime should be done away with for smartphones, which already go through a certification process for India administered by the Bureau of Indian Standards. A senior MeitY official told The Hindu that since the baton had now been passed to the IT Ministry, the discussions were picking up where the DoT had left off. A press statement by MeitY stated that the IT Ministry was keeping an “open mind” and would decide on what was best for the country and for consumers. The India Cellular and Electronics Association (ICEA), which represents some smartphone firms, also downplayed the seriousness of the discussions.

The Internet Freedom Foundation, a digital rights advocacy group, pushed back on that denial, pointing out that the meetings the government was holding were not transparently conducted, and that the ITSARs remain public.

“If the government claims these proposals do not exist, it must explain the specific documentation currently hosted on its own website and also disclose the minutes of meetings,” IFF said in a statement.

“IFF asserts that “stakeholder consultation” cannot be limited to closed-door meetings with big tech giants. If the PIB’s claim that “no final regulations have been framed” is true, then the government should have no hesitation in releasing the current draft of the ITSAR for public scrutiny immediately. We reassert the need for transparency and an open public consultation.”