Synopsis
India is prioritising strategic autonomy and control over AI and biometric hardware, following global trends. Concerns over trusted sources for IoT devices and potential espionage are driving this focus. Mandates for CCTV and telecom equipment highlight the government's commitment to securing digital public infrastructure.Listen to this article in summarized format
“When you’re such a large market and so reliant on various devices then you also need to have some degree of strategic autonomy. This is a concern not just for India. Europe and the US do it. We’ve started doing it in some sectors like telecom, and for CCTV cameras. We may have to expand it to a few more areas particularly in the context of AI,” Krishnan said at an event organised by policy think tank National Council of Applied Economic Research.
AI’s increasing footprint on disparate sectors from manufacturing to agriculture is enabled by the collection of huge amounts of data through sensors and various other Internet of Things (IoT) devices. These devices often end up being black boxes with no access, and the government needs to ensure they come in from trusted sources, Krishnan said.
This needs to be analysed from the perspective of both industrial espionage to strategic concerns, he added.
Krishnan cautioned the problem extended to even the digital public infrastructure (DPI) stack of government services involving biometric authentication done through a range of devices. “Both for AI and DPI, the integrity of the electronic systems and the way that runs is becoming more and more relevant,” he said.
In April 2024, the Ministry of Electronics and Information Technology introduced mandatory essential requirements for CCTV systems, mandating transparency on the origin of critical hardware such as the system-on-chip (SoC), and rigorous lab testing against unauthorised remote access.
Under the mandate, government departments are also restricted from buying non-certified surveillance hardware to prevent data from being leaked via foreign-manufactured firmware or hidden backdoors. Similarly, under the national security directive on the telecommunication sector, telecom operators are legally mandated to only source equipment from government-designated trusted sources and trusted products.
Krishnan’s comments suggest similar mandates may be brought in for other devices. He also referred to kill switches located abroad. A kill switch is an electronic or digital mechanism designed to instantly disable, shut down, or erase a device. A recent Niti Aayog report identified reliance on foreign “blackbox” hardware as a major national security threat, and warned that imported microchips may contain hidden backdoors or kill switches.
