Sanchar Saathi mandate raises privacy concerns as India orders mandatory preloading of the app on all smartphones.
Qalam Times News Network
New Delhi | 2 December 2025
Sanchar Saathi has once again moved to the center of India’s digital policy debate, this time for reasons that go far beyond lost phones. A new directive from the Department of Telecommunications (DoT) requires every major smartphone maker operating in India to preload the government-run cybersecurity app on all new devices—and to make it impossible for users to delete.
Here’s the thing: the government insists this step will strengthen the fight against cybercrime. But the Sanchar Saathi mandate, as outlined in Direction 7b of the order, also bars users from disabling its functions, raising pointed questions about privacy, data access, and state overreach. The Telecom Minister may have publicly denied any such compulsion, yet the written order tells a different story.
A Silent Order, a Big Market, and Bigger Questions
The directive, issued privately to Apple, Samsung, Xiaomi, Vivo, Oppo, and others on November 28, gives manufacturers just 90 days to comply. For the $48-billion mobile market, this is no small change. Devices already in supply chains must receive the app through over-the-air updates so that nearly India’s entire base of 1.2 billion mobile users eventually carries it.
And because the order wasn’t made public, transparency has taken a hit. Paired with government exemptions under the Digital Personal Data Protection Act—which allow state-run apps to bypass several privacy safeguards—the move has intensified worries about unchecked access to device-level data.
The source code isn’t open, the oversight mechanism isn’t clear, and the consultation process never happened. That combination has fueled fears that a tool presented as a fraud-prevention system could drift into mass surveillance territory.
Launched earlier in 2025, Sanchar Saathi has undeniably helped recover stolen phones and block fraudulent SIM cards. Its IMEI verification and device-blocking features echo existing systems like Apple’s Find My or Google’s Find My Device—but with a crucial difference: this one reports directly to the government.
Authorities say pre-installation guarantees higher adoption and stronger protection against scams involving spoofed devices or duplicate identifiers. But cyber experts point out that professional criminals can work around such tools with rooted devices, spoofed IMEIs, or foreign-sourced phones.
Market Tensions and Unintended Consequences on Sanchar Saathi
Manufacturers now face new integration costs and potential delays in product launches. Apple, known for its tight control over preloaded apps, may push back, potentially sparking regulatory conflict. Consumer groups, meanwhile, have objected to the inability to delete the app, calling it a step toward unwarranted data capture.
Rather than mandating a permanent government app on every phone, experts argue for investments where the system is actually failing:
- advanced digital forensic labs,
- training for police and prosecutors,
- interstate cyber units with operational powers,
- and multilingual public awareness campaigns.
These steps, they argue, would deliver real reductions in cybercrime without compromising the right to privacy or turning every smartphone into a potential surveillance device.
