The Union government has directed smartphone manufacturers to ship all new handsets sold in India with the state-run Sanchar Saathi cybersecurity app pre-installed within 90 days, a move aimed at strengthening telecom security that has drawn sharp criticism from privacy advocates and raised compliance questions for global phone makers.
The Department of Telecommunications (DoT) issued directions requiring device makers to ensure the Sanchar Saathi app is “readily visible and accessible” during first-time device setup, and that its functionalities “cannot be disabled or restricted.” The directive also asks manufacturers to push the app via software updates to phones already in the supply chain and to submit compliance reports to the government within 120 days.
Government rationale
Authorities say the app helps users verify a handset’s IMEI the 15-digit identifier used on mobile networks report lost or stolen devices, and flag suspected telecom fraud. The DoT emphasised that duplicate or spoofed IMEIs undermine network security and facilitate resale of stolen phones, causing financial loss to unwitting buyers. The government argues that wider availability of Sanchar Saathi will curb such abuses and bolster user protection.
Privacy, surveillance and industry pushback
Digital rights groups have warned the order risks converting every handset sold into a vector for state-mandated software with broad permissions. The app’s Play Store listing and privacy statements show it requests access to call and message logs, camera, photos and files permissions that critics say could be misused or expanded over time.
Industry observers note a tension between the directive and global device makers’ policies. Apple, which enforces strict controls on pre-installation and app management on iOS devices, has reportedly indicated it will not comply with forced preloads. Other smartphone firms particularly Android OEMs with large market share in India face practical and contractual hurdles in implementing a non-removable system app. Reuters and other outlets have reported the directive was circulated to manufacturers in late November.
Government says app is voluntary but rules conflict
Following public criticism, Communications Minister Jyotiraditya Scindia posted that users may delete the app if they do not wish to use it. However, the DoT directions explicitly state that the app’s functionalities cannot be disabled or restricted and that it should be visible at initial setup an apparent contradiction that legal and technical experts say needs clarification.
Scale and precedent
India is one of the world’s largest smartphone markets, with more than a billion mobile subscribers. While the Sanchar Saathi initiative launched earlier this year has been credited by officials with helping recover lost phones and curb fraudulent connections, mandating its preload places India alongside a handful of countries that require state apps on consumer devices a policy that has previously provoked international pushback.
What comes next
Manufacturers must report compliance in 120 days. Legal challenges, industry negotiations over implementability, and potential revisions to the directive are likely. For users, the near-term questions are whether the app will truly be removable in practice and how data collection and retention will be regulated and audited. Digital rights groups say the government should publish a clear, binding privacy and audit regime if the app is to be widely deployed.