The Union government’s order directing all smartphone manufacturers — including Apple, Samsung and Xiaomi — to pre-install the Sanchar Saathi cybersecurity app on every device has sparked intense political, legal and industry backlash. While the government positions it as a necessary move to combat cybercrime and recover stolen devices, critics argue the mandate raises concerns around privacy, constitutional rights and competition — especially since the app cannot be uninstalled.
What the New Order Mandates
The Department of Telecommunications (DoT) has instructed manufacturers to:
- Pre-install Sanchar Saathi on all smartphones sold or imported within 90 days.
- Release software updates to install the app on devices already in use.
- Ensure the app cannot be disabled or removed.
- Display its features during the initial device setup.
The advisory issued without consultation also warns of enforcement action for non-compliance, heightening unease among manufacturers.
What the Sanchar Saathi App Does
Developed by the DoT, Sanchar Saathi is a national platform aimed at reducing cyber fraud, identity theft and mobile misuse. Its key features include:
- Chakshu reporting: Flagging suspicious calls, messages and phishing attempts.
- Spam/UCC complaint system.
- Alerts for malicious links and unsafe apps.
- Verification of mobile numbers linked to a user’s identity.
- IMEI blocking and unlocking of lost or stolen phones.
- Verification of device authenticity.
- Reporting spoofed international calls.
- Directory of verified customer-care numbers.
Government data claims the system has already helped block 42 lakh stolen phones and recover over 7 lakh devices, reinforcing calls for wider adoption.
Why the Government Says It’s Needed
Officials argue that with 1.2 billion mobile users, India is increasingly vulnerable to phishing, impersonation fraud and handset theft. A mandatory, non-removable app, they say, ensures universal access and faster reporting — especially for users who may not install cybersecurity tools voluntarily.
Why Manufacturers Are Concerned
The directive challenges long-standing software and device policies. Apple, for instance, does not allow third-party undeletable apps. Android manufacturers fear this could set a precedent for future forced government app rollouts.
Industry worries also include:
- Compliance costs
- Software redesign requirements
- Conflicts with international privacy standards
- Lack of prior consultation
Political and Privacy Criticism
Opposition leaders have labelled the mandate an overreach and warned it may violate the right to privacy, affirmed by the Supreme Court as part of Article 21. Congress leader KC Venugopal called the move “beyond unconstitutional”, while Shiv Sena (UBT)’s Priyanka Chaturvedi criticised it as the government entering personal devices “through the backdoor”. Privacy experts argue that even if not intended for surveillance, a compulsory state app creates an architecture that could enable it.
The Larger Policy Debate
The controversy is less about the app’s utility and more about larger governance questions:
- Should cybersecurity tools be voluntary or imposed by mandate?
- Can the state require undeletable apps without violating informational autonomy?
- Should such tools undergo independent auditing under the Digital Personal Data Protection Act?
- Where is the line between public safety and intrusive governance?
These questions are critical as India expands its digital-public infrastructure and finalises new technology laws.
What Happens Next
With the 90-day compliance window running, manufacturers are likely to seek clarifications or request changes — such as making the app optional or uninstallable. Privacy groups are expected to demand independent audits of the app’s data practices.
The outcome will set an important precedent: How far can the government go in embedding digital-public systems into private consumer devices? The answer may influence India’s broader technology governance model in the years ahead.