Centre’s Sanchar Saathi Mandate – Why Pre-Loading the Cybersecurity App on All Smartphones Has Sparked a Big Debate?

The Union government’s directive requiring every smartphone manufacturer — from Apple to Samsung and Xiaomi — to pre-install the Sanchar Saathi cybersecurity app has ignited a sharp political and industry pushback. While the Centre frames it as a crucial step to fight cyber fraud and recover stolen phones, critics argue it raises constitutional, privacy and competition questions, especially because the app cannot be removed by users.

What the New Government Order Requires

The Department of Telecommunications (DoT) has instructed all phone manufacturers to ensure that Sanchar Saathi comes pre-loaded on every device sold or imported in India within the next 90 days. For devices already in circulation, companies must roll out the app through software updates. Importantly, manufacturers have been told not to allow disabling or uninstalling the app, and to make its features visible during initial device setup.

The advisory, issued without prior industry consultation, warns that non-compliance will attract action — a formulation that has further raised industry anxieties about regulatory unpredictability.

What Sanchar Saathi Is Designed to Do

Developed by the DoT, Sanchar Saathi is both an app and a web portal meant to help citizens secure their mobile identity and report telecom-related fraud. It bundles multiple functions familiar from cybersecurity and consumer-protection tools, but under a single national interface.

These include:

• Chakshu reporting: For alerting authorities about suspicious calls, SMS or WhatsApp messages, such as fake KYC alerts, impersonation attempts and phishing links.
• Spam and UCC complaints: Users can report unsolicited commercial communication in violation of TRAI rules.
• Malicious link and app alerts: A mechanism to flag unsafe APKs, fraudulent websites and malware attempts across SMS, RCS, iMessage and OTT messaging services.
• Checking mobile numbers linked to one’s identity: Helps users spot SIM cards obtained fraudulently in their name.
• IMEI blocking of lost or stolen phones: Allows disabling a device from being misused and enables unblocking if recovered.
• Verifying device authenticity: IMEI validation for new or second-hand phones.
• Reporting international calls spoofed as Indian numbers: Helps detect illegal telecom routes and call masking.
• Identifying local ISPs: Lets users find wired broadband providers by PIN code or address.
• Verifying trusted contacts and helplines: A directory to check genuine customer-care numbers of banks and other institutions.

Since its launch, the platform has reportedly helped block 42 lakh stolen phones and recover over 7 lakh devices, reinforcing the Centre’s argument that widespread adoption can significantly curb telecom fraud.

Why the Government Says Pre-Loading Is Necessary

India’s large mobile user base — over 1.2 billion subscribers — has increasingly become a target for impersonation scams, phishing attacks, financial fraud and handset theft. Officials argue that fraud detection is only effective when reporting tools are universally available, especially for users who may not proactively download cybersecurity apps.

The non-removable nature of the app, the government says, is meant to ensure continuity of protection and uniform user access, not surveillance. Authorities underline that users must still report financial fraud separately to 1930 or the national cybercrime portal, but early fraud alerts from Sanchar Saathi help detect patterns at scale.

Why the Mandate Is Triggering Industry Pushback

The directive runs into established ecosystem norms, especially for companies like Apple, which strictly control system apps and do not allow permanent, undeletable third-party software. Even Android manufacturers, despite greater flexibility, fear this may open the door to future compulsory app mandates, complicating system design and software update processes.

According to industry sources cited by Reuters, manufacturers were not consulted before the order was issued. Companies are also concerned about compliance costs, implications for user experience, and potential conflicts with global privacy and security standards — particularly for devices that undergo independent certification in other jurisdictions.

Privacy and Constitutional Concerns Raised by the Opposition

The Opposition has described the mandate as an intrusion into personal devices, warning that a compulsory, irremovable government app could erode the right to privacy upheld by the Supreme Court as part of Article 21. Leaders such as KC Venugopal have termed it “beyond unconstitutional”, arguing that it creates the possibility — even if not the stated intent — of surveillance over citizens’ digital behaviour.

Others, including Shiv Sena (UBT) MP Priyanka Chaturvedi, have criticised the move as the state inserting itself into personal devices “through the backdoor”, urging that telecom-related grievances should instead be handled through stronger regulatory mechanisms and better redressal systems.

The Policy Questions the Directive Raises

The controversy over Sanchar Saathi is ultimately not about the usefulness of its features — many of which are widely praised — but about the principles of digital governance in India’s rapidly expanding telecom ecosystem.

Key questions emerging include:

• Should cybersecurity tools be placed on every device by government mandate, or chosen voluntarily by users?
• Can the state require an undeletable app without triggering constitutional concerns around informational autonomy?
• How should India balance public-interest cybersecurity with competition norms and the operational frameworks of global device manufacturers?
• Should mandatory apps be evaluated by an independent data-protection or cybersecurity authority before rollout?

These issues gain importance as India finalises its new Digital India laws, expands digital-public infrastructure, and operationalises the Digital Personal Data Protection Act.

What Happens Next

With the 90-day compliance window now ticking, manufacturers are expected to seek clarifications from the government or push for modifications to the order. Industry bodies may request that the app be made removable, or that pre-installation be optional but strongly recommended. Privacy advocates are likely to call for an independent audit of Sanchar Saathi’s data practices, even though the government maintains that it does not collect personal information beyond what is needed for specific services.

The outcome of these negotiations will shape not just the future of Sanchar Saathi, but also set a precedent for how far the state can go in embedding digital-public tools into private consumer devices — a question that sits at the heart of India’s evolving tech-governance landscape.