Explanation of India's politically controversial Sanchar Saathi cyber safety app

NEW DELHI, Dec 2 (Reuters) Indias new rule requiring smartphone manufacturers to pre-install a government-owned cybersecurity application on all fresh devices has sparked intense political debate, raising concerns over potential government surveillance in the country with the largest population in the world.

The application, named Sanchar Saathi or "Communication Partner," is now at the center of controversy involving major tech companies including Apple, Samsung, and Xiaomi. Manufacturers have been allotted 90 days to comply with the mandate.

Already available on Apple and Android app stores, Sanchar Saathi is promoted as a citizen-focused safety utility. It allows users to locate or block lost or stolen phones using their devices unique International Mobile Equipment Identity (IMEI) number. Additionally, it lets users check how many mobile connections are registered under their name, assisting in the detection and disconnection of fraudulent numbers linked to scams.

Other functions include reporting suspicious calls and verifying the legitimacy of used phones before purchase. On November 28, Indias telecom ministry privately instructed all smartphone makers to ensure the app is preloaded, visible, functional, and enabled from the first device setup.

The directive also mandates that users cannot disable or limit the apps features. For phones already in circulation, companies must distribute the app through software updates, potentially reaching over 735 million users, according to an industry insider.

The government emphasizes that the mandate aims to address serious threats to telecom cybersecurity caused by IMEI manipulation.

Sanchar Saathi Impact and Data Handling

The Indian government reports that Sanchar Saathi has been downloaded more than 10 million times and has assisted in blocking over 4.2 million lost or stolen devices, as well as terminating over 30 million fraudulent mobile connections.

The app, the government claims, does not automatically collect personal information without user consent. Its privacy policy specifies that iPhone users must grant permission for camera, photos, and files access for select functions. On Android, users are asked to provide access to call logs, messages, and call management features to detect numbers, in addition to camera and photo access.

Apple has expressed concerns over potential privacy and security risks. Counterpoint Research notes that more than 95% of smartphones in India run Android, while the rest operate on iOS.

Government Justification and Public Reaction

Authorities argue that criminals frequently clone or spoof valid IMEI numbers onto stolen devices, making tracking and hardware blocking difficult. With Indias large market for second-hand phones, the government also aims to curb the circulation of stolen or blacklisted devices.

The directive has become a hot topic on television and social media, drawing criticism from privacy advocates and opposition politicians. The main opposition Congress Party has demanded the policy be reversed, labeling it unconstitutional. The Internet Freedom Foundation, a free-speech organization, stated on X that it intends to challenge the rule until it is withdrawn.

(Reporting by Arpan Chaturvedi and Munsif Vengattil; Editing by Aditya Kalra and Thomas Derpinghaus)

Author: Sophia Brooks