New Delhi, Dec. 2 -- On Monday, the Department of Telecommunications (DoT) issued a notification informing that it has developed a portal and a mobile application called Sanchar Saathi. It is aimed at checking the genuineness of a mobile set, reporting suspect fraud communications, tracking stolen phones, among other features.
This seemingly innocuous app (at first glance) created much brohaha due to the several clauses that accompanied the notification. DoT said that the directive states that the Sanchar Saathi mobile application must be pre-installed on all mobile handsets manufactured or imported for use in India. It adds that the pre-installed app must be clearly visible and accessible to users during first use or device setup and for devices already manufactured and present in sales channels, manufacturers and importers are instructed to deliver the app through software updates.
The government gives smartphone makers 90 days to ensure all new devices come with the government's Sanchar Saathi app, whose functionalities cannot be disabled or restricted.
As per Reuters' report, iPhone-maker Apple does not plan to comply with this mandate and will convey its concerns to the concerned authority.
Experts raise concern
Several security and privacy experts have voiced their concerns around a state-mandated security app, which under its privacy policy, can manage phone calls, send messages, access call and message logs, photos as well as the phone's camera.
"This is a very concerning move and totally alters the balance between user autonomy on what we buy and state-imposed security. Function creep is real, and considering the scale, this raises serious concerns about mass surveillance, tracking, profiling," said Mishi Choudhary, Founder, digital rights advocacy firm SFLC.in.
It may be noted that while the app was publicly notified yesterday, it was first launched in January, allowing users to check their mobile devices' IMEI, which is a 15-digit unique code that identifies them on cellular networks.
"Mobile handsets bearing duplicate or spoofed IMEI pose serious endangerment to telecom cybersecurity. Spoofed/ Tampered IMEIs in telecom network leads to situation where same IMEI is working in different devices at different places simultaneously and pose challenges in action against such IMEIs," DoT said in a statement.
Internet Freedom Foundation, a digital rights organisation, said that while the stated objective of curbing IMEI fraud and improving telecom security is a legitimate state aim but the means are detrimental to user privacy and autonomy.
"It requires that the pre-installed Sanchar Saathi application be 'readily visible' and that, 'its functionalities are not disabled or restricted'. In plain terms, this converts every smartphone sold in India into a vessel for state mandated software that the user cannot meaningfully refuse, control, or remove," the statement said. Echoing the statement, Sumeysh Srivastava, Associate Director-Public Policy at think tank The Quantum Hub said that mandatory pre-installation of the app appears disproportionate and ineffective.
"The app can't automatically scan IMEI numbers without user input, and its reporting functions are unlikely to be needed on a daily basis by most users. Anyone looking to commit fraud could simply use older devices or uninstall the app. Even if restrictions are placed on uninstallation, motivated bad actors can root devices and bypass such measures," he added.
The app also seems to raise questions about data collection, retention, and oversight mechanisms. This comes close on the heels of the recently rolled out The Digital Personal Data Protection (DPDP) Rules 2025 operationalise the DPDP Act, 2023 and set out detailed requirements for how organisations must collect, process, store, and delete personal data in India. The rules, notified in November 2025, require data fiduciaries to take clear consent from individuals, provide simple mechanisms to access, correct, update, or erase personal data, and ensure strong security measures.
SFLC's Choudhary said, "On one hand we are rolling out the DPDP Rules, OTOH, making thIS app mandatory and undeletable, the government effectively removes user consent as a meaningful choice, thereby violating the spirit and meaning of this act."
DoT issues clarification
Amid intense backlash, the Union Minister for Communications Jyotiraditya Scindia, stated that the Sanchar Saathi app is entirely voluntary and that users may activate it whenever they choose, as well as deactivate or delete it at any time.
He outlined the app's impact since launch, including over 21.5 crore portal visits, more than 1.4 crore app downloads, 1.43 crore mobile connections disconnected by users identifying numbers not belonging to them, 26 lakh lost or stolen phones traced with 7.23 lakh returned, 40.96 lakh fraudulent connections disconnected, 6.2 lakh fraud-linked IMEIs blocked, and Rs.475 crore in potential financial losses averted through the Financial Fraud Risk Indicator. Scindia said that digital security is the government's top priority and that Sanchar Saathi is intended for safeguarding mobile consumers, with users retaining full control over activation or deletion.
Published by HT Digital Content Services with permission from TechCircle.