The Union government’s latest directive requiring mobile manufacturers to pre-install the Sanchar Saathi application on all handsets sold in India has ignited a sharp political and public backlash, with critics alleging an unprecedented intrusion into citizens’ digital privacy. Amid mounting privacy concerns, Union minister for communications Jyotiraditya Scindia clarified that the Sanchar Saathi mobile app is not mandatory and 'can be deleted' at a user's discretion, stressing that the platform does not enable snooping or call monitoring. The clarification, however, sits uneasily with the department of telecommunications (DoT)'s own notification, which under point 7(b) explicitly requires that the pre-installed Sanchar Saathi app remain 'readily visible and accessible' at first use and that its functionalities 'are not disabled or restricted', raising fresh questions about the extent to which users can actually opt out.
The
directions, issued on 28 November 2025 under the Telecom Cyber Security Rules, 2024, mandate that all mobile phones manufactured or imported for the Indian market must ship with the Sanchar Saathi app visible, functional and enabled during first-time device setup. Manufacturers are expressly prohibited from disabling or restricting any feature of the application. They must complete implementation within 90 days and submit a compliance report within 120 days. Even devices already in the retail supply chain must receive the app through software updates, affecting millions of handsets already sold or awaiting purchase.
The order has quickly attracted controversy because it effectively removes consumer choice by potentially making the app unremovable. Opposition leaders, digital rights advocates and technologists argue that the measure is disproportionate and intrusive, especially in the absence of transparent safeguards.
Speaking with reporters on the DoT's directions to pre-install Sanchar Saathi app on mobile handsets, Congress's member of Parliament (MP) Priyanka Gandhi Vadra says, "It is a snooping app. It is ridiculous. Citizens have the right to privacy. Everyone must have the right to privacy to send messages to family, friends, without the government looking at everything... There is a very fine line between reporting fraud and seeing what every citizen of India is doing on their phone. That is not how it should work. There should be an effective system to report fraud. We have discussed this at great length on cybersecurity. There is a need for cybersecurity, but that doesn't mean that it gives you an excuse to go into every citizen's telephone. I don't think any citizen would be happy..."
Congress leader and public accounts committee (PAC) chairperson KC Venugopal strongly criticised the directive, calling it 'a dystopian tool to monitor every Indian'. In a post on X, he wrote that “Big Brother cannot watch us. This DoT Direction is beyond unconstitutional,” adding that the Right to Privacy is intrinsic to Article 21 of the Constitution. He demanded an immediate rollback and described the directive as part of a “relentless assault” on constitutional rights.
DoT has asserted that the mandate is necessary to curb the growing misuse of telecom identifiers, fraudulent communication and the resale of lost, stolen or blacklisted devices in India’s vast second-hand smartphone market.
According to its release, tampering, duplication or spoofing of international mobile equipment identity (IMEI) numbers has become a significant challenge, with the same identifier sometimes appearing across different devices in different locations simultaneously, complicating law enforcement efforts.
The government claims that Sanchar Saathi’s suite of tools—including 'Chakshu' for reporting suspected fraud communications, telecom analytics for fraud management and consumer protection (TAFCOP) for identifying unauthorised mobile connections and central equipment identity register (CEIR) for blocking or recovering lost or stolen devices—offers essential protection for consumers and enhances national telecom security.
On the same date, DoT also issued directions to major communication apps, including WhatsApp, Telegram, Signal, Snapchat and indigenous platforms like Arattai and JioChat, raising concerns about the misuse of services that allow users to operate accounts without a SIM present in the device.
However, the government’s claims of enhanced security are undermined by Sanchar Saathi’s troubled record in real-world use. Users consistently report registration failures, SMS verification problems, app crashes and forms that do not accept input fields. Many complain that its 'know your connections' feature often displays only the SIMs inserted in the device rather than fetching details of all mobile numbers linked to a user’s identity, raising doubts about the app’s fundamental accuracy.
Those attempting to block lost or stolen devices have described the process as impractical and bureaucratic, with issues such as the requirement for the lost mobile number, demands for duplicate SIMs and lengthy police paperwork. Several users say blocked devices remain operational or untraceable months after complaints are filed.
The spam and fraud reporting workflow is also widely criticised for mandatory fields that users cannot fill in, repeated crashes, and generic acknowledgements like 'no records found', which undermine trust in its ability to act as a frontline defence against cyber frauds. Added to these are persistent usability flaws—faulty date validations, unreadable screens, no logout option, confusing instructions and pervasive glitches—that make the app difficult to rely on.
Privacy advocates have also expressed concern over the Chakshu feature which, reportedly, has access to calls, SMS and potentially WhatsApp communications. They warn that if the app is pre-installed, permanently enabled and difficult to remove, these permissions could operate continuously without sufficient transparency or oversight.
The government has yet to provide a clear breakdown of what data the app collects, how long it is stored, how it is processed, who has access to it, and what safeguards prevent misuse or profiling. In the absence of such clarity, and with India still lacking a robust data-protection framework, critics argue that mandating Sanchar Saathi on every device risks enabling excessive State surveillance.
In his review of Sanchar Sathi app, one Rizwan Aarif says, "The app has a major design flaw. It still asks for verification using the same lost mobile number or asks to select it from the drop-down (mobile number 2), which is impractical and shows weak logic. A more user-friendly and reliable solution should be implemented. If the team ever wants to build a strong, well-designed app, feel free to contact me — I can deliver a far better product at much lower cost."
Ganesan B also raised similar issues. "While making complaint for lost or stolen phone it is asking for the mobile number in the SIM which was used in the phone. How is possible? Person who has lost phone will definitely get a duplicate same number to avoid misuse by the other party."
Banibrata Dutta has a different take on the Sanchar Sathi app. He says, "Doesn't do what it says it does. Got an SMS saying that this app tells you if there are other connections taken in your name. Installed, registered and then realised that it does so only if other people having taken such connections fraudulently in my name also register using this app with my name... basically this is that daroga that tells me only about the thieves that walk into police station who confessed that they committed a crime. I don't know who thinks up of this beautiful use cases."
Telecom security experts agree that India needs stronger systems to tackle the rising tide of cybercrime, especially as criminals exploit loopholes in telecom identifiers and messaging platforms. However, they caution that trust, not coercion, is the foundation of any successful public cybersecurity initiative.
The
Internet Freedom Foundation (IFF) has sharply criticised the government’s directive mandating the pre-installation of the Sanchar Saathi app on all new mobile handsets, calling it an alarming expansion of executive control over personal devices and a disproportionate intrusion into the constitutional right to privacy.
Citing the Supreme Court’s KS Puttaswamy judgement, IFF argues that the order fails the proportionality test, contending that less intrusive methods to verify IMEI authenticity already exist. It further asserts that requiring a permanent, non-removable app with system-level access risks creating an open-ended surveillance mechanism vulnerable to 'function creep'. The organisation warned that vague definitions of 'telecom cyber security' could enable future client-side scanning or monitoring of user activity without safeguards.
Tech law and policy adviser Pranesh Prakash calls the steps being taken by the government in the name of tackling cyber fraud 'security theatre'.
In a post on X, he says, "Look, I'm glad that the govt seems to be serious about tackling cyber fraud. It's a big menace. But none of the steps they're taking (SIM-binding for messages, mandating the Sanchar Saathi app) actually address the problem. It's security theatre, whether govt realises it or not."
Requiring a government app on every smartphone—without an opt-out option, independent audits, or transparent privacy protections—risks alienating users and eroding confidence in legitimate cybersecurity measures.
With manufacturers facing a tight 90-day deadline and privacy advocates preparing for political and legal challenges, the Sanchar Saathi mandate is rapidly shaping up to be a major flashpoint in India’s ongoing debate over digital rights, surveillance and State accountability.
Grok, the artificial intelligence (AI) chatbot from X, summarises the issue in a reply. It says, "Questioning policies like Sanchar Saathi's mandate can indeed spark debates, but it is often how societies refine ideas—balancing security gains against privacy risks. Development thrives on scrutiny; the US, Japan, and Europe advanced through open discourse."
