A Citizen’s view of the Sanchar Saathi mandate

Please scroll down for an update, including a protocol-based alternative to mandatory app installs and a Tamil video discussion on this issue.

A new Government of India mandate on mobile security has triggered strong reactions. I wanted to view the Sanchar Saathi App requirement from a practical angle.

It is another day and another circular on mobile phone security. On 28 November 2025, the Department of Telecommunications, Government of India, asked all smartphone makers and importers selling in India to pre-install the Sanchar Saathi app.

Many privacy advocates and industry experts see this as overreach. I understand why. None of us wants apps on our phones that we did not choose. Still, I prefer to look at this mandate through a practical lens. As citizens, we must stay alert to government excess, but we also need to judge each move on what it actually does today.

At this point, there are no credible reports that Sanchar Saathi is spying, accessing data without permission, or draining battery. If such issues arise, they must be challenged without hesitation.

Right now, the app brings together emergency services that are otherwise difficult to access. Stolen phone cases are rising, and unsuspecting buyers often end up with blacklisted devices. The app lets you check if a handset is flagged by security agencies. It enables reporting of suspected fraud calls or illegal international calls. It also allows blocking a stolen phone using the IMEI number and invoice, which can prevent future misuse.

I found the SIM history feature useful. It shows all SIM cards issued in your name and allows you to report the ones you no longer use. This is a simple step towards reducing identity-linked risks.

These are not everyday needs, but when something goes wrong, the tools matter. Urban users may focus on privacy. But a large part of India still deals with routine fraud and identity misuse. If this app helps even a small segment avoid trouble, it has value.

The real concern is precedent. By mandating a pre-installed app, India now finds itself in the same bracket as Russia, where over 40 government apps are compulsory. That direction is worrying.

The Government should clearly state what the app will not do in the future and set up an oversight mechanism, ideally through a parliamentary committee. It should also be cautious about preventing a flood of mandatory apps from every department.

The undeletable nature of the app is a valid concern and needs thoughtful handling. And if the Government ever uses the app to snoop or control what we install or whom we call, it should be challenged forcefully in court. But rejecting a tool that is useful today because it may be misused tomorrow does not seem reasonable.

Follow-up

A number of you raised strong and thoughtful concerns about the mandate for this post in my social feed. The precedent of an undeletable government app, the risk of future misuse, the possibility of OS-level control, the lack of clear safeguards, and the fear that such moves could normalise surveillance architectures. Some also questioned whether utility today can justify a structure that may enable overreach tomorrow. These are serious points, and I’m sharing this follow-up to respond to the spirit of those concerns and clarify how I’m looking at the issue. Thanks.

Thanks for all the thoughtful comments and the links. I respect the concerns raised. The precedent of an undeletable government app is serious, and the questions around future updates, misuse, or a compromised signing system are valid. A democratic government must answer these clearly.

At the same time, cyber fraud in India is not abstract. It kills people, destroys families and has cheated even billionaires into sending crores. Digital-arrest scams often begin with stolen phones and forgotten SIMs. This app will not solve everything, but it targets a part of the problem that affects millions outside urban circles. Expecting voluntary installs works for us, not for most of India.

On my iPhone today, the app shows no intrusive permissions. No location, no file access, no OS-level hooks. On Android, I noticed the App requires reading SMS and Phone for sending and receiving SMS for activation. So some fears seem rooted in distrust, not observable behaviour. I will change my view if evidence emerges. Transparency audits and public scrutiny are essential.

If there are better ways to achieve the same security outcome: telecom mechanisms, optional installs, web tools, or integrations, civic society and experts should propose them to the Government rather than only criticise. Solutions matter more than complaints.

We should also extend this scrutiny to OEMs and Big Tech. They load devices with undeletable apps and bloatware, too.

For now, I am judging the app on what it is today, while watching closely how the policy evolves. Privacy and safety both matter, and neither can be ignored.

Update – 1

Later in the day, the Union Communications Minister, Mr Jyotiraditya Scindia, clarified that Sanchar Saathi is optional, can be deleted, and functions only after user activation. This is welcome, and I hope the Government now sets up an expert committee, drafts clear guidelines on this and the WhatsApp SIM-check requirement, and seeks public feedback the same way it did for the Prevention of Dark Patterns Guidelines.

Update – A protocol-based alternative to mandatory app install

A friend in Big Tech suggested an alternate path worth considering. Instead of the Government building and maintaining a standalone app, which has historically struggled with UI, backend quality and trust, the Government, after consultation with experts, could define a standard protocol and expose a secure backend API. Smartphone manufacturers would then implement this protocol. The UI for reporting fraudulent calls or SMS, checking device authenticity, or blocking a lost or stolen phone through IMEI could sit inside the default phone or messaging apps. Third-party apps built on the same protocol could also be bundled at the manufacturer’s discretion, while directing users to the official government app for additional features.

This is similar to how UPI works in India, a common backend standard that supports many front-end apps instead of one mandated interface.

A standards-based approach can retain all the public-safety and anti-theft benefits. IMEI blocking, fraud reporting, and SIM misuse checks, while avoiding the discomfort of mandatory, undeletable government software on every device. It also distributes responsibility. The Government secures the backend, and manufacturers deliver the user interface in a way that fits naturally into the phone experience.

I believe this model deserves serious consideration.

Discussion in Tamil on the Sanchar Saathi mandate