/indian-monitor-live/media/media_files/2025/12/07/sanchar-saarthi-2025-12-07-09-55-06.jpg)
Follow Us
The government’s decision to withdraw its order mandating pre-installation of the Sanchar Saathi cybersecurity app on all new smartphones marks an important moment in India’s digital governance journey. It is more than a tactical retreat after two days of protests by opposition leaders and civil society groups. It reflects a deeper tension between the state’s responsibility to protect citizens from cybercrime and its obligation to safeguard their fundamental rights. In a society where mobile devices have become essential gateways to banking, welfare, learning and healthcare, digital security is indispensable. But digital rights are indispensable too.
The Communications Ministry insists the mandate was a well-intentioned step designed to accelerate access to a tool that has demonstrated clear public benefits. Sanchar Saathi, launched in January 2025, has produced tangible results: more than 42 lakh lost or stolen phones blocked, over 26 lakh devices traced, more than seven lakh returned to their owners and more than one crore downloads. Fraudulent connections, identity theft and device cloning have been curtailed, and the Financial Fraud Risk Indicator is credited with preventing losses of nearly five hundred crore rupees. As cybercrime surges nationwide, these are not trivial achievements.
Nevertheless, intentions cannot override constitutional norms. The government’s explanation that rapidly growing downloads made the mandate unnecessary is technically true, but it sidesteps the more fundamental concern: a compulsory pre installation order, even for a security tool, crosses a line in a democracy. India’s digital environment is shaped by a heightened sensitivity to privacy, fed by earlier controversies over surveillance and data misuse. When opposition leaders compared the mandate with practices in authoritarian states or described it as a step towards a surveillance society, they were channelling anxieties that extend beyond partisanship. Trust is fragile, and any perception of forced technological compliance undermines it quickly.
The government tried to reassure citizens that the app is secure and can be deleted. Communications Minister Jyotiraditya Scindia repeated this in Parliament, stating that snooping is impossible and deletion is a democratic right. But deletion alone does not address the unease that arises when the state installs something on personal devices without prior consent. Many users have encountered pre-loaded software that cannot be removed fully and that continues to operate in the background. In this context, assurances carry less weight than transparent architecture and verifiable safeguards.
This backlash did not arise from misinformation but from substantive concerns raised by civil-rights groups, privacy researchers and technology-policy experts. Their objections clustered around five broad themes, each illuminating the friction between cybersecurity and democratic accountability.
The first centred on consent. Critics noted that while Sanchar Saathi may activate only when a user registers, compulsory pre installation renders consent meaningless. The government countered that installation alone does not constitute activation and that the app can be removed, but civil-rights groups argued that choice must be genuine, not symbolic.
A second critique focused on transparency. No public privacy-impact assessment or independent security audit has been published. Without external scrutiny, assurances about minimal data collection remain unverified. Officials responded that full code audits may expose vulnerabilities to fraud networks, but this only strengthened the demand for structured oversight.
Third, civil society raised fears of function creep. Even if the current version of the app accesses only basic identifiers, mandatory presence across all devices could, in theory, enable more intrusive functions in the future. The government dismissed this as speculative and stressed the app’s narrow permissions, yet in a nation still haunted by the Pegasus scandal, speculation itself carries weight.
A fourth concern involved due process. The mandate arrived abruptly and without wide consultation. Manufacturers, privacy advocates and digital-rights organisations all expressed surprise. The swift withdrawal reinforced perceptions that the policy had not been fully considered. Supporters argued that escalating cybercrime justified decisive action, but critics insisted that democratic governance requires consultation and predictability.
The fifth red flag came from technical experts who warned that pre-installed apps can unintentionally create new vulnerabilities. Older devices, fragmented operating systems and inconsistent OEM security practices complicate secure deployment. A single compromised app on a billion devices would present a national cyber risk. The government maintained that Sanchar Saathi uses limited privileges and is vetted by platform providers, but the wider question of secure implementation across diverse hardware remains unresolved.
Taken together, these critiques reflect a growing understanding that cybersecurity initiatives must be anchored in public legitimacy. A tool designed to protect users cannot succeed if it erodes trust by the manner of its deployment. Sanchar Saathi’s strengths are real, but they cannot compensate for the political and legal risks introduced by a top down mandate.
The rollback is therefore not a setback but an opportunity. It creates space for a more collaborative, rights respecting architecture for digital security. India could pursue several reforms that preserve the utility of tools like Sanchar Saathi while reinforcing public confidence. Independent audits and periodic transparency reports would help demonstrate the app’s compliance with privacy principles. Device makers could offer Sanchar Saathi as an optional recommendation during initial setup rather than a pre-installed component. Telecom operators could integrate fraud detection and identity verification features within their own platforms, reducing the need for system level applications.
Most importantly, the government could establish a structured consultation framework for digital governance. A predictable process that includes civil society, industry experts and Parliament would improve the quality and legitimacy of policy decisions. India is entering an era in which digital tools will increasingly intersect with state functions. The frameworks supporting them must be robust, transparent and accountable. Sanchar Saathi remains a promising instrument for combating cybercrime. Its features help millions of users secure their devices, monitor suspicious activity and reclaim digital identities.
But its success, like all public digital infrastructure, depends on voluntary adoption and sustained trust. The rollback signals that the government recognises this balance. It is now essential to deepen that recognition through policy design that respects both the need for safety and the rights of citizens.
In the digital age, security cannot trump privacy and convenience cannot eclipse consent. The most effective cybersecurity tool is not an app but the confidence of the public. Sanchar Saathi can still embody that confidence, but only if it remains rooted in transparency, participation and democratic
accountability.
