The Indian authorities’s determination to mandate the Sanchar Saathi software on each smartphone bought or activated within the nation marks a major and worrisome shift in how the state positions itself inside the private gadgets of over a billion residents.
On 28 November 2025, the Division of Telecommunications ordered all handset producers and importers to pre-install the Sanchar Saathi software on each cellphone supposed for the Indian market, making certain the app is seen and purposeful from first boot. Units already manufactured or already in circulation should obtain the app through software program updates, with producers given 90 days to conform and 120 days to submit formal adherence experiences.
The initiative itself, launched in Might 2023, is offered as a consumer-protection measure: a device to confirm whether or not a tool’s IMEI is real, to dam cloned or blacklisted identifiers, to report stolen telephones, and to flag potential telecom fraud. The federal government argues that unchecked IMEI tampering and the unlawful resale of stolen telephones hurt each telecom safety and customers. In isolation, these goals seem benign.
However what seems on paper as an anti-fraud initiative is, in observe, a obligatory state-owned software program layer embedded deep right into a person’s cellphone. This raises profound issues about privateness, consent, and increasing surveillance energy.
One other option to find stolen gadgets
Not like voluntary device-tracking frameworks akin to Apple’s Discover My or Android’s Discover Hub, Sanchar Saathi doesn’t provide customers a selection. Discover My and Discover Hub are opt-in providers that allow people in the event that they want to find misplaced or stolen gadgets, counting on Bluetooth, encrypted communication, and crowdsourced networks able to detecting gadgets even when offline.
Apple’s system, for instance, makes use of rotating Bluetooth identifiers that solely the proprietor’s gadgets can decrypt, utilizing cryptographic safeguards supposed to forestall Apple or third events from linking these indicators to a particular person.
But even these privacy-first techniques should not flawless. Analysis has revealed that Apple’s “Offline Discovering” protocol — the precursor to Discover My — might, underneath specific design or implementation failures, allow correlation assaults that de-anonymize customers or expose motion histories.
Comparable scrutiny of Samsung’s Bluetooth-based finding infrastructure confirmed {that a} vendor or operator might, in precept, de-anonymize gadgets and their finders if metadata is aggregated or retained, enabling types of monitoring that have been by no means supposed by finish customers.
In opposition to this background, a compulsory, OS-level government-run surveillance app, which is tied on to IMEI verification, machine id, and centralized databases, represents a dramatically totally different paradigm. This isn’t a user-chosen comfort layer however state-mandated software program that may, even when unintentionally, create pathways for monitoring which machine belongs to whom, how gadgets transfer, when they’re lively or inactive, and the way they work together with telecom networks.
The benefit with which Bluetooth identifiers, community metadata, or IMEI-based registries will be correlated solely amplifies that danger. In impact, the mandate transforms a cellphone right into a extra seen object throughout the state’s digital infrastructure.
A divergence in international considering
If one have been to search for international greatest practices on how world governments strategy cyber fraud points, a sample emerges. In most democracies, together with the US and far of Europe, device-security providers are non-obligatory, and person consent is handled as a foundational precept. Customers select to allow Apple’s or Google’s finding techniques; Governments don’t compel handset makers to put in state monitoring instruments.
In contrast, some international locations with sturdy state management over digital ecosystems have taken the alternative route. Earlier in 2025, Russia compelled all smartphones to preinstall a state-backed messaging app, a call broadly criticized for enabling mass state surveillance and eroding digital privateness norms.
The justifications in these contexts typically revolve round nationwide safety, fraud prevention, or misuse management, however the impact is the enlargement of state functionality to observe communications, machine patterns, and citizen habits.
Positioned on this international map, India’s transfer aligns extra carefully with the latter group than the previous. Although the Sanchar Saathi mandate is framed as a technical safeguard for telecom networks, it deepens state presence in private gadgets and lowers the brink for steady authorities visibility into residents’ digital lives.
Over time, such mandated software program layers can reshape expectations of privateness and normalize types of monitoring that have been beforehand thought-about intrusive.
This new directive forces a basic query: even when Sanchar Saathi reduces theft or counterfeit machine circulation, is it proportionate for a state to embed itself so deeply into the private gadgets of its inhabitants, and to take action with out providing any significant selection?
Revealed – December 02, 2025 01:34 pm IST