While framed as a tool to curb cyber fraud, Sanchar Saathi’s rollout sparked nationwide privacy concerns—revealing a deep tension between digital security and civil liberties in India.
A Digital Safety Tool or Surveillance Trojan?
Earlier this week, the Indian government made headlines by mandating the Sanchar Saathi app be pre-installed on all new smartphones, sparking a firestorm of concern across the tech ecosystem, privacy circles, and the general public.
Marketed as a tool to fight SIM fraud and track stolen phones, the app raised red flags due to its non-removable nature, deep integration with the OS, and lack of transparency. Amid growing backlash, the government rolled back the mandate, making installation optional—but the debate is far from over.
Privacy vs. Security: A Familiar Flashpoint
While Sanchar Saathi’s mission appears noble, the execution betrayed fundamental flaws:
- Opaque privacy policies and unclear opt-out provisions
- Potential access to call logs, SMS, device metadata, and even photos
- Centralised storage architecture, raising concerns about data misuse or breach
Civil liberties watchdogs argue this crosses into state surveillance territory. According to the Internet Freedom Foundation (IFF), mandatory installation of such a deeply embedded app fails the Supreme Court’s proportionality test from the landmark Puttaswamy privacy judgment (2017).
Government’s Assurances vs. Ground Reality
The government insists the app is not designed for surveillance. But technical opacity, lack of judicial oversight, and the app’s future potential for misuse have triggered widespread distrust.
Experts warn that any system app, once deeply integrated, can be repurposed silently via updates. For example:
- Scanning for VPN use or encrypted apps
- Tracking SIM activity and correlating with Aadhaar
- Real-time location tracking under vague “fraud” detection policies
Without legal safeguards, these capabilities pose a high risk of state overreach, especially in the absence of robust data protection laws.
The SIM Binding Shadow: Identity Lock-In
Sanchar Saathi isn’t the only concern. The app coincided with the government’s SIM binding proposal, which would tie messaging and financial apps (like WhatsApp and UPI) to a specific SIM and device.
While aimed at stopping anonymous abuse and spam, the implications are profound:
- Reduced portability: Changing telecom operators could disrupt access to WhatsApp or UPI if tied to the original SIM.
- Multi-device friction: Using one app across multiple devices could become nearly impossible.
- Mass traceability: With SIMs already KYC-linked to Aadhaar, the system allows easy tracing of individual digital footprints, potentially eroding user anonymity.
Risk of Centralised Surveillance Infrastructure
Sanchar Saathi likely stores sensitive user data on a centralised government server, creating a single point of failure:
- A successful cyberattack could compromise real-time user location, device identity, and communication metadata for millions.
- This could be exploited not just by foreign adversaries, but also by internal actors misusing data.
In the AI-first era, aggregated datasets can be used for predictive surveillance models, potentially profiling users at scale based on behaviour, networks, or affiliations—without consent.
“Today an IMEI Checker, Tomorrow a Monitoring Tool”
The core concern is the absence of statutory constraints:
“Today, the app may be framed as a benign IMEI checker. Tomorrow, it could be used to scan for banned apps, flag VPNs, or trawl SMS logs,” warns IFF.
No binding legal order constrains what the app can become, especially as the Digital Personal Data Protection Act (DPDP Act) allows broad state exemptions for national interest.
The Bigger Picture: Trust Deficit in Digital Governance
This episode has highlighted a growing trust deficit between citizens and the state in India’s digital policy landscape.
- Snap decisions, like mandatory apps and SIM binding, often lack public consultation, transparency, and independent oversight
- Rollback after backlash doesn’t solve the underlying governance gaps
- Repeated overreach erodes citizen confidence in digital initiatives—even those meant to protect them
As India pushes ahead with digital public infrastructure, the need for rights-first frameworks, accountability, and legal redressal mechanisms becomes non-negotiable.
