In a swift policy reversal, the Indian government has revoked a controversial mandate that would have required all new smartphones to come with a pre-installed government cybersecurity application. The move follows intense backlash from global technology giants, digital rights advocates, and political opponents, who raised alarms over privacy, security, and state overreach.
The now-rescinded directive, issued by the Department of Telecommunications (DoT) on November 28, gave manufacturers like Apple, Samsung, and others a 90-day window to ensure the ‘Sanchar Saathi’ app was “readily visible and accessible” on all new devices sold in India. The government, led by the Bharatiya Janata Party (BJP), positioned the move as a critical step to combat mobile phone fraud and verify device authenticity using their unique 15-digit IMEI numbers.
However, the order was met with immediate and fierce resistance, culminating in its withdrawal less than a week later.
A Rapid Escalation and Retreat
The controversy unfolded quickly. Shortly after the order was published, industry sources indicated that Apple had signaled its intention not to comply, citing global privacy standards. Other manufacturers were reportedly reviewing the directive with deep concern.
Facing this pressure, the government signaled flexibility early on Wednesday, stating it was willing to amend the order “based on the feedback we receive.” By the end of the day, the Communications Ministry issued a formal press statement fully revoking the mandate: “Government has decided not to make the pre-installation mandatory for mobile manufacturers.” It reiterated that the app was “secure and purely meant to help citizens from bad actors in the cyber world.”
Why the Backlash Was So Fierce
Critics argued the policy was a disproportionate solution that set a dangerous precedent:
-
Privacy and Autonomy: The Internet Freedom Foundation (IFF) labeled it a “deeply worrying expansion of executive control over personal digital devices,” arguing it was “structurally hostile to user privacy and autonomy.” The Delhi-based Software Freedom Law Centre warned it was “the start of a slippery slope of function creep,” enabling expanded surveillance capabilities without public debate.
-
Security Risks: Experts questioned the security implications of mandating a single, pre-installed, unremovable government application, creating a potential centralized target for hackers.
-
Global Precedent: Apple, in particular, was seen as facing a direct challenge to its core privacy-centric business model and its long-standing policy of not pre-installing third-party apps at the system level.
-
Political Opposition: Congress leader Priyanka Gandhi Vadra called the app “ridiculous” and a “snooping” tool, highlighting the political dimension of the debate.
The incident echoed a similar controversy in 2020 surrounding the mandatory use of the Aarogya Setu COVID-19 contact tracing app, which critics had called a “privacy minefield.”
The Global Context: A Growing Trend?
India’s brief foray into mandatory pre-installs places it within a broader, global trend of governments seeking greater control over the digital ecosystem within their borders, often citing security and digital sovereignty.
-
Russia: Since September 1, all new phones and tablets sold in Russia must come with the state-developed ‘MAX’ app, pre-installed. Marketed as a tool to curb stolen phone fraud and provide state services, critics allege it is a vehicle for surveillance—a claim Moscow denies. Russia has also recently restricted voice calls on WhatsApp and Telegram, accusing them of being used to recruit citizens for “sabotage and terrorist activities.”
-
China & Others: China has long required strict pre-installation and censorship protocols on devices. The European Union, while focused on different goals, has also implemented regulations like the Digital Markets Act to force interoperability and break up closed ecosystems, demonstrating a global push to regulate tech giants.
What’s Next?
While the immediate threat of a mandate is over, digital rights groups remain vigilant. The IFF noted the revocation was a “welcome development” but stated it was still awaiting the full legal order to understand the scope of the reversal.
The episode underscores the ongoing tension in India and worldwide between state security objectives, corporate policy, and individual digital rights. It also signals to manufacturers and policymakers that attempts to deeply integrate state software into personal devices will face significant, organized opposition in the world’s largest democracy. The government’s next approach to cybersecurity fraud is now likely to be scrutinized even more closely for its balance between efficacy and individual rights.