Opinion | India Still Needs Something Like Sanchar Saathi - Just Not Like This
India is experiencing what authorities describe as a "peak menace" of digital fraud. The Supreme Court recently took suo motu cognisance of digital arrest scams after victims collectively lost approximately Rs 3,000 crore.
(The Centre's now-withdrawn order mandating all smartphone manufacturers to pre-install the Sanchar Saathi app kicked up a massive storm. This is a counter-view to Vir Sanghvi's column Sanchar Saathi Mess: 5 Lessons From The Centre's Spectacular Misfire)
On November 28, 2025, the Department of Telecommunications (DOT) mandated that all smartphone manufacturers pre-install the government's Sanchar Saathi app on every device sold in India, with explicit instructions that its functionality remain visible, accessible, and unrestricted. Then came the reversal: just four days later, on December 2, Telecom Minister Jyotiraditya Scindia declared the app entirely "optional" - users could delete it whenever they wished. Now, in the latest, the government has officially withdrawn the order mandating the pre-installation of the app.
These contradictions reveal troubling confusion about the initiative. But it also obscures an important truth: the government's cybersecurity intent is both genuine and urgent. The question is not whether we need robust fraud prevention mechanisms, but whether this particular approach respects constitutional boundaries while achieving those security goals.
The timing of this directive was no accident. India is experiencing what authorities describe as a "peak menace" of digital fraud. The Supreme Court recently took suo motu cognisance of digital arrest scams, directing the CBI to lead a nationwide investigation after victims collectively lost approximately Rs 3,000 crore. These scams involve fraudsters impersonating law enforcement officials through video calls, displaying forged Supreme Court orders, and terrorizing victims-particularly senior citizens-into transferring life savings. Chief Justice Surya Kant noted that the court intended to deal with scamsters "with iron hands," emphasizing that such crimes strike at "the very foundation" of trust in the judiciary. The Court directed that all FIRs be handed over to the CBI, granted the agency authority to investigate bank officials under the Prevention of Corruption Act, and mandated that IT service providers cooperate fully.
A Necessary Step
Against this backdrop, the government's push for Sanchar Saathi becomes comprehensible. The app provides tools to report fraudulent communications, check unauthorized SIM cards, verify IMEI authenticity, and block stolen devices. Over 15 million people had already downloaded it voluntarily in the past 15 months, and the app is available in all vernacular languages. Downloads of Sanchar Saathi jumped tenfold on December 2, rising from a daily average of 60,000 to nearly 600,000-suggesting both genuine public concern and regulatory pressure.
Clearly, the government's cybersecurity intent was genuine and commendable, but its execution raised constitutional questions. Privacy concerns warrant examination here. The Puttaswamy judgment delivered in 2017 established privacy as a fundamental right. Any state intrusion into informational privacy must satisfy three tests: legality, legitimate aim, and proportionality.
- On Legality: The government operates within its authority to issue directives based on executive rules under the Telecommunications Act 2023, but constitutional doctrine demands more substantial legislative authority for such intrusive measures.
- On Legitimate Aim: Device security and fraud prevention certainly qualify as compelling state interests. The digital arrest scam crisis and the Supreme Court's extraordinary intervention demonstrate that the threat is real and pressing. The government's cybersecurity objective is not only legitimate but necessary.
- On Proportionality: The directive becomes problematic. Could identical outcomes be achieved through less intrusive alternatives? The answer is demonstrably yes. The app was already available with 15 million voluntary downloads. Following the directive and subsequent publicity, downloads surged to 600,000 in a single day, proving that awareness campaigns drive adoption. The app could be prominently featured during device setup without being compulsory.
Despite government assurances, the app's technical architecture required greater governance transparency. On Android devices, Sanchar Saathi requests access to call and SMS logs, phone management capabilities, camera, and storage. DoT sources explain that the app seeks permission to make calls to check the active SIM before registration, and to send SMS for verification-similar to banking apps.
The Missing Links
What's missing is comprehensive published governance protocols. Where is the detailed data retention policy? How long does the government store IMEI numbers? Who can access this centralized database, and under what authorisation mechanisms? What are the audit procedures? DoT sources stated that Sanchar Saathi has limited access to phone data, "and that too only to the extent citizens permit it in each interaction." This interaction-based permission model is privacy-protective, but requires formal documentation and external audit to build public trust.
This is not a binary choice between security and privacy-both are achievable with superior institutional design. The government's cybersecurity objective deserves support; the implementation method needs refinement.
- First, leverage awareness. A single day of publicity drove downloads from 60,000 to 600,000. Sustained campaigns explaining digital arrest scams, combined with prominent app placement during device setup, could achieve widespread adoption voluntarily.
- Second, integrate at the OS level. Through manufacturer partnerships, IMEI verification, device authenticity checks, and stolen phone blocking could become native OS features without requiring a separate government app with its own permission structure. This approach-already employed in iOS's Find My Device and Android's built-in security features-achieves security objectives while minimizing data collection.
- Third, implement network-side controls. The Supreme Court has already directed the DOT to submit proposals regarding the issuance of multiple SIM cards under a single name. Operators can detect cloned IMEIs, verify device authenticity, and flag suspicious patterns through network analysis without collecting granular user data.
- Fourth, anchor it in proper legislation. Given the Supreme Court's extraordinary involvement in the digital arrest scam crisis, Parliament should enact comprehensive cybercrime prevention legislation. This would provide democratic legitimacy, mandate clear data protection standards, specify retention limits, establish audit requirements, and create judicial oversight mechanisms.
The government's contradictory messaging - mandatory pre-installation followed by declarations of voluntary usage - may reflect genuine tension between security urgency and constitutional requirements rather than cynical manoeuvring. The digital arrest scam crisis is real, confirmed by the Supreme Court's unprecedented intervention. The government's desire to rapidly deploy protective tools is understandable given that vulnerable citizens are losing life savings.
But constitutional democracies navigate such tensions through institutional discipline, not by circumventing fundamental rights. The Puttaswamy framework exists precisely to ensure that even urgent, well-intentioned state action remains bound by principle. The path forward requires neither abandoning security objectives nor accepting constitutional shortcuts.
Balance Is Possible
Strong cybersecurity and robust privacy protection are not opposites - they're complementary goals requiring thoughtful institutional design. The question isn't whether Sanchar Saathi serves a legitimate purpose - it clearly does. The government only has to see that the implementation method respects the fundamental architecture of rights that distinguishes a constitutional democracy from an administrative state, and whether less intrusive alternatives could achieve the same security outcomes. Given the demonstrated power of awareness-driven voluntary adoption and the availability of system-level security integrations, the answer suggests a better path exists - one that serves both security and constitutional values.
(Subimal Bhattacharjee advises on technology policy issues and is former country head of General Dynamics)
Disclaimer: These are the personal opinions of the author
-
Opinion | Sanchar Saathi Mess: 5 Lessons From The Centre's Spectacular Misfire
It's worrying that nobody in authority had the brains to anticipate the outrage that has dominated the public discourse in the last two days. In a way, the government has brought this blowback upon itself.
-
Opinion | Guns To Rallies, How 'Drug Money' Is Fuelling Khalistani Extremism In Canada
Since 2007, more than 200 gang-related homicides in British Columbia alone have been linked to rival Punjabi-Canadian gangs fighting for control of the lucrative cross-border drug trade
-
Opinion | Scindia's Ghost Is Haunting Congress Again - This Time In Karnataka
As Deputy Chief Minister DK Shivakumar stakes his claim to the top post, the party's high command is walking a tightrope, acutely aware that one misstep could lead to a repeat of the catastrophic loss it suffered in Madhya Pradesh in 2020.
-
Opinion | Dharmendra: The 'Pehelwan' Who Was A Poet
Dharmendra described himself as a 'mitti ka beta' (son of the soil). But some of his most memorable roles were those of a man of words, a teacher or a poet.
-
Opinion | The Imran Khan I Know - By Shashi Tharoor
"I have known Imran Khan in three distinct phases of his life. Our first meeting was in New York, during my UN years. His sister, a UN colleague, hosted a gathering, and Imran, then a cricket celebrity, was present. I was struck by his warmth."
-
Opinion | Why A US Report Mentioning 'Pak Success' Has India Bristling
Just one sentence in a report of a US Congressional Commission has got a lot of knickers in a twist in India. The sentence in the 675-page report reads: "Pakistan's military success over India in its four-day clash showcased Chinese weaponry."
-
Opinion | On A Friend's Death And Dying With Dignity - By Shashi Tharoor
Last Wednesday, I received an email that turned me inside out. It came from a friend of thirty-five years. His message began warmly, praising my latest essay, but then turned devastating. "If all goes well, by next Monday I will be no more," he wrote.
-
Opinion | Why Trump And Mamdani May Not Be That Different, After All
Both Trump and Mamdani seem to be offering an emotional appeal that targets the same problem: an unaffordable America that has alienated its large majority.
-
Opinion | The Reel Is Over, But The Light Remains: Remembering Dharmendra
From the moment he strode onto the silver screen in the early 1960s, a whirlwind of raw, rustic charm, Dharmendra was an instant phenomenon. He embodied the soul of a transitioning India: tough yet tender, deeply flawed yet utterly lovable.
-
Exclusive - American Mercenaries In Gaza: Who Controls Them, What They Do
This second part of NDTV's exclusive series examines the model of security governance implemented by a mercenary group contracted to guard aid sites in Gaza.
