Takeaways from the Sanchar Saathi saga: Cybersecurity policy must be evidence-driven, non-arbitrary, transparent
The Sanchar Sathi episode was ultimately about a larger tension: how to balance India’s burgeoning cybersecurity needs against the constitutional right to privacy and informed consent?
Published on: 4 December 2025, 08:52 pm
INDIA’S DEPARTMENT OF TELECOMMUNICATIONS (‘DoT’) recently quietly ordered all smartphone makers to pre-install its new “Sanchar Saathi” cybersecurity app on every phone sold in India.
The directive, under the Telecom Cyber Security Rules, instructed manufacturers to push the app to new devices. Once this came to light, opposition leaders, privacy advocates and tech companies immediately raised alarms. Sanchar Saathi, analysts alleged, was a potential snooping app - a Big Brother tool whereby the state could peer into citizens’ phones. But, after public discontent, the government has backed off. On December 4, days after the original directive, the government announced that the pre-installation of Sanchar Saathi would not be mandatory and that the app remains voluntary and privacy-protective.
CERT-In, India’s cyber emergency response team, reported a sharp rise in cyber incidents (from about 15.9 lakh cases in 2023 to over 20.4 lakh in 2024), and the National Cyber Crime Reporting Portal saw over 1.23 lakh related cybercrime cases reported in 2024. Crime statistics are no longer confined to rare news articles – in the Lok Sabha, the Home Ministry noted over 2.05 lakh police-registered cybercrime cases between 2021 and 2023. The government argues that Sanchar Saathi would give ordinary users tools to fight this scourge at the grassroots: blocking stolen phones by IMEI, flagging duplicate SIMs, reporting spam or spoof calls and more.
But as this clash over the app’s rollout shows, any intrusion into India’s vast mobile network also raises deep questions about legal authority, consent and who controls our data.
But as this clash over the app’s rollout shows, any intrusion into India’s vast mobile network also raises deep questions about legal authority, consent and who controls our data.
Sanchar Saathi’s design
Sanchar Saathi was launched as a citizen-centric extension of existing telecom security portals. First, the DoT rolled out a web portal and helpline in 2023, and then, in January 2025, it introduced the mobile app on Android and iOS. According to official descriptions, it bundles together many anti-fraud services. Users can block lost or stolen handsets anywhere in India by their IMEI number; check how many SIM cards are active under their name (to catch cloned or duplicate SIM fraud); verify a device’s genuineness; report suspect international calls (disguised as domestic +91 numbers); and even see details of their internet service provider. The app’s achievements are touted in a government release: by December 2025, it claimed over 1.4 crore downloads, 42 lakh stolen phones blocked, 26 lakh traced (7.2 lakh recovered), and disconnection of 1.43 crore fraudulent connections.
Legally, Sanchar Saathi has been positioned under India’s Telecom Cybersecurity Rules. The DoT specifically invoked these Rules to require manufacturers to preload Sanchar Saathi on devices and push it via updates. The directive also instructed that the app must be “readily visible” to users on first setup and that its functionalities not be disabled.