Sanchar Saathi: The App That Nearly Turned India Into a Surveillance State Overnight

Is Sanchar Saathi a safety tool or spyware? Uncovering the attempt to make government tracking mandatory on Indian phones, Apple’s refusal, and the privacy risks involved.

Infloia’s Exclusive

Author: Jimmey Barnwal | December 5, 2025 | 5 min. read

In the span of just 48 hours, India came dangerously close to joining a club no democracy should aspire to:
North Korea, China, and Russia — nations where government-controlled phones are the norm.

A silent directive by the Indian government to embed a mandatory, undeletable app into every smartphone triggered a firestorm, thanks to a Reuters exposé and unexpected pushback from global manufacturers. The mandate was quickly retracted, but the damage is done — not to phones, but to public trust.

This is not a story about an app.
This is a story about power, consent, surveillance, and the systematic shrinking of citizen rights.

The 48-Hour Firestorm: A Timeline of the Sanchar Saathi Mandate

A report revealed that the Ministry of Communications had instructed phone manufacturers to deliver phones with Sanchar Saathi pre-installed, embedded at the OS level so users could not easily remove it. (reported within the last 24–48 hours.)
The government defended the app as revolutionary: recovery of hundreds of thousands of phones was touted as proof it was needed.
International and domestic firms pushed back. Apple (and other industry voices) signalled they would not accept an unremovable system-level app.
Under pressure the government announced the app would be “optional” and users could delete it — a reversal that raised as many questions as it answered.
Opposition politicians and civil-society voices compared the move to Pegasus-style surveillance; critics warned of censorship, remote locking, hidden modules and opaque data flows.

1. The Government’s Defense: Anti-Theft or Trojan Horse?

From the government’s perspective, Sanchar Saathi is not a surveillance tool — it’s a “public service revolution.” At least, that is how the narrative was framed.

The “Lost Phone” and Fraud Prevention Narrative

The government repeatedly emphasized a single claim:
“Sanchar Saathi has helped recover more than 7 lakh stolen mobile phones.”

This number changed depending on the spokesperson — sometimes
2.5 lakh, sometimes 3 lakh, sometimes 7 lakh — but the messaging was clear:

“This app already works. Trust us.”

The emotional appeal here is powerful because mobile phone theft is an everyday problem in India. Most people who lose their phones never get them back. Even police often say:

“Don’t file an FIR. Just buy a new phone.”

So, when the government says it can magically fix this with an app, people want to believe it.

b) The Fraud & Scam Narrative

The next justification leaned heavily on India’s epidemic of:

spam calls,
digital arrests,
UPI scam gangs,
SIM-swapping crimes,
phishing and OTP hijacking.

The state’s message was:

“Install one app, and all scams will end.”

This is a classic political technique:
create a villain (fraudsters), position yourself as the savior (the app), and present compliance as patriotism (“Install it for your own safety”).

But scams in India don’t happen because citizens lack an app.
They happen because:

data leaks are rampant,
law enforcement is inefficient,
cybercrime ecosystems flourish with political protection.

Yet the government sold Sanchar Saathi as a cure-all.

c) The Scale Argument

India has 1.2 billion mobile connections.
The government used this to argue:

“Only a centralized solution can protect everyone.”

This centralization is not an accident — it is the structural foundation of digital authoritarianism.
Centralization = control.
Distributed solutions = freedom.

By framing scale as a justification, the state was essentially saying:

“Because the system is huge, only we can control it.”

d) The Benevolent Guardian Narrative

The final part of the pitch was emotional, sentimental, almost paternal:

“We are doing this for your security.
We care about your phone and your safety.”

This is the same pitch used during:

Aadhaar rollout,
DigiLocker,
FASTag,
DigiYatra.

It always begins with:

“This is optional and for your benefit.”
Then gradually becomes:

“This is mandatory and for national security.”

Sanchar Saathi followed the same script — until it was exposed.

2. Why Critics Are Alarmed: The Danger of OS-Level Apps

The outrage around Sanchar Saathi is not just about an app.
It’s about what that app represents.

a) Zero Consent and the “Ghost Module” Fear

When an app is:

pre-installed by the government,
embedded at the OS level,
undeletable by the user

––it ceases to be an app.
It becomes infrastructure, a surveillance module, a permanent backdoor.

Consent disappears.
Choice disappears.
Autonomy disappears.

b) Technical Power = Unlimited Access

A system-level app could potentially:

read messages,
track calls,
log location,
activate microphone,
access camera,
monitor networks,
track contacts,
set policies that override user settings.

Even if the government claims it won’t misuse it, the capability exists.

And in surveillance discourse, there is a golden rule:

What can be abused will eventually be abused.

c) The Ghost-Module Fear

Even after deletion, system apps can:

leave behind dormant services,
reinstall after updates,
operate silently in the background.

Pegasus never needed an icon on your home screen.
It lived in the shadows.

Citizens fear the same with Sanchar Saathi.

d) Data Ownership Is Completely Undefined

The biggest question:
Where does the data go?
Who sees it?
Who stores it?
For how long?
Who audits it?

No transparency.
No independent oversight.
No legal accountability.

A surveillance tool without oversight becomes a weapon.

Critics connect Sanchar Saathi to a consistent pattern:

weakened RTI,
blanket exemptions under data protection law,
social media censorship,
WhatsApp metadata access by agencies,
email scanning by finance ministry orders.

Sanchar Saathi was simply the next logical step.

3. The Authoritarian Playbook: Parallels with China, Russia, and North Korea

When analysts compare India’s move to these nations, it is not rhetorical exaggeration.
It is a technical comparison.

a) North Korea — Total Device Control

North Korean phones (like the Arirang) have:

mandatory apps
screenshot capture every 5 minutes
image logging
app locking
message scanning
no ability to install foreign software

Citizens don’t own their phones.
The state does.

India’s attempt to add an unremovable OS-level app mirrors this architecture frighteningly closely.

b) China — Integrated Censorship Infrastructure

China’s system includes:

real-time chat monitoring
banned keywords auto-deletion
mandatory government communication apps
full surveillance of dissenters
device-level restrictions during protests

If India embeds an authoritative system app, the same model becomes possible:
silent censorship at the device level.

This goes beyond taking down social media posts.
It prevents the post from even being typed.

c) Russia — Forced Migration to State Apps

Russia, after blocking Telegram and threatening WhatsApp:

forced citizens to use government-approved apps
implemented deep packet inspection
mandated metadata sharing
began monitoring messaging in real time

Words vanish mid-typing.
Chats become visible to the state instantly.

If India gains OS-level control, the same capabilities can be activated with a simple government memo.

d) The Common Thread

In all three countries:

the state enters your phone
the app is non-removable
surveillance becomes normalized
dissent becomes dangerous
privacy becomes impossible

India nearly took a step that only these authoritarian regimes have ever taken.

That is why comparisons are not dramatic.
They are accurate.

4. The Hidden Politics: Controlling the Last Frontier of Dissent

Beneath the app, beneath the notifications, beneath the PR statements lies the real story — political power.

a) Control of Narrative

The government already controls:

mainstream media,
large TV networks,
print journalism,
many digital platforms through indirect pressure.

What remains uncontrolled is the mobile phone — the last space where Indians:

share political content,
organize resistance,
criticize the state,
expose corruption,
circulate leaked documents.

The state wants to regulate the final frontier.

b) Pre-Emptive Dissent Management

Economic stress is rising:

manufacturing slowdown,
inflation pressure,
unemployment,
currency devaluation.

When public anger grows, history shows that:

protests begin in digital spaces,
movements start through WhatsApp and Telegram,
videos of injustice go viral instantly.

To control dissent, governments often control:

the message,
the messenger,
or the medium.

Sanchar Saathi targets the medium.

c) Legal Architecture of Control

This app fits into a broader political strategy:

RTI weakened → citizens cannot question the state.
Data Protection Act exempting government → state can collect without accountability.
Social media takedown rules → criticism can be erased instantly.
Encrypted chat access via backups → private conversations can be reconstructed.
Income Tax/ED digital scanning powers → any data can become criminal evidence.

Each law is a brick.
Together they form a digital cage.

d) Fear as a Political Tool

If citizens believe:

their phone is monitored,
their messages are watched,
their posts can be traced,
their device can be locked remotely,

then they will censor themselves.

A fearful population is easier to:

govern,
manipulate,
silence,
divide,
or mobilize for propaganda.

The goal is not just surveillance.
The goal is compliance.

e) Democracy Rankings Drop — And the Government Pretends to Be Surprised

Every time India slips in global democracy or freedom rankings, officials protest:

“Why do they call us authoritarian?”

But when the same government tries:

Pegasus,
undeletable apps,
data exemptions,
mass censorship,
social media policing,

what else can the world conclude?

If a democracy behaves like an authoritarian state,
it will be ranked as one.

5. Technical risks in plain language

Pre-installed = persistent control. Apps pre-bundled into the OS can run elevated services, survive user removal attempts, or re-install themselves via firmware updates.
Dormant modules. Even a “deleted” app can leave background services or scheduled triggers.
Remote locking & financial coercion. RBI concerns mentioned in the transcript about remote phone locks tied to defaults (e.g., unpaid EMIs) show how non-security apps can be weaponised for debt enforcement.
Supply-chain differentiation. Delivering a separate SKU (India vs. global) opens the door to opaque localised features or hidden telemetry.

6. The Apple Factor: How a Refusal to Comply Exposed the Plan

One of the most decisive turning points in this episode came from a place the government didn’t expect: Apple.

The Ministry of Communications reportedly instructed phone makers — including Apple — to embed Sanchar Saathi at the system level.
Meaning: the app wouldn’t just be installed; it would be undeletable, part of the phone’s core OS.
Apple has historically refused government pressure for backdoors or mandatory apps (even the US FBI couldn’t force it).
In India too, Apple quietly but firmly communicated:
“We will not comply.”

Why does Apple’s refusal matter when it has only ~4–5% market share?

Because Apple is the poster child of India’s Make-in-India manufacturing narrative.

If Apple publicly resists, it:

damages the government’s headline that “Apple is manufacturing in India,”
warns global companies about India’s digital freedom climate, and
kills credibility of the entire “forced app” plan.

When Apple resisted sideloading and OS-level control, the government realized:
If we push too hard, we lose the narrative we depend on.

This pushback was a major reason the government suddenly began “clarifying” that the app was optional.

7. Reuters Exposed It — And India Finally Woke Up

Until Reuters published its investigation, the plan was moving silently.

The strategy was simple:

give private instructions to manufacturers
get the app pre-installed
wait for a few months
then announce it publicly once people had already accepted it.

But the Reuters report destroyed this timeline.

Suddenly:

Journalists woke up,
Citizens woke up,
Opposition leaders woke up,
Privacy advocates woke up,
Finally, even manufacturers started openly questioning feasibility.

For a government that thrives on quiet execution, the leak was a disaster.

The outrage forced the government into damage control mode:

First: “It’s for your safety.”
Then: “It’s revolutionary.”
Finally: “It’s optional… you can delete it… please stop shouting.”

But Indians now understand two truths:

This was meant to be silent.
It will return again — quietly, surgically, and with new packaging.

8. This Is NOT Over — The Government Will Try Again

Surveillance by Indian govt with Sanchar Sathi app

Sanchar Saathi was not an experiment.
It was a test balloon.

A democratic government doesn’t attempt a China-style OS-level app by accident. This was a pilot run for:

controlling devices,
tracking users,
mapping communication patterns,
and pre-empting dissent before it becomes public.

Even after withdrawing the mandatory clause, the government has shown:

✔ they want a permanent presence inside your phone
✔ they want software-level control
✔ they want visibility into your communication
✔ they want the option to remotely lock or monitor devices
✔ they are willing to bypass Parliament and public debate

This attempt will return through:

a new “safety” policy
a new “fraud-prevention” mandate
a new “national security” directive
a new “data consolidation” bill
new telecom rules

Remember:
Aadhaar was optional — until it wasn’t.
FASTag was optional — until it wasn’t.
DigiYatra is optional — for now.
This app was “optional” — until Reuters caught them.

The next move will be quieter.
More technical.
Harder to detect.

The direction is clear: full digital control of citizens.

9. What citizens, journalists and civil society should demand

Transparency: Release the full technical spec, source code, data flow diagrams, retention policy and partner contracts.
Independent audit: An independent security audit by neutral third parties before any deployment.
Legal guarantees: Clear statutory limits on data access, retention, purpose-limitation and judicial oversight.
Choice by default: The app should be opt-in, not just labeled “deletable.” Controls must be verifiable — show how deletion removes all traces.
Parliamentary scrutiny: The rollout must be debated in Parliament with stakeholders — telecom industry, privacy experts, civil society and courts.
Red-team testing: Simulate abuse scenarios (false incriminating payloads, remote-lock misuse) to understand failure modes.

10. Practical steps for users (immediate)

Check your app list and permissions; be suspicious of system apps with broad access.
Audit device settings: look for unknown device admin privileges or VPN/proxy installs.
Prefer vendors who publish security practices and resist non-transparent system hooks.
Support and amplify investigative reporting and digital-rights organisations asking for audits.

11. How India’s Freedom of Speech Is Being Suppressed — Quietly, Technically, and Legally

This incident doesn’t exist in isolation. It is part of a systematic ecosystem of control being built over the last few years.

a) Data Protection Act — Privacy for the Government, Exposure for Citizens

The Digital Personal Data Protection Act (DPDP) was marketed as a privacy law.
In reality:

The government can exempt ANY agency from compliance.
It gives the state absolute power to collect, retain, and use your data.
Citizens have limited rights, the state has total immunity.

You must be transparent.
The government does not have to be.

This is not data protection.
This is state protection from accountability.

b) Social Media Scrutiny — Legalised Censorship

Platforms must:

take down posts the government flags,
modify news as per orders,
demonetise creators critical of the administration,
reveal personal details of dissenters.

If they don’t comply?
Their safe-harbour protection is removed — meaning they can be sued for user content.

So Big Tech now bends instantly.

This has created:

chilled speech,
shadow-banned posts,
invisible censorship,
and a culture of fear among creators and journalists.

c) WhatsApp Access by Enforcement Agencies

Under the Finance Ministry’s amended powers:

Income Tax and ED can demand access to WhatsApp chats, groups, documents and mailboxes.
WhatsApp has lost legal grounds to refuse.
Backups (stored on Google/Apple servers) are retrievable.
Chats can be reconstructed and analysed.

This is justified under:
“investigation”,
“tax compliance”,
“economic security”.

But in practice, it gives the state near-total access to digital conversations.

WhatsApp encryption becomes meaningless if the state can demand backups, metadata and device-level data.

d) Email Access & Surveillance Expansion

The Finance Ministry’s new notification allows:

scanning of email accounts,
accessing cloud documents,
retrieving login IPs and communication logs.

This is not hypothetical.
It is already being done.

The Sanchar Saathi attempt is not an accident.
It’s the next step in a pattern of absolute visibility and zero accountability.

11. The Bigger Picture — Why Your Phone Is the Final Battlefield

The transcript ends with a chilling truth:

When the economy struggles, when inequality rises, when dissent spreads —
the first place anger will appear is the mobile phone.

Social media is already controlled.

Traditional media is fully controlled.

The phone is the last space where Indians:

share opinions,
organise protests,
express dissent,
expose corruption.

To control the citizen, the state must control the phone.

Sanchar Saathi was their first open attempt.
It failed — for now.

But the intent has been revealed, fully, brutally, undeniably.

Final Warning: If Citizens Stay Silent, “Optional” Will Become Permanent

If this doesn’t wake us up, nothing will.

This was a dry-run.
It will return with a new name.
It will return hidden inside a “security update.”
It will return packaged as “public safety,” “anti-fraud,” or “digital welfare.”

Democracies don’t collapse in one night.
They crumble feature-by-feature, app-by-app, update-by-update.

If India doesn’t defend digital rights today,
then tomorrow —
your phone, your voice, your privacy, your dissent —
will all belong to the state.

Sources: 1. https://www.reuters.com/sustainability/boards-policy-regulation/india-orders-mobile-phones-preloaded-with-government-app-ensure-cyber-safety-2025-12-01/

Sources: 2. https://www.reuters.com/technology/india-passes-data-protection-law-amid-surveillance-concerns-2023-08-09/

Sources: 3. https://aje.io/dbejfc

Read more about: The Great Indian Scam: voice.infloia.com/the-great-indian-ipo-scam