India withdraws mandatory app order after backlash over privacy concerns

India’s government has revoked a directive that would have made it mandatory for smartphone manufacturers to pre-install a state-run cyber safety application, Sanchar Saathi, on all new devices.

The withdrawal follows mounting backlash from civil society groups, industry stakeholders, and users who raised significant privacy concerns over the app’s intrusive permissions.

The order, originally passed last week and made public on 2 December 2025, had given manufacturers 90 days to comply. It also stated that the app could not be “disabled or restricted” by users.

The Ministry of Communications defended the app’s purpose, claiming it was designed to help verify the authenticity of mobile devices and tackle fraud. However, cybersecurity experts warned that enforcing its installation risked violating users' right to privacy.

In a statement issued on 3 December 2025, the ministry announced that the mandatory installation order would be withdrawn. The decision was attributed to the app’s “increasing acceptance” among users, with officials highlighting that over 14 million people had already downloaded the app voluntarily.

On a single day—2 December—more than 600,000 new users registered, representing a tenfold surge in uptake. The ministry described this trend as a signal of growing public trust and said the initial directive was only intended to facilitate accessibility, particularly for less digitally aware users.

The government further clarified that Sanchar Saathi is solely intended to enhance user safety and has no other use. It confirmed that users are free to uninstall the app at any time, directly addressing earlier concerns that the app could not be removed.

Despite these assurances, the decision to enforce pre-installation had triggered widespread concern. Smartphone giants including Apple and Samsung reportedly resisted the directive. Sources told the BBC that the companies objected to the lack of consultation and viewed the move as inconsistent with global privacy standards.

Public alarm intensified after a screenshot circulated on X (formerly Twitter), revealing that Sanchar Saathi version 1.5.0 requested access to sensitive data and functions, including the camera, call logs, SMS, storage, and startup behaviour.

A viral post criticised the app’s reach, stating: “Outrageous! Wake up INDIA! The Govt’s Sanchar Saathi app mandate is a blatant assault on our privacy & freedom... under the guise of ‘safety’, the government will potentially have the power to spy on our calls, texts & location. This is surveillance at its worst.”

Although the app documentation stated that permissions could be manually disabled, it also indicated that future updates might add further capabilities. Privacy advocates expressed concern over the app’s potential for unchecked monitoring in the absence of a transparent legal framework.

Minister of Communications Jyotiraditya Scindia responded to the backlash, saying: “Snooping is neither possible nor will it happen with the Sanchar Saathi safety app.” He maintained that the app is aimed at consumer protection, not surveillance.

However, digital rights organisations remained cautious. The Internet Freedom Foundation (IFF) welcomed the reversal but stressed the importance of legal clarity. In a statement on X, the organisation wrote:

“This is a welcome development, but we are still awaiting the full text of the legal order that should accompany this announcement, including any revised directions under the Cyber Security Rules, 2024.

Everyone who raised their voice, reported on the issue, or pushed back against this mandate deserves credit for bringing us to this point. For now, we should treat this as cautious optimism, not closure, until the formal legal direction is published and independently confirmed.”

Critics argue that any government app requesting such extensive access must be subject to robust oversight and transparency, particularly in a country with limited data protection legislation in force.

The Sanchar Saathi app, initially launched as a voluntary tool to help users identify and block fraudulent devices, has seen growing adoption. However, digital advocacy groups warn that coercive measures to expand its reach could undermine public trust.

While the government has now walked back its order, the episode highlights persistent tensions between security policy and digital rights in India’s fast-evolving technology landscape.