Government took back its earlier directive mandating pre-installation of Sanchar Saathi on phones
Here's what experts say about the directive
On December 1, the Department of Telecommunications (DoT) issued directions to smartphone manufacturers that required them to pre-install the Sanchar Sathi application on new phones. The directive, which initially called phone manufacturers to comply with it by March, faced intense pushback due to concerns of data privacy and allegations that the government was attempting surveillance.
Jyotiraditya Scindia, Union Communications Minister, denied the intent of the government to snoop and conduct surveillance on citizens. But on December 3, after pushback from phone manufacturers, digital rights advocates, as well as the opposition, the centre, in a release, withdrew the mandatory requirement for pre-installing the app on phones.
Sanchar Sathi App
The Sanchar Saathi, launched in 2023, was initially a web-only platform. It gave telecom users a channel to report fraudulent phone calls. It worked similarly to the Telecom Regulatory Authority of India (TRAI)’s DND app. The Sanchar Saathi website claims 6.56 lakh inputs on suspected fraud communication have been received, with action taken against 40.96 lakh cases where action has been taken.
The Sanchar Saathi portal was promoted as an option for users to recover their stolen or lost devices. Users can also report suspicious calls and have features to identify phone numbers linked to a particular user. Through the portal, the issue raised could lead to the blocking of a stolen device by providing the unique International Mobile Equipment Identity (IMEI) number.
The app, in its current form, the application is available on Apple and Android app stores. The Sanchar Saathi app enables users to check the number of mobile connections registered under their name, which helps them to identify if there are any fraudulent numbers used in their name for scams and disconnect them. Features of the app also include ways to report and verify the authenticity of any used devices before users buy phones.
The original direction issued by the government said that all smartphone manufacturers must pre-install this app in their new devices, and said the app must be "visible, functional, and enabled" in the initial setup. Manufacturers were also required to ensure users could not disable or restrict the app from their phones. The government said that the direction was to combat the "serious endangerment" of cybersecurity for the telecom sector due to IMEI tampering.
Why Did The Government Take It Back
The topic became a talking point in the Parliament by the political opposition and drew sharp criticism on grounds of violation of data privacy. Digital rights activists also criticised the flaws in the directive.
Legal and policy experts have stated that the directive given under the cyber security rules the direction falls in a grey area because it did not ask for the user’s consent, and due to the key difference that the rules were not mandated as law.
“This (the original directive) is a direct intrusion on the users’ privacy because this is no longer governed by law. Because if you have to install an app that collects users' data, you either have to get the consent of the user or it has to be mandated by law. A direction is not a law. A direction is what you give to individuals or an individual entity…that is not law.” Alok Prasanna, founder of Vidhi Centre of Public Policy, said. “Second thing is, it didn’t seem proportionate…you (the government) are saying that everybody should be mandated to install this app whether or not one is actually at risk or not at risk.”
“This (the original directive) is a direct intrusion on the users’ privacy because this is no longer governed by law. Because if you have to install an app that collects users' data, you either have to get the consent of the user or it has to be mandated by law. A direction is not a law. A direction is what you give to individuals or an individual entity…that is not law.” Alok Prasanna, founder of Vidhi Centre of Public Policy, said. “Second thing is, it didn’t seem proportionate…you (the government) are saying that everybody should be mandated to install this app whether or not one is actually at risk or not at risk.”
Experts also said that the original direction had loopholes in the implementation processes. Cases of users importing mobile phones from other countries that did not have the app pre-installed were not made clear, whether the user will have to install the app to use their devices in the first place. The other major issue was in cases where smartphone manufacturers were exporting phones manufactured in India. This was a major reason why manufacturers like Apple resisted the original mandate, they said. Additionally, the direction did not clarify whether users could uninstall the app or modify its settings to prevent the usage of users data.
The changes in the revised guidelines remove the mandatory installation of the app on users’ phones. Now, if users find the app useful, then they can choose to install it on their phones and can uninstall it if they find it otherwise.
Experts said that the principal issue for the rise in cybercrimes in India was the lack of awareness and education among regular users, which the government needs to tackle. “There is not enough digital awareness or literacy about how not to get caught up…even if you make a complaint…how much capacity does the police have to actually investigate many of these (cyber fraud) cases,” Prasanna added.
