🔗 Share this article

In a notable move, India's telecommunications department has confidentially instructed mobile phone manufacturers to pre-install all new handsets with a government-backed cybersecurity application that is non-removable. This directive, which has come to light, is expected to alarm leading tech companies like Apple and raise questions among privacy advocates.

An International Pattern in Cybersecurity Regulation

In tackling a rising tide of online fraud and device misuse, India is following governments across the globe. This action mirrors comparable regulations introduced in countries like Russia, which seek to curb the use of lost phones for illicit activities and encourage government-developed applications.

Which Companies Are Impacted by the Directive?

The latest directive binds key smartphone companies active in the domestic market. This encompasses Apple, a company that has previously locked horns with regulators over comparable apps, as well as giants like Samsung, Vivo, Oppo, and Xiaomi.

Details of the Official Order

An directive dated 28 November provides smartphone manufacturers a 90-day window to guarantee that the government's "Messenger Friend" app is included on all new handsets. A notable condition is that consumers cannot disable the app.

For phones already in the supply chain, companies are instructed to send the application via system patches. It is notable that this directive was not made public and was dispatched selectively to select manufacturers.

Privacy Apprehensions Expressed

However, technology experts have expressed major concerns regarding this decision. A lawyer specialising in tech issues said that India's directive is a worrying development.

“The government practically removes user consent as a real choice,” said Mishi Choudhary, an advocate working on digital rights matters.

Digital rights groups had also criticised a similar requirement by Russia in August for a government-sponsored messenger app to be included on phones.

The Scale of the Domestic Smartphone Landscape

India, one of the world's largest telephone markets, boasts more than 1.2 billion connections. Government data reveal that the cybersecurity app, introduced in January, has reportedly assisted in tracking down over 700,000 stolen phones, with an estimated 50,000 recovered in October by itself.

The authorities argues that the app is vital to tackle the “grave endangerment” of mobile network cybersecurity from duplicate or tampered IMEI numbers, which enable fraud and system abuse.

Apple's Likely Response

Apple's iOS powers an approximate 4.5% of the 735 million mobile phones in India, with the vast majority using Android, according to market research. While Apple includes its own first-party apps on its devices, its internal guidelines are said to ban the inclusion of any government app before the purchase of a smartphone.

“Apple has in the past refused such requests from governments,” noted Tarun Pathak, a research director at Counterpoint.

“It’s likely to seek a compromise: instead of a compulsory inclusion, they might negotiate and propose an alternative to nudge users towards installing the app.”

Queries for comment from Apple, Google, Samsung, and Xiaomi were unanswered. India’s telecoms ministry also offered no comment.

The Role of the IMEI and the Application's Purpose

The IMEI, or International Mobile Equipment Identity, is a 14- to 17-digit number assigned to each handset. It is typically used by operators to block network access for phones reported as stolen.

The Sanchar Saathi app is primarily designed to help users track and locate lost or stolen phones across all telecom networks, using a national registry. It also lets them to identify, and disconnect, illegal mobile connections.

Notable Usage and Outcomes

With over 5 million installs since its inception, the software has reportedly been used to disable over 3.7 million missing mobile phones. Additionally, over 30 million illegal connections have also been blocked through its use.

The government claims that the tool aids in combating cyberthreats and helps in the tracking and disabling of lost or stolen phones, thereby aiding police in recovering devices and preventing cloned devices out of the illicit trade.