India has ordered all new smartphones to come pre-loaded with a state-run cybersecurity app, sparking privacy and surveillance concerns.
Under the order - passed last week but made public on Monday - smartphone makers have 90 days to ensure all new devices come with the government's Sanchar Saathi app, whose functionalities cannot be disabled or restricted.
The app is intended to help citizens verify the authenticity of handsets and report suspected misuse of telecom resources. However, critics, including cyber experts, say it breaches privacy rights.
Under the app's privacy policy, it can make calls, send messages, and access various personal data. The advocacy group Internet Freedom Foundation stated that this would convert every smartphone sold in India into a vessel for state-mandated software that users cannot meaningfully refuse or control.
In response to the criticism, India's Minister of Communications Jyotiradtiya Scindia stated that users could delete the app if they choose not to use it, although the feasibility of this remains unclear given the app's mandatory functionalities.
The Sanchar Saathi app was launched in January and allows users to check devices' IMEI numbers, report lost phones, and flag suspected fraud. Critics highlight that it grants excessive permissions, raising worries about the scope for increased surveillance.
While the Indian government argues this measure enhances telecom cybersecurity, industry analysts highlight significant compliance challenges for smartphone manufacturers, as most prohibit pre-installed software outside of their own systems. Major companies like Apple are reportedly reluctant to comply and plan to voice their concerns.
This order follows a global trend, with similar regulations emerging in countries like Russia.
