What is India's politically contentious Sanchar Saathi cyber safety app?

India's mandate requiring smartphone makers to preload a state-owned cyber safety app on all new devices has triggered a political firestorm, fanning fears of government snooping in the world's most populous nation.

The app, called Sanchar Saathi, or Communication Partner, is at the centre of a storm involving Apple, Samsung, Xiaomi and other major technology firms.

They have been given 90 days to comply.

WHAT DOES THE APP OFFER?

Currently available in Apple and Android app stores, Sanchar Saathi is billed as a citizen-centric safety tool. It allows users to block and track lost or stolen mobile phones using the device's International Mobile Equipment Identity (IMEI), which is a unique code for the handset.

It also enables users to check how many mobile connections are registered under their name, helping to identify and disconnect fraudulent numbers used in scams.

Additional features include tools to report suspected fraudulent calls and verify the authenticity of used devices before purchase.

WHAT'S THE NEW MANDATE?

On November 28, India's telecom ministry privately asked all smartphone manufacturers to preload their new devices with the app, stating that it must be "visible, functional, and enabled" upon first setup. It also says manufacturers must ensure that users cannot disable or restrict the app's features.

For devices that are already manufactured, companies must install the app via software updates.

An industry source with direct knowledge of the situation said software updates would eventually roll out the app to existing phone users, meaning it could reach more than 735 million people.

The government has said the mandate is essential to combat the "serious endangerment" of telecom cyber security caused by IMEI tampering.

SANCHAR SAATHI IN NUMBERS, DATA COLLECTION

The Indian government says the app has been downloaded over 10 million times and the system has helped block over 4.2 million stolen or lost phones, in addition to terminating more than 30 million fraudulent mobile connections.

The government says the app "does not automatically capture any specific personal information from you without intimation on the application." Its privacy policy says users will be asked to share permission for sharing access to cameras, photos and files for iPhones — for select uses.

For Android, users will be asked to share call logs, send messages for registration, make and manage phone calls "to detect mobile numbers in your phone," as well as grant access to cameras and photos.

Apple is worried about its privacy and security vulnerabilities. According to Counterpoint Research, more than 95% of Indian smartphones run on Google's Android, with the remainder on Apple's iOS.

GOVERNMENT LOGIC; PUBLIC, POLITICAL RESPONSE

The Indian government says criminals often clone or spoof valid IMEI numbers onto stolen devices, making it impossible to track criminals or block hardware.

India, which has a large market for used phones, also wants to prevent people from buying stolen or blacklisted devices.

The mandate has since become a talking point on local prime-time television and social media, drawing sharp criticism from privacy advocates and members of the political opposition.

The main opposition Congress Party has demanded that the mandate be rolled back, calling the move unconstitutional.

The Internet Freedom Foundation, a free-speech rights group, said on X that it would "fight this direction till it is rescinded."