In a major move, India's telecoms department has privately instructed mobile phone companies to include all new handsets with a government-backed cybersecurity app that is non-removable. This directive, which has come to light, is likely to alarm leading technology companies like Apple and prompt questions among digital rights groups.
In tackling a growing wave of cybercrime and device misuse, India is following authorities internationally. This step mirrors comparable regulations introduced in countries like Russia, which aim to prevent the use of stolen phones for scams and push state-backed tools.
The recent order affects major mobile phone companies active in the domestic market. Among them are Apple, which has in the past locked horns with regulators over comparable applications, as well as giants like Samsung, Vivo, Oppo, and Xiaomi.
An order dated 28 November allots phone manufacturers a three-month deadline to ensure that the official "Messenger Friend" app is factory-loaded on all new mobile phones. A critical provision is that owners will not be able to remove the application.
For devices currently in the supply chain, manufacturers are required to deliver the app via software upgrades. It is notable that this order was sent confidentially and was communicated selectively to specific manufacturers.
However, legal experts have raised major concerns regarding this decision. A lawyer focusing in tech law commented that India's step is a worrying development.
“The government effectively eliminates user consent as a genuine choice,” commented Mishi Choudhary, an advocate working on internet rights issues.
Privacy advocates had earlier questioned a comparable mandate by Russia in August for a state-backed communication called Max to be pre-installed on phones.
India, among the world's largest mobile markets, boasts more than 1.2 billion connections. Government data show that the Sanchar Saathi application, launched in January, has already assisted in locating more than 700,000 lost phones, with approximately 50,000 recovered in October by itself.
The government contends that the app is vital to tackle the “significant endangerment” of telecom cybersecurity from fake or tampered IMEI numbers, which enable scams and system misuse.
Apple's iOS powers an approximate 4.5% of the 735 million smartphones in India, with the rest using Android, as per market research. While Apple pre-installs its own proprietary apps on its devices, its internal rules are said to ban the inclusion of any third-party application before the purchase of a device.
“Apple has in the past resisted these kinds of demands from governments,” commented Tarun Pathak, a analyst at Counterpoint.
“It’s probable to aim for a middle ground: rather than a compulsory inclusion, they might discuss and propose an alternative to nudge users towards installing the application.”
Requests for comment from Apple, Google, Samsung, and Xiaomi went unanswered. India’s telecommunications ministry also remained silent.
The IMEI, or International Mobile Equipment Identity, is a unique identification number assigned to each handset. It is primarily used by networks to cut off network access for phones flagged as lost.
The Sanchar Saathi application is primarily designed to help users track and locate missing phones across all mobile carriers, using a central registry. It also allows them to identify, and disconnect, unauthorised mobile connections.
With over 5 million downloads since its launch, the app has already helped disable over 3.7 million missing mobile phones. Additionally, over 30 million illegal connections have also been terminated through its use.
The authorities states that the app aids in preventing digital threats and helps in the tracking and disabling of lost or stolen phones, thereby aiding police in tracing devices and keeping cloned devices out of the black market.
