India’s telecoms ministry has directed major smartphone makers to pre-install a government cybersecurity application on all new devices and prevent users from deleting it, according to a confidential order reviewed by Reuters.
The move, intended to curb rising cybercrime and phone-related fraud, is likely to inflame long-running tensions with Apple and raise fresh alarms among privacy advocates.
The measure places India among a growing set of governments taking assertive steps to regulate mobile devices by embedding state-backed digital tools. Russia most recently mandated similar requirements, including the August directive that all smartphones come preloaded with MAX, a government-supported messenger service.
The order reflects global anxieties around stolen phones, identity spoofing, and digital fraud, but also underscores the uneasy line governments walk as they try to combat cyber threats without provoking accusations of digital overreach.
Installations raise privacy questions
The Nov. 28 directive gives all major smartphone brands 90 days to preload the government’s Sanchar Saathi app onto new handsets. For devices already manufactured or en route through supply chains, companies are required to deploy the app via software updates. The order, which has not been released publicly, was shared privately with select device makers.
Technology lawyers say the new mandate significantly expands government access to users’ digital environments and effectively eliminates meaningful consumer choice.
“The government effectively removes user consent as a meaningful choice,” said Mishi Choudhary, a technology lawyer known for her work on internet and privacy advocacy, speaking to Reuters. Critics argue that while the app provides real benefits in tracking lost devices, mandatory installation — especially with no option for deletion — raises concerns about data governance, scope creep, and whether such an approach sets a precedent for additional state-controlled digital tools in the future.
Privacy advocates have similarly criticised Russia’s MAX app requirement, saying it erodes user autonomy and could open channels for state surveillance. India’s order, while less far-reaching, is being interpreted through this global lens.
Apple already at odds with regulators
The mandate affects the world’s largest Android manufacturers — including Samsung, Vivo, Oppo, and Xiaomi — but has most significant implications for Apple. The company has long taken a hard line against government requests for mandatory software installations, clashing previously with India’s telecom regulator over the development of a government anti-spam app.
While the company does ship its own suite of preloaded apps, it does not allow any government or third-party applications to be installed on devices before sale, according to a person with direct knowledge of its internal policies.
Theoretically, Apple could attempt to negotiate, offering softer alternatives such as user prompts encouraging app installation instead of a compulsory system-level preload.
Apple, Google, Samsung, and Xiaomi did not respond to Reuters’ requests for comment. The telecoms ministry also did not issue a response.
India is a critical growth market for Apple, even though its share remains small. Counterpoint Research estimates that by mid-2025, iPhones will account for just 4.5% of the country’s roughly 735 million smartphones. Apple has invested in local assembly and retail expansion over the past three years. A forced software preload could become a flashpoint affecting those plans, potentially prompting diplomatic and trade-related discussions.
The government’s view
India’s directive cites “serious endangerment” to telecom cybersecurity caused by spoofed or duplicate IMEI numbers — the unique identifiers assigned to every handset. IMEI tampering allows stolen phones to be used anonymously and has been tied to SIM-based fraud, identity theft, and organised criminal networks.
The Sanchar Saathi platform, launched in January, is designed to curb these threats through a centralised system enabling users to block lost or stolen phones, verify handset authenticity, and identify fraudulent mobile connections across all networks. The government says the tool supports police investigations and prevents counterfeit devices from circulating.
Officials point to strong early performance: more than 700,000 lost phones have been recovered through the system, including 50,000 in October alone. With more than 5 million downloads, the app has helped block over 3.7 million stolen or lost devices and facilitated the termination of more than 30 million fraudulent mobile connections.
India, home to more than 1.2 billion telecom subscribers, is one of the world’s largest and fastest-growing digital markets. Authorities argue that the scale of cybercrime in such a market justifies aggressive preventive steps.
In related news, Apple has taken India’s antitrust regulator to court, challenging a new law that could expose the company to a colossal fine of up to $38 billion.
