SANCHAR SAATHI: AN INFRINGEMENT OF THE RIGHT TO PRIVACY?

INTRODUCTION: THE CORE CONCERN

Over the past decade, India has rapidly digitised, and with that shift has come a growing uneasiness about how personal data is handled. Mobile phones have become central to everything from banking and work to basic communication, so people naturally worry about who has access to their information. That concern intensified on November 28, 2025, when the Department of Telecommunications announced that every smartphone, whether newly purchased or already in use, would need to have the Sanchar Saathi app installed. The order immediately split public opinion. Supporters argued it could help reduce phone theft, online scams, and fraud, while others questioned whether such a rule quietly chips away at citizens’ privacy and constitutional freedoms.

THE SANCHAR SAATHI APP AND ITS PRIVACY POLICY

Sanchar Saathi is a platform introduced by the Department of Telecommunications to help users secure their devices and get reliable information about government services. It can be accessed either through the app or directly on the web.

The policy states that no data is collected unless users are clearly informed about it. Whenever information is needed, the app claims to explain why it is required and what safeguards are in place. It also says personal data isn’t shared with anyone outside the government unless a legal obligation demands it. To assure users, the DoT mentions that technical systems, internal procedures, and physical security measures are in place to reduce risks like hacking or unauthorised access.

On Android devices, the app asks for these permissions:

1. Phone calls: So it can identify numbers saved on the device.
2. Send SMS: Used only to send a registration message to 14422.
3. Call and SMS logs: Helpful when flagging suspicious calls or texts.
4. eFiles/photos: To attach pictures while reporting a lost or stolen phone.
5. Camera: To scan the IMEI barcode and verify authenticity.

On iPhones, the permissions are simpler:

1. Access to photos/files for attaching evidence, and
2. Camera access to scan the IMEI code.

THE CONTROVERSIAL MANDATE

The decision to make the app mandatory immediately sparked backlash. Many people felt that forcing software onto their phones without an option to refuse was an invasion of privacy. Civil rights groups, several lawyers, and opposition parties, most notably the Congress, criticised it, even calling it a form of digital surveillance. iPhone users pushed back strongly due to Apple’s strict app-installation rules. After protests and petitions in court, the government softened its stance and said that usage would remain voluntary. Even so, many experts argue that the DoT went beyond what the law allows by issuing a mandate without clear legal backing or proper public consultation.

LEGAL AND CONSTITUTIONAL FRAMEWORK

1. K.S. PUTTASWAMY CASE, 2017: The core objection is that the order infringes upon the fundamental Right to Privacy under Article 21, as affirmed by the Supreme Court. Critics argue the order lacks a proper legal basis since it was a departmental mandate, not a law passed by Parliament. Furthermore, the extensive, sensitive permissions requested by the app are seen as being disproportionately invasive.

• DPDP ACT, 2023: The Digital Personal Data Protection Act requires explicit and informed consent for data processing. Making the app’s installation compulsory effectively removes the user’s ability to consent freely and knowledgeably, directly contradicting a central tenet of the new data protection law.

• TRAI ACT: The mandatory order is viewed as bureaucratic overreach by the Department of Telecommunications (DoT). Since the Telecom Regulatory Authority of India (TRAI), the designated regulator for telecom services, did not authorise or compel the installation, the DoT’s action is questioned as exceeding its mandate without proper legal backing.

• IT ACT, 2000: Given the app’s access to highly sensitive information (calls, messages, camera logs), concerns are raised under the IT Act about the government’s accountability and security protocols. The risk of data misuse or leak, especially without clear parliamentary oversight, undermines public trust.

THREAT TO DEMOCRATIC VALUES

When the government appears to push software onto personal devices, it risks losing public trust. The fear of being monitored can make people second guess what they say or who they speak to. Democracies depend on citizens feeling free, not watched. If people start believing that their call logs, messages, or location might be accessed without meaningful consent, the relationship between the state and its citizens becomes strained. This chilling effect can silence free expression, which Article 19 protects.

IS THE APPLICATION AGAINST THE RIGHT TO PRIVACY?

The government has clarified that using the app is voluntary, but doubts remain. A mandatory installation, even if technically removable later, interferes with informed consent under the DPDP Act. The permissions required, especially access to communication related data, heighten fears about surveillance. Under the Puttaswamy judgment, any government action affecting privacy must be backed by a clear law and must be proportionate. A blanket rule forcing installation does not satisfy those conditions, especially since less intrusive, voluntary options already exist. For these reasons, courts may be inclined to view a compulsory installation as unconstitutional.

STRIKING A BALANCE

Officials insist the app is a protective measure intended to help people and not to track them. Many critics, however, recommend solutions that take user choice seriously, options like awareness campaigns, simpler reporting systems, and voluntary apps that don’t intrude on personal data. Striking the right balance means choosing measures that build confidence rather than erode it.

RECOMMENDATIONS

Sanchar Saathi should remain optional, allowing people to install or delete it without obstacles. Any data-related permission should be limited to what is necessary, such as verifying the IMEI number. Broader access should require explicit consent. Regular transparency reports and independent audits would help build trust. Data should not be stored indefinitely; removing it after around 30 days of inactivity would be a practical safeguard. Fraud can also be tackled through TRAI run blacklists, SMS verification services like 14422, and education campaigns, all without compulsory installation. Any long-term framework should come from Parliament and follow the standards laid down in Puttaswamy.

CONCLUSION

Although the intention behind Sanchar Saathi is arguably positive, reducing fraud and improving digital safety, any step that touches personal privacy must be handled carefully. India is still shaping its digital rights landscape, and the balance between security and individual freedom is delicate. Public trust is earned through choice, clarity, and openness. Since voluntary tools can achieve similar outcomes without forcing anything onto people’s devices, a more flexible and transparent approach will ultimately serve both security and citizens’ rights far better.

REFERENCES

• Justice K.S. Puttaswamy (Retd.) and Anr. Vs Union of India and Ors. (2017)
• Digital Personal Data Protection (DPDP) Act, 2023
• Constitution of India, 1950 (Articles 19 and 21)
• Information Technology Act, 2000
• Telecom Regulatory Authority of India (TRAI)
• Department of Telecommunications (DoT) Notification/Order (November 28, 2025)
• Sanchar Saathi Platform (2023/2025 launch)
• The New Indian Express
• Amlegals.com

Read our previous article: COMPLETE GUILD TO INDIA’S NEW LABOUR CODES – J.P. Associates

Author Details – Ms. Kamya Bhadouria, 4^th Year Law Student, University Institute of Legal Studies, Chandigarh University