Consumers can also use the app or website to check the number of mobile connections in their name and report any connections that appear to be fraudulent.
Congress Party MP Priyanka Gandhi said Sanchar Sathi “is a spying app… It’s a very fine line between ‘it’s easy to report fraud’ and ‘we can see everything that every citizen of India is doing on their phones’.” He called for an effective system to fight fraud, but said cybersecurity “should not be an excuse for going into every citizen’s telephone.”
App may require “root level access”
Despite Scindia saying that the app can be removed by users, the government’s statement that phone makers must ensure that its functionalities are not “disabled or restricted” has raised concerns about the level of access required. While the App Store version could be removed, privacy advocates say the text of the order indicates that the pre-installed version would require deeper integration into the device.
The Internet Freedom Foundation, an Indian digital rights advocacy group, said the government’s directive “converts every smartphone sold in India into a vessel for state-mandated software that the user cannot meaningfully reject, control, or remove. To work in practice, the app will almost certainly require system level or root level access, similar to carrier or OEM system apps, so that it cannot be disabled. That design choice destroys the protections that would normally make one app vulnerable to others.” Prevents peeping into data, and turns Communication Partner into an app with permanent, non-consensual access inside every Indian smartphone user’s operating system.
The group said that while the app is “being designed as a benign IMEI checker,” a server-side update could repurpose it for client-side scanning for “restricted” applications, flagging VPN usage, correlating SIM activity, or tracking SMS logs in the name of fraud detection. Nothing in the Order constrains these possibilities.
<a href