Introduction: Security in an Age of Vulnerability

In an era where your mobile phone serves as your wallet, your identity card, and your personal diary, the threat of cyber fraud and mobile theft has become inescapable. From KYC update scams to the anxiety of a lost smartphone, our digital lives are constantly under siege. The Department of Telecommunications (DoT), Government of India, has launched the Sanchar Saathi App & Portal — a citizen-centric platform that aims to be a robust defense system, returning power to citizens who face cybercrimes while using their mobile phones. This initiative leverages advanced technology to strengthen the security of mobile subscribers, yet it simultaneously raises important questions about privacy and state surveillance.

The Panic Button: Blocking Lost or Stolen Phones (CEIR)

CEIR Portal: Block / Trace Lost Device

When a phone is lost or stolen, the most immediate fear is not the cost of the device itself, but the risk of data misuse, financial fraud, and identity theft. Sanchar Saathi addresses this concern by integrating the Central Equipment Identity Register (CEIR), which allows you to block your lost device instantly.

How It Works: Once you report your phone as stolen and file a police report (FIR), you can visit the Sanchar Saathi portal and submit the details. The CEIR system then blacklists your device’s unique IMEI number, rendering it useless on any Indian telecom network. This means a thief cannot use the phone even if they change the SIM card. The system also has an additional safeguard — it alerts local police if someone attempts to switch the phone on, aiding in recovery efforts.

Recovery Option: If your device is recovered, you can unlock it through the same app or portal so it can be used normally.

Fighting Identity Theft: Verifying Your Mobile Connections (TAFCOP)

Identity theft often begins with a SIM card. Fraudsters frequently procure SIM cards using forged documents or by misusing legitimate ID proofs without the victim’s knowledge. The TAFCOP (Telecom Analytics for Fraud Management and Consumer Protection) feature addresses this vulnerability directly.

Check SIMs Registered in Your Name: TAFCOP Portal

What It Does: TAFCOP allows you to see exactly how many mobile connections are active in your name. If you discover a number you don’t recognize or no longer use, you can report it directly through the portal. The telecom service provider is then mandated to re-verify or block that unauthorized number.

Jan Bhagidari Approach: This feature exemplifies the government’s commitment to citizen participation (Jan Bhagidari) in India’s fight against telecom fraud. By putting verification tools directly in users’ hands, it aims to secure networks from SIM card fraud, unauthorized mobile connections, and the resale of stolen devices — threats that pose constant risk to consumer data and national security.

Fighting Back Against Spam and Fraud (Chakshu)

Spam and fraudulent communications plague mobile users daily. From lottery scam messages to fake government threats, these communications not only annoy but also pose serious security risks. The Chakshu feature empowers users to fight back.

Report Fraud Calls/SMS/WhatsApp: Chakshu on Sanchar Saathi

What You Can Report: Through Chakshu, you can flag suspected fraud communications received via calls, SMS, or WhatsApp. This includes sextortion attempts, impersonation of government officials, phishing links, digital arrest scams, and international spoofed calls disguised as +91 numbers.

Wider Impact: Your report feeds into a central intelligence system that helps authorities blacklist these numbers and device IMEIs, protecting not just you, but millions of other users. This crowdsourced approach to fraud detection creates a stronger defense mechanism for the entire telecom ecosystem.

The Pre-Check: Verifying Used Devices (KYM)

Know Your Mobile (KYM): Before making a purchase, you can verify the device’s authenticity by entering its IMEI number on the Sanchar Saathi portal. The system confirms whether the device is genuine, whether its IMEI is valid, and whether it has been blacklisted. This prevents you from unknowingly purchasing stolen or counterfeit equipment.

KYM Check: Verify IMEI (KYM)

Impact and Adoption

Since its launch in January 2025, Sanchar Saathi has demonstrated significant public acceptance. The platform has crossed 14 crore downloads, while the accompanying website has registered over 9 crore visits. States like Andhra Pradesh and Maharashtra show particularly high usage rates, confirming the platform’s utility and relevance.

The Privacy Paradox: Where Security Meets Constitutional Rights

Despite its benefits, Sanchar Saathi presents a fundamental tension between security and privacy. In November 2025, the Department of Telecommunications issued a directive mandating that all new mobile devices sold in India must come with the Sanchar Saathi app pre-installed, non-deletable, and non-disableable by users. This mandatory installation has triggered serious constitutional and ethical concerns.

• The Guardian – India revokes mandatory preinstall order
• The Verge – Govt backs down after Apple refuses
• AP News – India rolls back preinstall order
• Times of India – Telecom Minister: App is optional
• Android Central – Original report on mandatory app

The Consent Problem

Legal experts argue that forcing citizens to install a state-operated app on personal devices without meaningful choice violates the fundamental right to privacy. The contradiction between written directives and verbal assurances about user consent has created ambiguity regarding autonomy. Privacy advocates emphasize that while the government claims the app works “only with user’s consent” and gives “full control over activation and use,” the inability to delete or disable the app contradicts this assertion.

Constitutional Framework

The Supreme Court’s decision in K.S. Puttaswamy (Retd.) v. Union of India (2017) established that privacy, including informational privacy, is a fundamental right protected under Article 21. Any state action that affects personal data must satisfy legality, necessity, and proportionality. Critics argue Sanchar Saathi, as mandated, fails these tests without statutory backing and parliamentary oversight.

Data Collection and Function Creep

The app seeks permissions for location, camera, and call logs. Privacy advocates worry about “function creep” — data collected for one purpose is later used for another, undeclared purpose. The government maintains that the app “collects only the minimum personal information necessary” and limits disclosures to law enforcement when legally required. Critics point to the lack of statutory safeguards and independent oversight.

The Digital Personal Data Protection Act Conundrum

Mandatory installation appears to contradict the spirit of the Digital Personal Data Protection Act, 2023 (DPDP Act). Making an app mandatory and undeletable effectively removes user consent as a meaningful choice, undermining data protection principles.

A Balanced Assessment

Sanchar Saathi addresses real threats to India’s telecom ecosystem and citizen security. Its tools are innovative and useful in combating fraud and device theft. However, the forced installation raises legitimate concerns about surveillance, autonomy, and the proper role of the state in controlling personal devices. The government’s privacy assurances require stronger statutory framework and independent oversight to build citizen trust.

Conclusion: Security with Accountability

For Sanchar Saathi to be a true success, the trust of users must remain paramount. The platform must function as an ally against fraud and never as an agent of privacy infringement or mass surveillance.

Recommended steps for policymakers:

• Establish statutory backing: Pass clear legislation through Parliament authorizing data collection and storage practices.
• Ensure meaningful user choice: Allow users to disable or delete the app while retaining access to its services through the web portal.
• Provide transparency: Implement clear oversight mechanisms and regular audits of data practices.
• Prevent function creep: Establish legal restrictions on how collected data can be used, with penalties for violations.

Citizens must remain vigilant, holding the system accountable to its promise of security without sacrificing the fundamental Right to Privacy enshrined under Article 21 of the Indian Constitution. The digital age demands a delicate balance: strong protections against cyber fraud, coupled with equally strong protections for individual privacy and autonomy.