India Orders Phone Producers to Include Handsets with National Cybersecurity Application

In a notable move, India's telecommunications department has discreetly instructed smartphone manufacturers to preload all new phones with a state-owned cybersecurity app that is non-removable. This directive, which has come to light, is likely to alarm major technology companies like Apple and raise concerns among consumer watchdogs.

An International Trend in Cybersecurity Policy

To combat a recent surge of cybercrime and hacking, India is following regulators worldwide. This step echoes similar regulations framed in countries like Russia, which seek to prevent the use of stolen phones for fraud and encourage government-developed service apps.

What Manufacturers Are Affected by the Order?

The new order affects key mobile phone brands operating in the domestic market. This encompasses Apple, a company that has in the past had disagreements with regulators over comparable apps, as well as leaders like Samsung, Vivo, Oppo, and Xiaomi.

The Fine Print of the Government Order

An directive dated 28 November provides smartphone manufacturers a three-month period to ensure that the official "Messenger Friend" application is factory-loaded on all new devices. A key provision is that consumers will not be able to remove the app.

For phones currently in the retail pipeline, companies are instructed to deliver the app via system upgrades. It is worth mentioning that this order was sent confidentially and was sent selectively to select firms.

Privacy Apprehensions Expressed

However, legal analysts have raised major concerns regarding this move. A legal expert specialising in technology matters stated that India's step is a reason to worry.

“The government practically erodes user consent as a meaningful choice,” stated Mishi Choudhary, an advocate working on digital advocacy matters.

Consumer organisations had also condemned a comparable mandate by Russia in August for a state-backed messenger called Max to be pre-installed on phones.

The Scale of the Domestic Market

India, one of the world's biggest telephone markets, boasts over 1.2 billion connections. Government statistics show that the cybersecurity application, launched in January, has already helped recovering more than 700,000 stolen phones, with around 50,000 recovered in October alone.

The government states that the app is vital to combat the “significant endangerment” of mobile network cybersecurity from cloned or tampered IMEI numbers, which facilitate scams and system abuse.

The Tech Giant's Stance

Apple's iOS runs on an estimated 4.5% of the 735 million mobile phones in India, with the vast majority using Android, according to industry analysis. While Apple includes its own first-party apps on its devices, its internal policies reportedly prohibit the installation of any government application before the sale of a device.

“Apple has historically declined such demands from authorities,” noted Tarun Pathak, a research director at Counterpoint.

“It’s likely to pursue a middle ground: instead of a compulsory inclusion, they might discuss and propose an option to prompt users towards installing the app.”

Queries for comment from Apple, Google, Samsung, and Xiaomi were unresponded. India’s telecommunications ministry also did not respond.

The Role of the IMEI and the App's Purpose

The IMEI, or International Mobile Equipment Identity, is a 14- to 17-digit number assigned to each mobile device. It is primarily used by carriers to disable network access for phones reported as lost.

The government app is mainly created to help users block and locate missing phones across all mobile carriers, using a national database. It also enables them to identify, and block, unauthorised mobile connections.

Notable Adoption and Results

With over 5 million downloads since its inception, the software has reportedly been used to block more than 3.7 million missing mobile phones. Moreover, more than 30 million illegal connections have also been terminated through its use.

The authorities states that the software helps preventing digital threats and assists in the locating and disabling of lost or stolen phones, thereby aiding police in recovering devices and preventing counterfeits out of the illicit trade.