Apple vs. India: When Privacy Theater Meets Selective Enforcement

UPDATE:
Right after I posted this, India announced that it will be optional. However, the point of Apple's selective stance stands.

When governments start demanding backdoor access to your pocket computer, it's worth paying attention. India's latest move—ordering all smartphone makers to preload a state-run app called Sanchar Saathi on every device—has sparked a showdown with Apple that reveals something uncomfortable: the company's "principled" privacy stance looks a lot more like strategic brand management than actual principle.

The Setup: India's Surveillance App Mandate

On November 28, 2025, India's Department of Telecommunications gave smartphone manufacturers 90 days to preload Sanchar Saathi (meaning "Communication Partner") on all new devices. The app must be pre-installed before sale, existing phones should receive it through updates, and—here's the kicker—users can't delete it.

The government's pitch? Cybersecurity. The app combats phone theft, fraud, and spoofed IMEI numbers. Since its 2023 launch, Sanchar Saathi has blocked over 4.2 million devices and traced 2.6 million more. In October 2025 alone, it reportedly helped recover 50,000 phones.

But there's a problem: the app automatically registers phone numbers on Android devices without explicit user consent and can automatically send registration messages to the Department of Telecommunications. Privacy advocates and opposition politicians immediately raised alarms about potential surveillance capabilities.

After the backlash, Union Minister Jyotiraditya Scindia backpedaled, claiming the app is "voluntary" and users can delete it. Except the original order mandating preloading hasn't been withdrawn, creating a confusing situation where the app is simultaneously "voluntary" and "mandatory."

Apple's Predictable Response

Apple's answer? Hard pass.

According to sources, Apple plans to formally convey its concerns to New Delhi rather than comply. The company's reasoning centers on three talking points:

1. User Choice: No government should mandate permanent apps on iOS devices.
2. Privacy Protection: Non-removable apps linked to government databases threaten user privacy.
3. Ecosystem Integrity: Tampering with system-level app controls violates Apple's tightly regulated software ecosystem.

Apple's internal policies explicitly prohibit the installation of any government or third-party app before sale. This isn't just about India—it's about maintaining a consistent global standard.

The stakes matter for Apple. While iOS powers only about 4.5% of India's 735 million smartphones, the company has been aggressively expanding. Apple now holds nearly 8% market share (up from 1% in 2019), leads the premium segment, and has been manufacturing iPhones locally since 2017.

Sounds principled, right? Except Apple's track record on privacy enforcement is... selective.

The Meta Exception: When Privacy Rules Don't Apply

Here's where Apple's stance gets murky: while the company publicly resists government mandates in the name of user privacy, it's been accused of selectively enforcing those same protections when powerful tech companies are involved.

In August 2025, a former Meta product manager filed a whistleblower complaint alleging that Facebook and Instagram deliberately circumvented Apple's App Tracking Transparency (ATT) protections. The accusation? Meta developed workarounds to continue tracking iOS users even after they explicitly opted out—the very feature Apple marketed as giving users control over their data.

According to the complaint, Meta:

• Used "probabilistic matching" techniques to connect user identities across different data sources
• Inserted tracking code into external websites users visited through Meta's in-app browsers
• Inflated advertising performance metrics by nearly 20% while secretly maintaining tracking capabilities

Multiple class-action lawsuits followed. What makes this particularly damning is that Apple has the technical capability to prevent these workarounds—it just doesn't always use it.

When France's data protection authority fined Apple for showing personalized ads in the App Store without proper consent, it revealed that Apple's own advertising practices didn't meet the privacy standards it imposed on others. Germany's antitrust regulator accused Apple of holding third-party apps to different privacy standards than its own apps, particularly regarding activity tracking.

In 2019, the Wall Street Journal exposed that popular iOS apps were secretly sending sensitive health data and personal information to Facebook—even when users had no Facebook account. Apple's response? It "requires user consent" for data collection, but users had no idea where their data was actually going.

The Beeper Contrast: When Apple Actually Enforces Its Rules

Now contrast Apple's alleged tolerance of Meta with its treatment of Beeper Mini, a small startup that tried to make iMessage work on Android.

In December 2023, Beeper launched an app allowing Android users to send blue-bubble iMessages directly from their devices. Apple's response was swift and brutal:

• Within days, Apple blocked the app by changing its iMessage system
• When Beeper found workarounds, Apple played Whac-a-Mole, repeatedly blocking new methods
• Apple even started banning users' Mac computers from iMessage if they were used to register Beeper Mini
• The company cited "security and privacy risks" as justification

The crackdown triggered bipartisan letters from lawmakers calling for antitrust investigation, FCC Commissioner Brendan Carr demanding scrutiny of Apple's "exclusionary practices," and DOJ and FTC inquiries into potential anticompetitive behavior.

Beeper eventually gave up, with founder Eric Migicovsky acknowledging that "each time that Beeper Mini goes 'down' or is made to be unreliable due to interference by Apple, Beeper's credibility takes a hit."

The Double Standard Nobody Talks About

Let's lay this out clearly:

Beeper Mini: Small startup improving cross-platform messaging → Blocked within days of launch → Apple cited "security and privacy risks" → Users' Mac computers banned from iMessage → Aggressive technical countermeasures deployed repeatedly → Beeper forced to shut down

Meta (Facebook/Instagram): Multi-billion dollar company with documented privacy violations → Allegedly operating workarounds for years → Whistleblower claims Meta inflated ad metrics by 20% and bypassed ATT → Multiple class-action lawsuits filed, but apps remain on App Store → No apparent technical countermeasures from Apple → Meta apps continue operating normally

Beeper's "crime": Trying to give users more choice in how they communicate, using their own Apple hardware to generate legitimate registration codes.

Meta's alleged violations: Systematically bypassing user privacy preferences to maintain advertising revenue.

Apple's justification? Beeper posed "security and privacy risks." But if that's true, what does Meta's alleged behavior represent?

The difference is that Beeper threatened Apple's ecosystem control, while Meta's violations merely compromise user privacy—and apparently, only one of those matters enough for Apple to act.

What This Means for India

Apple's resistance to India's Sanchar Saathi mandate rings hollow when the company has allegedly allowed Meta—a company with a documented history of privacy violations—to operate with special privileges on iOS.

The message becomes:

• Government surveillance app that's transparent about its purpose? Hard no.
• Corporate surveillance that happens in the background without clear disclosure? Negotiable, apparently.

This isn't to defend India's mandate—forcing undeletable government apps on devices is still a terrible precedent. But it does expose Apple's selective application of privacy principles. The company fights visible, public battles over privacy while potentially tolerating invisible, private violations that serve its business interests.

When Apple tells India it won't compromise user privacy by preloading Sanchar Saathi, critics can reasonably ask: "But you'll compromise it for Meta's advertising revenue?"

The Real Pattern

Apple's privacy stance appears calibrated not to absolute principles, but to what's commercially viable:

• Fight governments in democratic systems where public opinion matters and legal processes exist
• Accommodate corporate partners whose apps drive iPhone sales and ecosystem value
• Comply with authoritarian regimes where resistance means market exclusion (see: China)
• Crush small competitors who threaten ecosystem control, regardless of user benefit

The uncomfortable truth is that Apple's principled stands on privacy and user choice are strategically deployed. The company will fight battles it can win through courts and public opinion, but quietly complies when the alternative is losing revenue or market access.

What Happens Next

India has given manufacturers 90 days to comply. Apple has drawn its line. Now we'll see whether principles or market access wins.

If India successfully forces Apple to comply, the precedent would be devastating. Other nations would demand similar preloading of state-run apps. The principle that governments can mandate undeletable software on personal devices would fundamentally alter the relationship between citizens and their technology.

But if Apple's resistance is genuine—not just theater—it needs to apply those same standards consistently. That means:

• Actually preventing Meta from bypassing privacy protections
• Not crushing small companies like Beeper that improve user choice
• Holding its own apps to the same privacy standards it demands from others

Until then, Apple's privacy advocacy looks less like principle and more like brand positioning—enforced selectively based on what serves the bottom line.

Your phone should serve you, not governments or corporations. Right now, it's not clear Apple agrees with that statement as much as it claims to.

What do you think about India's demand? What do you think of Apple's "selective" stance?—find me on Mastodon at @ppb1701@ppb.social and let me know!