India is becoming one of the world’s most aggressive testing grounds for state digital surveillance systems. Over the past decade, the Indian state has quietly assembled a parallel digital security architecture that allows authorities to intercept, analyze and store communications data at an enormous scale. A recent study by the U.K.-based research firm Comparitech put India near the bottom of its rankings of how a state protects the privacy rights of its citizens, with only China and Russia faring worse. And things have only accelerated since then.
The government’s recent push to link SIM cards with apps and devices through a new system is the latest example of this trend. Framed as a tool to prevent fraud and identity theft, the government’s Sanchar Saathi app would link SIM cards with apps and devices, allowing the government to access call logs, messages, photos and network information. By seeking preinstallation of its app on all phones — the government sent directives Apple, Samsung, Xiaomi and other phone manufacturers to — the initiative aimed to make this access widespread and automatic, without allowing users to opt in.
Nationwide outrage from activists and citizens forced the government to retract its order, though not before revealing a glimpse of the Orwellian system it had sought to implement. India’s Department of Telecommunications used newly amended rules to extend its authority beyond phone companies to apps and services that use phone numbers. The primary goal is to force messaging platforms to bind accounts to active, verified SIM cards, thus sharply reducing practical anonymity for users in India.
This surveillance expansion sits atop Aadhaar, India’s near-universal biometric identification system. Originally promoted as a tool for welfare inclusion, Aadhaar now links fingerprints and iris scans to banking, welfare benefits, tax filings, mobile numbers and private platforms. In effect, it has become a master key to everyday life, enabling the state to map identity, behavior and access across sectors. No democracy has ever built a biometric system of this scale or integrated it so deeply into both public and private infrastructure.
In addition, the Indian state has not shied away from using military-grade spyware against its citizens. This story rose to prominence in 2023 after Apple sent warnings to a slew of Indian journalists and critics that their devices may have been compromised, though the Indian government had for some time been known to be a client of the Israeli firm NSO Group, the creators of the Pegasus surveillance tool. India’s approach operates on two levels: routine data capture for the many, and invasive snooping and tracking for dissenters.
What distinguishes India from the United States is not the existence of surveillance — Washington’s own history on that front is well documented — but the absence of meaningful oversight. Most of these interventions originated from a small, seven-member AI and Digital Intelligence Unit, highlighting how India’s digital governance is increasingly being shaped through executive directives rather than transparent legislation, with user consent treated as desirable but ultimately secondary to administrative goals. In the U.S., the Snowden revelations triggered at least some judicial, legislative and corporate resistance to mass backdoor access. In India, interception approvals remain overwhelmingly executive-driven, with little transparency and with legal foundations that still echo colonial-era statutes.
The result is an environment where mass surveillance is increasingly normalized. When biometric identity, telecom data, device metadata and spyware capabilities converge, the question is no longer whether surveillance is possible but how easily it can be scaled. In such systems, anonymity becomes fragile and dissent becomes traceable.
This is a challenge to democracy itself. As Shoshana Zuboff, author of “The Age of Surveillance Capitalism,” argues, democracy erodes not when citizens are watched but when their autonomy is quietly engineered away. Systems built for behavioral prediction and modification strip people of the moral judgment and critical agency, faculties that democratic societies depend on. Those who control these systems know everything about citizens, while citizens know almost nothing about those who govern the systems. Such asymmetries, Zuboff warns, create new forms of inequality that law and politics are still unequipped to confront.
This matters for the U.S. because the underlying pressures are strikingly familiar. For example, the U.S. still lacks a comprehensive federal privacy law, while law enforcement agencies routinely purchase sensitive personal data from brokers without warrants. India shows what happens when security rationales move faster than accountability mechanisms in a large democracy with powerful technology and weak guardrails.
India is not some authoritarian outlier. It is a competitive electoral democracy with courts, a free press and an active civil society. And yet it has managed to normalize one of the most expansive surveillance architectures in the world. That is precisely why its trajectory should concern the world. India offers a preview of the political, social and democratic costs of letting state access to digital infrastructure expand unchecked.
The post India’s surveillance state should alarm every democracy appeared first on Washington Post.
