Teenagers and young adults often rebel against parents who infantilise them and insist on knowing every detail of their lives. Most Indian parents typically justify this as concern for safety. Today, the Indian State echoes this family drama on a national scale, where well-meaning bureaucrats imagine themselves as parents to a nation of perpetually vulnerable citizens, convinced that constant oversight is care. The result is an ever-present digital companion called a ‘Saathi’ to supervise communications, ‘Sanchar’, in the name of protection.

It would help public confidence if there were greater clarity on whether Sanchar Saathi is government-owned and operated. Recent public discussion around systems such as DigiYatra — which enable airport facial recognition and is operated by a private entity — has already made citizens more sensitive to questions of ownership, accountability, and data stewardship.

A digital ‘friend’ that one cannot escape is what any teenager would call an abusive relationship. The power imbalance is so extreme that one party ceases to exist as an independent actor.

How did we get here

To understand how we reached this point, one must examine the conditions that allowed India’s cybercrime economy to grow unchecked, despite efforts of the well-intentioned.

The first contributor is the government policy itself. By pushing digitisation onto a population unprepared for it, and mandating the JAM framework, it created an unregulated market for identity-trading. That market flourished because of prolonged delays in data protection laws and persistent efforts by the State to exempt itself from its provisions. Meanwhile, government data systems don’t give the comfort of anti-leak capabilities.

In the marketplace, stolen identities became financial instruments. They were reused, rented, and traded to open SIM connections, bank accounts, wallets, and loan profiles. These assets then entered a supply chain serving a parallel industry known as cybercrime entrepreneurship. Its operators did not merely steal data. They engineered products. Digital arrests. Fake investments. Customs notices. Courier scams. KYC frauds.

Like narcotics networks, these groups scaled distribution. Funds were laundered through wallets, online gaming platforms, cryptocurrency exchanges, shell companies, and payment processors, before being reinvested into the next iteration of fraud. Interestingly, we have still not banned cryptocurrencies despite knowing the worries.

The second force is survival. India skipped industrialisation-at-scale and moved straight to services. Jobs have not kept pace with population growth, and we have a large young demography that needs livelihood.

Under economic pressure, entire segments of the population adapted by becoming foot soldiers in cybercrime networks, much as grasshoppers under pressure transform into locusts. These are not criminals by character, but by circumstance. That’s why you see many cyber tome bases in smaller towns, and not necessarily from large cities.

The third impulse is technological magical thinking. Policymakers assume digital inclusion would substitute for social mobility. They imagined that a data-rich population would become a money-rich one. Instead, frictionless data produced frictionless exploitation.

Fraud stack

While India Stack matured as a legitimate digital backbone, ‘Fraud Stack’ rose alongside it as a dark reflection. Indian dark marketplace hosts an unnamed shadow system offering: Money Laundering as a Service (MLaaS). This ecosystem provides its own communication protocols, payment rails, and settlement layers. Its scale and efficiency rival formal financial networks such as SWIFT.

The final condition is social. India struggles to confront long-term structural problems. Technology cannot become a psychological refuge, and a meme for progress. That is how we have now reached Sanchar Saathi.

The government has now changed its stance from ‘mandate’ of the Sanchar Saathi app to its face-saver press statement that more citizens have eagerly adopted the app, and that forced mandate to phone manufacturers is not needed. It only shows the weakness of institutional policymaking about the digital world. In a democracy, shouldn’t we have consultations and layers of stakeholder discussions, before a parliamentary debate, before any of these ‘intrusive’ ideas are asked of the citizens?

A bargaining weapon

It is interesting that a bureaucracy that has been dependent on Western email systems until now, demands to occupy personal devices.

When public policy is replaced by leverage, market size becomes a bargaining weapon. Subsidies quietly evolve into pressure tools. ‘Accept our mandates or leave’ cannot be an industrial strategy. Manufacturers face a choice: comply and risk global consumer trust, or refuse and sacrifice market access. If companies leave, the losses will not be abstract. And a cybercrime economy born of unemployment will grow stronger.

Strong States build compliance through capability and consent. That distinction matters because software does not merely execute commands, it permanently reshapes behaviour. Once governance models itself as machinery rather than mandate, relationships between citizen and State begin to resemble transactions instead of trust.

Parents eventually learn that children are protected not by confinement, but by competence. Not by control but by capacity. Not by harsh words alone, but with values. Governments must learn the same lesson.

Srinath Sridharan is a corporate adviser and independent director on corporate boards. X: @ssmumbai. Anand Venkatanarayanan is co-founder and CTO, DeepStrat. X: @iam_anandv.

Disclaimer: The views expressed above are the author's own. They do not necessarily reflect the views of DH.