Censored in Washington — by a Judge in New Delhi

10 months ago

Two months ago, the news agency Reuters published an eye-opening cybersecurity investigation bylined by Washington-based reporters and full of news of interest to Americans. But Americans aren’t allowed to read the story anymore — by order of a court in India.

It’s a disturbing turn of events that couldn’t have happened in the pre-internet era, when publishing — and censorship — were largely local affairs.

But what’s going on is not just a tale of a foreign power interfering with the ability of Americans to browse the web as we please. The campaign against the Reuters report has also enlisted some heavy-duty Beltway players.

To back up a bit: On Nov. 16, the wire service published “How an Indian Startup Hacked the World,” an investigation based on hundreds of interviews, thousands of pages of documents and research from multiple cybersecurity firms. The report detailed how a company called Appin allegedly turned itself into a mercenary hacking outfit, targeting political activists, military officials and businesspeople on behalf of shadowy clients from around the world.

Appin and its co-founder, Rajat Khare, strongly denied the allegations. He told Reuters through an attorney that he was in the business of defending against cyberattacks, not perpetuating them.

Nonetheless, the report landed with a splash. It was quickly aggregated in outlets like Lawfare and Wired and passed around on social media.

You didn’t have to be a cybersecurity geek to want to click. The story was full of wild accounts of alleged hacks involving a Dominican newspaper, a Russian oligarch and an Israeli private eye. For Washington types, there were also allegations of hacks against U.S. victims including a Rwandan exile; security executive Kristi Rogers, who is married to former Michigan GOP Rep. and current Senate candidate Mike Rogers; and the leadership of a Native American tribe amidst a lucrative real estate dispute.

And then, last month, the whole thing abruptly vanished from Reuters’ website — and from many of the outlets that had linked to it.

Online, the roughly 6,000-word report was replaced with a terse statement announcing that the article had been “temporarily removed” in order “to comply with a preliminary court order issued on Dec. 4, 2023, in a district court in New Delhi, India.” The four-paragraph editor’s note said that “Reuters stands by its reporting and plans to appeal the decision.”

While the process plays out, though, the original story is offline — not just in India, but around the world.

“Reuters complied with the preliminary court order, which required only that we temporarily remove the story from the Reuters.com website, but not from other platforms,” a Reuters spokesperson told me.

The sweeping order comes as a result of legal action by a group purporting to represent Appin’s digital training centers — who say their students’ reputations are damaged by Reuters’ allegedly false reporting. Last month, Additional District Judge Rakesh Kumar Singh ruled that the story should be suppressed pending trial.

“I am of the opinion that even if the defendants for some period do not retain the article on the website, and on that account they suffer any market value, they can be ultimately compensated by money from the plaintiff, but the retention of such material on the website, if allowed… may have devastating effect on the general students population of India,” Singh wrote.

In India — or any other country — the act of blocking foreign reporting was once simple: Impound some magazines at the airport and call it a day. Local civil libertarians might be infuriated, but the confiscation wouldn’t hamper readers beyond the national border.

Now, though, publishing is global, and keeping things published online is an ongoing choice. Instead of banning disfavored pieces of newsprint in one particular country, judges are apt to demand that things be removed from global websites. A vast organization like Reuters, with major interests in India that could be sanctioned, not to mention local employees who could get in legal trouble, doesn’t have the luxury of blowing off the judge.

“If you are the Iowa Daily Beagle, and you publish a story that upsets some company in India, that company can go to an Indian court and get whatever injunction they want,” said Charles Glasser, who spent 12 years as the global media counsel for Bloomberg News and is the author of a book on international libel law. “But if the Iowa Daily Beagle has no assets in India and does no business in India, they can’t do much. It becomes more of an issue for international publishers, like Reuters. They certainly have resources there, and they are subject to the jurisdiction of the Indian court.”

Of course, Glasser notes, publishers have the ability to geofence content, making it so that an American reader can access a certain page while an Indian reader cannot. But that can backfire. Particularly in a country with historic reasons to be prickly about Western condescension, a judge is likely to take it as a sign of disrespect if an order is ignored beyond the border — not a good move if you are facing trial.

The upshot: Readers in America, where prior restraint is forbidden and where courts won’t enforce foreign rulings that violate the First Amendment, are blocked from reading a story based on a legal complaint that would be tossed out of most American courts.

That’s not the only way the case is resonating in the U.S.

Readers looking to find the gist of the story elsewhere might also have trouble. Wired removed it from a weekly roundup of cybersecurity news, appending a note to say the move was temporary and came as a result of Reuters having taken it down. Lawfare, the influential national security site published in cooperation with the Brookings Institution, also unpublished its excerpts from the piece, replacing block quotes with words made up entirely of the letter “X.”

It wasn’t just the result of one New Delhi court. Several of the U.S. platforms who later removed content became aware of the disputed allegations not because they were following Indian legal news, but after hearing from Khare’s American firm, Clare Locke. The prominent libel-law outfit is based in the Washington suburbs and well-known for representing clients like former GOP vice presidential nominee Sarah Palin in her case against The New York Times. The firm has represented Khare, including going back and forth with Reuters prior to publication.

“Mr. Khare does not comment on legal proceedings, but he defends himself judicially in all relevant jurisdictions against any attacks that target him and illegitimately damage his reputation,” Clare Locke partner Joe Oliveri said in a statement. “Mr. Khare has dedicated much of his career to the field of information technology security — that is, cyber-defense and the prevention of illicit hacking — and it is truly unfortunate that he has found himself the subject of false accusations of involvement in a ‘hack-for hire’ industry or supporting or engaging in illicit hacking or cyberactivities. Those accusations are categorically false. They have been rejected by courts and regulatory bodies and debunked by experts. And Mr. Khare will not hesitate to continue to take steps to enforce his rights and protect his reputation from such false attacks.”

That kind of language — combined with the knowledge that Khare has taken action against hack-for-hire allegations in the U.K., Switzerland and elsewhere — is pretty daunting, especially after Reuters pulled down its story.

“My judgment was it would be imprudent for us to continue to quote from and link to a Reuters article that they weren’t standing by,” Lawfare editor Benjamin Wittes told me. “But I didn’t want to disappear the article because I had no way to assess the integrity of the Reuters reporting.”



By last week, the original version of the story was even gone from the Internet Archive’s Wayback Machine, which maintains archived versions of millions of web pages going back to the beginning of the Internet.

“In late December, we received a take-down request from the lawyers of Mr. Rajat Khare addressing the preliminary order from an Indian District Court for the disputed Reuters article to be taken down and de-indexed by Google,” Mark Graham, the director of the Wayback Machine, said by email. “We were faced with the decision of either keeping the article available and risking having legal action taken against us, and incurring a costly defense in an unfamiliar venue, or disabling the material and staying abreast of the case and whether the defamation claim ultimately prevails. To most responsibly manage the resources of the Internet Archive, we opted for the latter choice.” (Archived versions of the original Wired and Lawfare items remain on the Wayback Machine.)

Not everyone has taken down their references to the piece. University of Toronto Professor Ronald Deibert, whose Citizen Lab has done its own reports about hacking as part of its work promoting human rights and an open internet, said he disregarded a take-down request about one of his blog posts that touched on the subject.

“I believe strongly in academic freedom and freedom of speech,” Deibert said last week. “This is clearly an attempt to silence credible, evidence-based investigative journalism that makes people uncomfortable, and there’s no way that I would cooperate with such a request.”

In fact, the disappearance of the story has turned it into a cause celebre in certain circles. It’s a transnational example of the Streisand effect, in which the singer’s legal action against a media outlet wound up generating much more publicity than the objectionable item would otherwise get. Last week, the text of the original Reuters report was back online — without formal permission — at the leak-archiving site Distributed Denial of Secrets, which launched a new initiative devoted to posting censored stories. The site described the text as “fair use” and said publishing it comports with the “mission of ensuring the free transmission of data in the public interest” and serving as a “publisher of last resort.”

That may make it the only publisher the story has for a while. The legal wrangling in India actually dates back to a year before Reuters ever published the now-vanished story, following the same reporting team’s previous investigation of the global hacking industry more broadly. And the case is moving glacially.

In the meantime, cases like this are likely to become more common. Within the U.S., “forum shopping” in lawsuits — that is, looking for a jurisdiction where you think you’ll get a better result — is common enough. In a globalized news environment, though, it can be especially tempting, at least for those who have the money. If you legitimately think you’ve been libeled, you’re presumably interested in protecting your good name everywhere. And if you’re just trying to use defamation as an excuse to shut someone up, why bring a case in a court that’s subject to the First Amendment when you can bring one somewhere else?

In their own filings back in New Delhi, for instance, Reuters’ lawyers cast doubt on whether the training centers association even had standing to sue, saying “the Plaintiff has not proved that such a community, in fact, exists.” Though the initial complaint had described it as a group “established to render aid to student, ex-students, employee, ex-employee of technical educational institutions and training institutions,” this rebuttal effectively served to raise the question of whether the organization was ginned up in order to sue in a more friendly court than might be found in the U.S., say, or Switzerland, where Khare is based. The plaintiffs’ Indian attorneys did not respond to a request for comment.

India also makes for an interesting case study. It is not a dictatorship or a banana republic. It’s a democracy with an independent judiciary — albeit one in the long list of democracies where norms have eroded. Its standing on Reporters Without Borders’ annual global press freedom ranking has fallen from number 80 in 2002, the year the list was first published, to number 161 last year. (Don’t act too smug, fellow Americans: The U.S. fell from number 17 to number 45 in the same period.)

In authoritarian countries, governments often use security laws rather than defamation allegations to crack down on unwelcome journalism, accusing reporters of being spies. But for the rich and well-connected elsewhere, weaponizing libel laws that reach across borders can be even more useful.

I suspect that there will be limits to how effective this sort of lawsuit can be. The many Americans who tell pollsters they despise the news media — and even the media-baiting politicians like Donald Trump and Florida Gov. Ron DeSantis who want to reconsider the landmark Supreme Court free-speech case New York Times vs Sullivan — might be uncomfortable at the idea of foreign judges deciding what Americans can read.

For a nationalist, it’s not a good look.

Deibert, of Citizen Lab, told me it’s not a good idea to think of the Reuters case simply as a matter of a foreign court system versus a domestic one. He sees the whole thing as part of a global tilt towards the powerful and against anyone who might make them squirm — a tilt that’s aided by people close to home as well as folks far away.

“The way I look at it, it’s less about how an Indian court rules on this than the underlying ecosystem that gives rise to this bullying tactic,” Deibert said. “We’ve had people try to silence us using threats of defamation, and I think it’s something civil society has to prepare for. There are deep-pocketed people out there, and, unfortunately, law firms, often based in liberal democratic countries, who will help them.”

Read Entire Article