Documented digital-fraud losses referred to in the Supreme Court digital-arrest context.
Case 02 / MeitY Digital Governance
Follow the Data
India under critical surveillance: Article 12 Infected, citizen not found, 2015-2026.
A forensic case study of India's digital dacoity and the data dimension the State is alleged not to have investigated.
Built on W.P. (Crl.) No. 163/2026 and the Digital Arrest root-cause intervention in Suo Motu W.P. (Crl.) No. 3/2025. The page separates public record, petitioner contention, accused-person allegations, and proposed remedies.
KYC-linked citizen records alleged to have circulated through dark-web and criminal data channels.
Money dimension pursued through attachments, arrests, and prosecution complaints.
Operational arrests recorded in the money-laundering and cyber-fraud enforcement path.
Thesis
The money is the symptom. The data is the crime scene.
The petitioner's central argument is direct: a digital-fraud system cannot be solved only by freezing accounts after money leaves. If identity data, KYC files, call signals, location patterns, device permissions, and behavioural metadata have already escaped into foreign or criminal infrastructure, the same citizens can be targeted again and again.
You cannot SOP your way out of a data breach that has already happened. Follow the data, or the citizen remains invisible.
That is why this case treats data recovery, data destruction, victim notification, extradition of alleged architects, and audit of the surveillance layer as root-cause remedies, not side issues.
Profile
Person on record.
Researcher profile / petitioner-in-person
Nitish Kumar (thenitishkr)
Independent researcher, author, National Cyber Security Scholar, and inventor of DISHA, working at the intersection of constitutional law, cyber forensics, public records, artificial intelligence, cybersecurity, and digital governance in India.
This profile refers to Nitish Kumar (thenitishkr), researcher and author. He is not the politician of the same name.
Cyber forensicsArticle 12Digital personhoodDISHAPublic records
Interim questions
Six sworn answers the record asks for.
| Affidavit | From | Question forced |
|---|---|---|
| Extradition | MeitY + MHA | Was Extradition Act Section 3(4) read with UNCAC Article 44 ever invoked against any named Chinese accused? If not, who decided against it and where are the written reasons? |
| Data | MHA + ED | Is seized citizen data in government custody? Were victims notified? Was any court asked for a data-destruction order? |
| Root cause | MHA | Did Mule AI Hunter, Telecom SOP, CNAP, I4C-1930, or any SOP identify the three-layer data architecture as the proximate cause? |
| Victim profiling | MHA | How did fraudsters know whether a victim was alone, financially vulnerable, or recently disconnected from family communication? |
| AdTech | MeitY | Was any inquiry or penalty started under IT Act Section 43A for FTC-documented InMobi or SilverPush conduct? |
| Absconders | MHA + ED | What is the LOC date, confirmed location, extradition status, and Red Corner Notice status for each named accused or absconder? |
Criminal-analysis profile
Named accused and absconders, not convicted persons.
The filings focus on an asymmetry: Indian operational workers were arrested, while alleged foreign architects identified in prosecution materials were not brought back through the legal bridge the petitioner says was available.
| Name / alias | Alleged role in record | Status alleged in filing |
|---|---|---|
| Zhu Wei / Jeffrey Zhu | Alleged apex financial controller, data-pipeline architect, and master-database custodian. | Believed abroad; extradition request alleged not filed. |
| Liu Yang / Michael Yang | Alleged beneficial owner and operator of app networks. | Absconded; follow-through and MLAT path questioned. |
| Zhuang Wei / David Zhuang | Alleged fund-routing controller through India, UAE, China, and USDT channels. | Believed in Dubai; extradition bridge questioned. |
| Wang Xin / Sunny Wang | Alleged second-tier app cluster operator. | Diffusion notice noted; extradition request questioned. |
| Chen Wei / James Chen | Alleged IT infrastructure and command-backend manager. | Believed abroad; no trial in India alleged. |
| Wang Fang | Alleged call-centre setup and coordination role. | Deported without prosecution, according to the filing. |
Legal-safe reading: this page reports the petitioner's record-based allegation and the official accused/absconder framing. It does not state that any named person has been convicted.
Root cause
The alleged three-layer data architecture.
- Android permission exploitation: loan apps allegedly demanded contacts, precise location, call logs, accounts, and device access unrelated to lending.
- Shell-NBFC KYC layer: formal finance surfaces allegedly collected Aadhaar, PAN, bank, face, address, and phone records under the appearance of compliance.
- AdTech SDK surveillance layer: the uninvestigated layer alleged to explain live victim profiling, behavioural timing, and high-pressure targeting.
The case does not claim every listed technology company ran the fraud. The sharper claim is that documented surveillance technologies and SDK behaviour should have been investigated under Indian law where they may have enabled profiling.
AdTech layer
The second body of the crime.
- InMobi: FTC Consent Order, June 2016, Docket C-4530, involving covert WiFi-based geolocation concerns, child-privacy findings, a USD 950,000 penalty, and a 20-year compliance regime.
- SilverPush: FTC warning letters, March 2016, concerning ultrasonic audio-beacon technology and cross-device tracking through device microphones.
- MeitY question: the petition asks whether India opened any inquiry under IT Act Section 43A after these public foreign regulatory records.
ED audit fault
What was pursued, and what the petition says was missed.
| Record shows | Petitioner allegation | Why it matters |
|---|---|---|
| Money laundering arrests, attachments, LOCs, notices, and PMLA complaints. | Data was not treated as a separate proceed of crime to recover, destroy, or notify. | Money can be frozen; compromised identity can regenerate fraud. |
| Chinese alleged principals named in prosecution materials. | The legal bridge of Section 3(4) plus UNCAC Article 44 was not used. | Identifying an architect is not the same as bringing the architect into Indian proceedings. |
| Operational Indian arrests across digital loan and digital-arrest networks. | Workers were prosecuted while alleged architects and database custodians remained outside reach. | Root-cause deterrence depends on the architecture, not only the call centre. |
Primary sources
Court and root-cause source files.
The public-facing case study is backed by the uploaded source files. Readers can open the source record directly and compare this summary against the PDF trail.
Source PDF 1: WRIT_P_CRL_163_2026_REDACTED.pdf
Source PDF 2: Digital_Arrest_root_cause_REDACTED.pdf