Full statement for the record

Statement by the Inventor of DISHA

Published for journalists, researchers and media organisations. Cite with attribution: Nitish Kumar (@thenitishkr), inventor of DISHA Intelligence Architecture.

For twelve years, India perfected the machinery of identification. Governments changed programmes, expanded databases, launched platforms, linked identities, authenticated transactions, and produced an unprecedented volume of citizen data. Every year, the story presented to the public was largely the same: India was becoming more digital, more efficient, more connected, and more capable of reaching its citizens than at any other time in its history. I do not dispute that achievement. The records exist. The databases exist. The numbers exist. What I question is something far more fundamental. After all the counting, linking, authenticating, and recording, who was actually seen? The Constitution does not derive its legitimacy from data. It derives its legitimacy from the protection of citizens. A State may know everything about a citizen and still fail that citizen. That contradiction sits at the centre of my investigation.

Over the past several years, I have assembled a series of case files examining events that unfolded between 2013 and 2026. What began as a study of digital governance gradually became an examination of constitutional visibility. Again and again, I encountered the same pattern. The citizen appeared everywhere inside systems and nowhere inside outcomes. He was visible when identification was required. He was visible when authentication was required. He was visible when compliance was required. Yet when fraud occurred, when data was stolen, when extortion began, when financial exploitation took place, or when cybercriminals weaponized personal information against ordinary people, the citizen seemed to disappear into a maze of institutions, procedures, jurisdictions, and delayed accountability. The more records I examined, the more I realized that the issue was larger than any individual crime. The deeper issue was whether the citizen remained visible to the constitutional system after harm had already occurred.

Between 2016 and 2021, India witnessed the rapid growth of illegal loan-application ecosystems and associated data-harvesting networks that operated across jurisdictions and exploited technological vulnerabilities on a scale that many citizens are still struggling to understand. These were not merely financial frauds. They were information operations directed at human vulnerability. Contacts were harvested. Photographs were extracted. Messages were monitored. Identity documents were collected. Social relationships became leverage. Shame became a business model. Fear became an enforcement mechanism. Thousands of citizens reported harassment. Many reported psychological trauma. Some lost livelihoods. Some lost dignity. Some lost hope.

As years passed, the consequences evolved. What began as digital fraud expanded into a broader ecosystem of cyber-enabled coercion. Citizens reported increasingly sophisticated scams. Fake authority figures appeared through digital channels. Fraudsters exploited institutional symbols. In recent years, public discourse has adopted the phrase “digital arrest” to describe certain forms of these operations. Regardless of terminology, the underlying reality is that large numbers of citizens found themselves confronting highly organized criminal methods that exploited both technology and trust. These events were not isolated anomalies. They revealed structural weaknesses in how citizens are protected within an increasingly digital society.

Throughout this period, agencies of the Republic undertook investigations and enforcement actions. The Enforcement Directorate pursued money-laundering cases. The Central Bureau of Investigation investigated major frauds and organized criminal networks. State police forces conducted arrests and cybercrime operations. Financial intelligence systems monitored suspicious transactions. Yet while reviewing these developments, I found myself returning to a question that rarely appeared in official narratives. After the arrests, after the attachments, after the investigations, after the press releases—where was the actual person who suffered the harm? Where was the citizen caught up in this system?

The question may appear simple, but it is constitutional in nature. Modern governance increasingly measures success through numbers. Databases grow. Transactions increase. Digital adoption expands. New platforms are launched. Dashboards report progress. Yet constitutional democracies are not ultimately judged by the sophistication of their systems. They are judged by the condition of the people living within those systems. A citizen whose identity can be authenticated in seconds but whose suffering remains unresolved for years exposes a gap that cannot be measured through technological achievement alone. The existence of data is not evidence of protection. The existence of records is not evidence of justice. The existence of investigations is not evidence of recovery. A constitutional order must ask a harder question: when a citizen is harmed, can that citizen still be found?

This investigation therefore does not focus solely on cybercrime, loan applications, digital fraud, identity theft, biometric vulnerability, financial exploitation, or digital arrest. Those subjects matter, but they are symptoms of a larger condition. The deeper subject is institutional visibility. Who becomes visible to the State, and under what circumstances? Why is the citizen immediately visible when documentation is required but often difficult to locate when remedy is required? Why does accountability appear fragmented precisely where vulnerability appears concentrated? Why does technological capability sometimes advance faster than constitutional responsiveness? These are not questions directed at any single government, agency, or institution. They are questions directed at the architecture of governance itself.

The fourteen case files that form the basis of this work were assembled to document that architecture and its consequences. They examine patterns rather than isolated events. They reveal assumptions embedded in institutional practice, not just obvious failures. They look at how institutions have responded to harm, not merely documenting the harm itself. Supporting records, source materials, and evidentiary references are released throughout this archive. The fourteenth case file is intended for submission through appropriate constitutional channels. Its purpose is to place a concrete question before the institutions of the Republic: can a nation with unprecedented information about its citizens demonstrate an equal commitment to protecting them when harm occurs?

The title Era of Stupidity: Citizen Not Found (2013–2026) was chosen deliberately. It does not refer to a lack of intelligence, technology, expertise, or resources. It refers to a deeper failure: the failure to recognise that the most important unit in a constitutional democracy is neither the database nor the institution but the citizen. When systems become more visible than people, governance loses perspective. When compliance becomes easier than protection, governance loses balance. When data becomes easier to locate than justice, governance loses legitimacy.

The greatest challenge facing the digital age is not technological—it is constitutional. India has already demonstrated its capacity to build larger systems, collect more data, and process more transactions than almost any nation on earth. The real question is whether the citizen remains at the center of those systems: whether they remain visible after suffering harm, whether they can be recovered after exploitation, whether constitutional protections can keep pace with technological power. That is the question before India now.

The measure of a State is not how many citizens it can count. The measure of a State is how many citizens it refuses to lose. If a citizen can be identified everywhere yet protected nowhere, something essential has been misplaced. This work is an attempt to locate it.