Update, 29 April: While the Ministry of Electronics and Information Technology and the National Informatics Centre have not responded yet to our questions. At the time of writing the website of the Pegasus investigation committee has been restored to its original state. The depositions have the restored to the site, and the spam posts removed. Curiously, the Ministry and the NIC have also removed mentions to themselves from the website - a previous banner that stated that the Ministry is responsible for managing the website, and that the NIC built the website, is now no longer visible.
New Delhi— The website of the Supreme Court-ordered Pegasus investigation committee headed by former Supreme Court Judge Justice R V Raveendran has deleted depositions made to it and has started posting spam content.
This remains the case, despite deponents having approached Justice Raveendran and other members of the committee seeking an explanation.
At the time of writing, the committee’s website – www.pegasus-india-investigation.in – has a blank page titled 'Depositions of the Petitioners/Complainants’ Schedule.
This page, until at least November 26 2022, as per the Wayback Machine, had copies of the video recordings of thirteen depositions made to the committee.
The thirteen depositions were by N Ram (former editor-in-chief of The Hindu) and Sashi Menon (former chairperson of the Asian College of Journalism) John Brittas (Rajya Sabha MP from the CPI(M)), cybersecurity experts Anand Venkatanarayanan and Prof. Sandeep Shukla (of IIT Bombay), journalists Arvind Kumar, Rupesh Kumar, Ipsa Shatakshi, Siddharth Varadarajan (co-founder of The Wire), S N M Abdi, J Gopikrishnan (of The Pioneer), and Paranjoy Guha Thakurta, human rights expert David Kaye, and Association of Democratic Reforms’ founder Jagdeep Chhokar. The depositions can still be accessed through the Wayback Machine.
Meanwhile, at the time of writing, the front page of the website, which is titled “Order,” has a series of apparent spam posts under a box providing a copy of the Supreme Court’s order which set up the committee.
The posts, which are titled “Navigating the Crossroads: Online Casinos and Indian Investigation Agencies,” “जुआ और अनुसंधान,” “ऑनलाइन कैसीनो में संपत्ति का पता लगाने की जांच,” “Online casino games are useful for human memory and strategic thinking,” and “Mastering Online Casino Blackjack: Strategies for Success,” each lead to articles. None of the articles have any link to the Pegasus case. They first started appearing on the website between June and November 2023, per the Wayback Machine.
Each of the articles references either “Fresh Casino” or “Sol Casino” – both of which are online gambling websites operated by Galaktika NV, a company registered in Curaçao, which is a tiny island nation considered to be a tax haven in the Caribbean Sea.
There is no replica of the articles anywhere online. Despite multiple enquires, Decode did not receive a response on why these articles are on the website of an Indian committee.
Was the website hacked? The spokesperson of the Ministry of Electronics and Information Technology, which manages the content of the website did not respond to multiple questions Decode sent to them. The officials in the ministry in charge of the National Informatics Centre, which built the website, did not respond either.
There was no response from Justice Raveendran too.
Interestingly, similar content featuring the same “Fresh Casino” appeared at earlier points in time on various other Indian government websites as well. Though those websites are no longer online, their cached versions can be found. Here are examples from a website of the government of Rajasthan, and two websites of the government of Bihar.
The website’s domain registration data shows some surprising discrepancies. Decode looked at the Pegasus websites’ WHOIS data, that identifies the entity that registered a website’s domain name. This data shows that the domain name was created in March 2023, and updated in February 2024. The actual website, however, was created in 2021, when the Supreme Court ordered the committee to be formed. The entity that registered the domain cannot be identified, as it has used the Cloud Flare service to mask its identity. One element of its identity however, isn’t masked – the region it is based in. The “state/province” of the entity that registered the domain name is marked as “Chuiskaya Oblast” which is a province in northern Kyrgyzstan.
The Pegasus case is based on revelations made in a joint investigation published by a global collective of media organisations. That investigation had revealed that thousands of individuals all over the world may have had their mobile phones targeted for hacking using the Pegasus software suite, which is developed by Israel’s NSO Group.In India, 300 individuals were identified as possible targets. Petitions filed at the Supreme Court, seeking an investigation into these revelations, including by Ram, Menon, and Brittas, had led to the committee’s establishment.
The committee submitted its report to the Supreme Court in August 2022, and portions of the committee’s report were read out in court. The committee stated that it had found evidence of spyware in 5 of the 29 mobile phones that had been submitted to it for technical analysis, but could not ascertain whether the spyware was Pegasus, and noted that the Central government had not cooperated with the committee.
On that date, the then Chief Justice of India, N V Ramana had observed in court that the committee’s report may be uploaded to the court’s website after suitable redactions, but this remark did not make its way into the court’s order, and the report remains inaccessible to the public.
At present, the committee’s seemingly defaced and partly erased website remains the only public record of its proceedings.
The case is still pending a final verdict at the Supreme Court. There have been no hearings since the Court read out portions of the Raveendran committee's report on 25 August 2022.
Decode reached out to several of the deponents seeking their reactions and comments. Journalists Guha Thakurta, Varadarajan, and Gopikrishnan shared their views.
All three clarified that they had not received any word of their depositions being removed from the website until it was pointed out to them by third parties. Gopikrishnan said that he had reached out to the committee’s members and to Justice Raveendran himself and had received no response. “I was told by reporters who spoke to Justice Raveendran that the purpose of the website was over,” Gopikrishnan said.
They also added their disappointment that the committee’s report had not been made public yet and that the case had not moved forward.
“From time to time I have made inquiries with some of the advocates representing some of the petitioners. They said they had been unsuccessful in their efforts to get the court to list the case so that the Raveendran report and its implications – including its recording about (1) the presence of malware in some of the phones and (2) the total lack of cooperation of the Union government (clearly amounting to contempt of court, in my view) could be taken forward,” said Varadarajan.
“At least, the Supreme Court has to file the final report (of the committee) which was assured by CJI Ramana. The depositions and the committee’s technical findings etc, everything can be added with this file. They can add everything in the digital format and make it as an ever-permanent item. Until it's released, this website is the only thing we have. And now it is partially closed down. Somebody should approach [current CJI] DY Chandrachud on this,” said Gopikrishnan.
“The lawyers who have represented me are saying that we have to move an intervention application saying to the Supreme Court that it has not done anything on what Justice Ramana has said. That's where it stands. My lawyers are of the view that one must choose an appropriate time and they are not very sure what time would be appropriate,” said Guha Thakurta.
On the apparent spam appearing on the website, Varadarajan said “I think it is of a piece with the exertions of the Committee and of successive CJIs, beginning with NV Ramana, JJ. They do not seem interested in getting to the bottom of the illegal use of spyware for fear of embarrassing the Modi government.”
Guha Thakurta pointed out that the website has been developed by the National Informatics Center (NIC), which is an official organisation of the government of India. "If their website or if the information that the NIC has put out is tampered with or defaced, I can only urge the NIC to take action. I don't know whether their website has been hacked or not, if it has been hacked, they must intervene. And if an official website of the government of India is defaced, I think it's a very, very serious issue and the government of India must rectify the damage done and if required, reconstruct the website and put together everything all over again. I mean, after all, this is no ordinary website – this is the website of a committee that was set up by the Supreme Court of India, which is headed by a retired judge of the Supreme Court of India."
"How can the NIC turn a blind eye?" he asked.